| |
| |||||||
Log-Analyse und Auswertung: filelist.bat und windows versionWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.05.2010, 14:09
| #1 |
 |  filelist.bat und windows version Hallo Ich benütze Vista 64 und habe folgendes Problem: Wenn ich filelist.bat ausführe bekomme ich in filelist.txt folgende Meldung: not supported windows version ---------------------------------------- Microsoft Windows [Version 6.0.6002] Kennt jemand eine Lösung? Danke. |
|
17.05.2010, 18:37
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | filelist.bat und windows version Hallo und
__________________ Zitat:
Du musst was anderes als filelist.bat verwenden. Warum wieso und weshalb Du das machen willst, hast Du aber (noch) nicht verraten...
__________________ |
|
20.05.2010, 19:29
| #3 |
| | filelist.bat und windows version Hallo Arne
__________________Ich habe mich auf einer Downloadseite dazu verleiten lassen NoScirpt in Mozilla Firefox abzuschalten. Danach erhielt ich eine Meldung vom Antivirusprogramm, dass sshnas21.dll gefunden und gelöscht wurde. Beim Neustart kam dann aber die Meldung von rundll es könne sshnas21.dll nicht laden, was schon gut war. Habe dann nach Anleitung hier im Forum noch HijackThis ausgeführt und 04-HKCU\..\Run:[Canaveral] rundll32.exe C:\Windows\system32\sshnas21.dll, BackupREadW als whs. Auslöser gefunden und gefixt. Danach kam die Meldung nicht mehr. Wollte aber mit filelist.bat noch auf weitere mögliche Schädlinge überprüfen, es stellte sich aber heraus, dass offensichtlich Vista 64 nicht unterstützt wird. Jetzt stellt sich für mich die Frage ob ich es dabei bewenden lassen kann oder ob weitere Prüfungen notwendig sind. Danke für die Hilfe |
|
20.05.2010, 20:02
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | filelist.bat und windows version Dazu nehm ich schon lange kein Filelist mehr. Ich geh bei Schädlingsbefall im Forum meist so vor: Bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
21.05.2010, 10:11
| #5 |
| | filelist.bat und windows version Hier das Log von Malwarebytes Malwarebytes' Anti-Malware 1.46 Malwarebytes Datenbank Version: 4121 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18904 20.05.2010 21:46:21 mbam-log-2010-05-20 (21-46-21).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 131977 Laufzeit: 5 Minute(n), 17 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 3 Infizierte Registrierungswerte: 1 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 2 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\m5t8ql3yw3 (Trojan.FakeAlert) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully. |
|
21.05.2010, 10:20
| #6 |
| | filelist.bat und windows version Und hier das erste Log von OTL: Code:
ATTFilter OTL logfile created on: 21.05.2010 11:02:04 - Run 1 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Users\Emiliano Bona\Downloads 64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 8.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 68.00% Memory free 16.00 Gb Paging File | 13.00 Gb Available in Paging File | 83.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 833.86 Gb Total Space | 352.09 Gb Free Space | 42.22% Space Free | Partition Type: NTFS Drive D: | 2793.84 Gb Total Space | 902.50 Gb Free Space | 32.30% Space Free | Partition Type: NTFS Drive E: | 2048.00 Gb Total Space | 1001.14 Gb Free Space | 48.88% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: EMILIANOBONA-PC Current User Name: Emiliano Bona Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Emiliano Bona\Downloads\OTL.exe (OldTimer Tools) PRC - C:\PROGRA~2\FREEDO~1\fdm.exe (FreeDownloadManager.ORG) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Siber Systems) PRC - C:\Users\Emiliano Bona\AppData\Roaming\Dropbox\bin\Dropbox.exe () PRC - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) PRC - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) PRC - C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe () PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia) PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe (Symantec Corporation) PRC - C:\Program Files (x86)\Secunia\PSI\psi.exe (Secunia) PRC - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) PRC - C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe (Analog Devices, Inc.) PRC - C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) PRC - C:\Windows\SysWOW64\conime.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\WebPAMPRO\Agent\bin\bgasched.exe () PRC - C:\Program Files (x86)\WebPAMPRO\Agent\bin\swmgtd.exe () PRC - C:\Program Files (x86)\WebPAMPRO\Agent\bin\prevtlogd.exe () PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) PRC - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) PRC - C:\Program Files (x86)\ASUS\AASP\1.00.68\aaCenter.exe () PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.) PRC - C:\Program Files (x86)\WebPAMPRO\Agent\bin\slpd.exe () PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE () PRC - C:\Program Files (x86)\C-CHANNEL\PayPen\PayPen.exe (Anoto AB) PRC - C:\Program Files (x86)\C-CHANNEL\PayPen\CPenOCR.exe () PRC - C:\Program Files (x86)\C-CHANNEL\PayPen\CPenDesk.exe (Anoto AB) PRC - C:\PROGRA~2\WinTV\EPG Services\System\EPGService.exe (Hauppauge Computer Works) PRC - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe () PRC - C:\Windows\SysWOW64\PSIService.exe () PRC - C:\Program Files (x86)\WebPAMPRO\Agent\bin\cimserver.exe () PRC - C:\Program Files (x86)\WebPAMPRO\Server\tomcat\bin\tomcat5.exe (Apache Software Foundation) PRC - C:\PROGRA~2\Borland\INTERB~1\Bin\ibguard.exe (Inprise Corporation) PRC - C:\PROGRA~2\Borland\INTERB~1\Bin\ibserver.exe (Inprise Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Emiliano Bona\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (arXfrSvc) -- C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe (Microsoft Corporation) SRV:64bit: - (WHSConnector) -- C:\Program Files\Windows Home Server\WHSConnector.exe (Microsoft Corporation) SRV:64bit: - (esClient) -- C:\Program Files\Windows Home Server\esClient.exe (Microsoft Corporation) SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation) SRV:64bit: - (AEADIFilters) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation) SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation) SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation) SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation) SRV:64bit: - (LoClntService) -- C:\Program Files\Windows Home Server\LightsOutClientService.exe (AxoNet Software GmbH) SRV:64bit: - (O&O Defrag) -- C:\Windows\SysNative\oodag.exe (O&O Software GmbH) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (Fax) -- C:\Windows\SysNative\fxssvc.exe (Microsoft Corporation) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Professional Business 2010\RpcAgentSrv.exe (SiSoftware) SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe (Symantec Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (AODService) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe () SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (TwonkyMedia) -- C:\Program Files (x86)\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe (PacketVideo) SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (slpreg) -- C:\Program Files (x86)\WebPAMPRO\Agent\bin\slpreg.exe () SRV - (Promise Service Management) -- C:\Program Files (x86)\WebPAMPRO\Agent\bin\swmgtd.exe () SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (ufad-ws60) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe (VMware, Inc.) SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (Adobe Version Cue CS4) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated) SRV - (SLP) -- C:\Program Files (x86)\WebPAMPRO\Agent\bin\slpd.exe () SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE () SRV - (EPGService) -- C:\PROGRA~2\WinTV\EPG Services\System\EPGService.exe (Hauppauge Computer Works) SRV - (ProtexisLicensing) -- C:\Windows\SysWOW64\PSIService.exe () SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2006.11.02 15:34:14 | 000,000,000 | ---D | M] SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof () SRV - (VSS) -- C:\Windows\SysWOW64\wbem\vss.mof () SRV - (PegasusCIMOMAgent) -- C:\Program Files (x86)\WebPAMPRO\Agent\bin\cimserver.exe () SRV - (Tomcat) -- C:\Program Files (x86)\WebPAMPRO\Server\tomcat\bin\tomcat5.exe (Apache Software Foundation) ========== Driver Services (SafeList) ========== DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atipmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys (Nokia) DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys (Nokia) DRV:64bit: - (nmwcdnsux64) -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys (Nokia) DRV:64bit: - (nmwcdnsucx64) -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys (Nokia) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\DRIVERS\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys (Advanced Micro Devices Inc.) DRV:64bit: - (ccHP) -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\ccHPx64.sys (Symantec Corporation) DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\SRTSP64.SYS (Symantec Corporation) DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SYMEFA64.SYS (Symantec Corporation) DRV:64bit: - (BHDrvx64) -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\BHDrvx64.sys (Symantec Corporation) DRV:64bit: - (SYMTDI) -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\SYMTDI.SYS (Symantec Corporation) DRV:64bit: - (SYMFW) -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\SYMFW.SYS (Symantec Corporation) DRV:64bit: - (SYMNDISV) -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\SYMNDISV.SYS (Symantec Corporation) DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SRTSPX64.SYS (Symantec Corporation) DRV:64bit: - (SymIM) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys (Symantec Corporation) DRV:64bit: - (PSI) -- C:\Windows\SysNative\DRIVERS\psi_mf.sys (Secunia) DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys () DRV:64bit: - (fvevol) -- C:\Windows\SysNative\DRIVERS\fvevol.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation) DRV:64bit: - (timounter) -- C:\Windows\SysNative\DRIVERS\timntr.sys (Acronis) DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\DRIVERS\tifsfilt.sys (Acronis) DRV:64bit: - (snapman) -- C:\Windows\SysNative\DRIVERS\snapman.sys (Acronis) DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.) DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.) DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.) DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.) DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.) DRV:64bit: - (vmusb) -- C:\Windows\SysNative\Drivers\vmusb.sys (VMware, Inc.) DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\DRIVERS\vmnetbridge.sys (VMware, Inc.) DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\DRIVERS\vmnetadapter.sys (VMware, Inc.) DRV:64bit: - (UimBus) -- C:\Windows\SysNative\DRIVERS\uimx64.sys (Windows (R) 2000 DDK provider) DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\Drivers\LUsbFilt.Sys (Logitech, Inc.) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (L8042Kbd) -- C:\Windows\SysNative\DRIVERS\L8042Kbd.sys (Logitech, Inc.) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys (Nokia) DRV:64bit: - (hotcore3) -- C:\Windows\SysNative\DRIVERS\hotcore3.sys (Paragon Software Group) DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\DRIVERS\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\DRIVERS\wimfltr.sys (Microsoft Corporation) DRV:64bit: - (PayPen) -- C:\Windows\SysNative\Drivers\PayPen.sys () DRV:64bit: - (mv61xx) -- C:\Windows\SysNative\DRIVERS\mv61xx.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (HCW85BDA) -- C:\Windows\SysNative\drivers\HCW85BDA.sys (Hauppauge Computer Works) DRV:64bit: - (DSI_SiUSBXp_3_1) -- C:\Windows\SysNative\drivers\DSI_SiUSBXp_3_1.sys (Silicon Laboratories) DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\DRIVERS\NuidFltr.sys (Microsoft Corporation) DRV:64bit: - (Point64) -- C:\Windows\SysNative\DRIVERS\point64k.sys (Microsoft Corporation) DRV:64bit: - (Ser2pl) -- C:\Windows\SysNative\DRIVERS\ser2pl64.sys (Prolific Technology Inc.) DRV:64bit: - (CLBStor) -- C:\Windows\SysNative\DRIVERS\CLBStor.sys (Cyberlink Co.,Ltd.) DRV:64bit: - (CLBUDF) -- C:\Windows\SysNative\drivers\CLBUDF.sys (CyberLink Corporation.) DRV:64bit: - (PinnacleMarvinAVS) -- C:\Windows\SysNative\DRIVERS\MarvinAVS64.sys (Pinnacle a division of Avid Technology, Inc.) DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys () DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\DRIVERS\MarvinBus64.sys (Pinnacle Systems GmbH) DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100520.039\EX64.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100520.039\ENG64.SYS (Symantec Corporation) DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100513.002\IDSviA64.sys (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Professional Business 2010\WNt500x64\sandra.sys (SiSoftware) DRV - ({B154377D-700F-42cc-9474-23858FBDF4BD}) -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl (CyberLink Corp.) DRV - (CSC) -- C:\Windows\CSC [2009.02.10 21:44:46 | 000,000,000 | ---D | M] DRV - (vstor2-ws60) -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys (VMware, Inc.) DRV - (adfs) -- C:\Windows\SysWOW64\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (pendfu) PenDfu (pendfu.sys) -- C:\Windows\SysWOW64\drivers\pendfu.sys (Anoto AB) DRV - (WimFltr) -- C:\Programme\Windows Imaging\wimfltr.inf () DRV - (AsIO) -- C:\Windows\SysWOW64\drivers\AsIO.sys () DRV - ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) -- C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl (Cyberlink Corp.) DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof () DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof () DRV - (VD_FileDisk) -- C:\Windows\SysWOW64\drivers\vd_filedisk.sys (Flint Incorporation) DRV - (CLBUDF) -- C:\Windows\CLBUDF.tbl () DRV - (PCLEPCI) -- C:\Windows\SysWOW64\drivers\PCLEPCI.sys (Pinnacle Systems GmbH) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1F 6F 78 27 27 F4 CA 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4 FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.6.14 FF - prefs.js..extensions.enabledItems: locationbar2@design-noir.de:1.0.5 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.22 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.77 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26 FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.98 FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.11.14 20:13:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010.05.02 10:58:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.03.28 11:56:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.03 16:56:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.24 18:31:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.03.28 11:56:42 | 000,000,000 | ---D | M] [2009.04.04 20:39:58 | 000,000,000 | ---D | M] -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Extensions [2009.04.04 20:39:58 | 000,000,000 | ---D | M] -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2010.05.20 21:03:48 | 000,000,000 | ---D | M] -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions [2010.05.13 17:37:17 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010.05.02 12:26:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.05.20 21:03:43 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010.05.13 17:37:17 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2010.04.11 16:02:04 | 000,000,000 | ---D | M] -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions\DTToolbar@toolbarnet.com [2010.04.24 19:46:39 | 000,000,000 | ---D | M] -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions\foxmarks@kei.com [2010.03.07 16:06:19 | 000,000,000 | ---D | M] -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions\locationbar2@design-noir.de [2009.06.02 20:08:18 | 000,002,399 | ---- | M] () -- C:\Users\Emiliano Bona\AppData\Roaming\Mozilla\FireFox\Profiles\9lqntu9d.default\searchplugins\daemon-search.xml [2010.05.21 10:51:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010.04.24 18:31:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.01.24 13:32:21 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.24 13:32:21 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.24 13:32:21 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.24 13:32:21 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.24 13:32:21 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.05.24 18:43:05 | 000,292,466 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 10072 more lines... O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll (TechSmith Corporation) O2:64bit: - BHO: (BrowserHelper Class) - {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation) O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll () O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3:64bit: - HKLM\..\Toolbar: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation) O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll (Symantec Corporation) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [HPUsageTracking] File not found O4:64bit: - HKLM..\Run: [OODefragTray] C:\Windows\SysNative\oodtray.exe (O&O Software GmbH) O4:64bit: - HKLM..\Run: [PrnStatusMX] C:\Programme\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.) O4:64bit: - HKLM..\Run: [SoundMAX] C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe () O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia) O4 - HKLM..\Run: [PCLEPCI] C:\Programme\Pinnacle\PPE\PPE.exe (Pinnacle Systems GmbH) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems) O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found O4 - Startup: C:\Users\Emiliano Bona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Emiliano Bona\AppData\Roaming\Dropbox\bin\Dropbox.exe () O4 - Startup: C:\Users\Emiliano Bona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IBAffinity.lnk = C:\Programme\CT\CTStudio5\IBAffinity.bat File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: RF - Formular ausfüllen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8:64bit: - Extra context menu item: RF - Formular speichern - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O8:64bit: - Extra context menu item: RF - Menü anpassen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8:64bit: - Extra context menu item: RF - RoboForm-Leiste ein/aus - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: RF - Formular ausfüllen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8 - Extra context menu item: RF - Formular speichern - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O8 - Extra context menu item: RF - Menü anpassen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra 'Tools' menuitem : RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra Button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra 'Tools' menuitem : RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra 'Tools' menuitem : RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: maris.com ([www.redshift] http in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} hxxp://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab (HPSDDX Class) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll (Symantec Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img33.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img33.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis) O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysWow64\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{02ddab8d-f7ab-11dd-8584-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{02ddab8d-f7ab-11dd-8584-806e6f6e6963}\Shell\AutoRun\command - "" = Z:\tools\shelexec.exe html\index.htm -- File not found O33 - MountPoints2\{4186dc0c-f877-11dd-990b-0023544281ec}\Shell - "" = AutoRun O33 - MountPoints2\{4186dc0c-f877-11dd-990b-0023544281ec}\Shell\AutoRun\command - "" = X:\autorun.exe -- File not found O33 - MountPoints2\{490d10e1-faaf-11dd-b538-005056c00008}\Shell\AutoRun\command - "" = H:\PortableRoboForm.exe -- File not found O33 - MountPoints2\{490d10e1-faaf-11dd-b538-005056c00008}\Shell\RoboForm2Go\command - "" = H:\PortableRoboForm.exe -- File not found O33 - MountPoints2\{627fc0b2-f9f7-11dd-b128-005056c00008}\Shell\AutoRun\command - "" = G:\PortableRoboForm.exe -- File not found O33 - MountPoints2\{627fc0b2-f9f7-11dd-b128-005056c00008}\Shell\RoboForm2Go\command - "" = G:\PortableRoboForm.exe -- File not found O33 - MountPoints2\{e16115e9-4f9f-11de-8fec-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{e16115e9-4f9f-11de-8fec-005056c00008}\Shell\AutoRun\command - "" = F:\Welcome\Welcome.exe -- File not found O33 - MountPoints2\{e39c42b8-0ef2-11de-937c-005056c00008}\Shell\AutoRun\command - "" = PortableRoboForm.exe O33 - MountPoints2\{e39c42b8-0ef2-11de-937c-005056c00008}\Shell\RoboForm2Go\command - "" = PortableRoboForm.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (OODBS) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.05.20 21:38:12 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\AppData\Roaming\Malwarebytes [2010.05.20 21:38:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.05.20 21:38:01 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.05.20 21:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.05.20 21:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.05.16 14:29:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Altap Salamander 2.5 [2010.05.16 14:13:05 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\Desktop\avenger [2010.05.16 12:43:54 | 000,000,000 | ---D | C] -- C:\escan [2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\VDLL.DLL [2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\runouce.exe [2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe [2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE [2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe [2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe [2010.05.16 11:46:26 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll [2010.05.16 11:46:25 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll [2010.05.16 11:46:24 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe [2010.05.16 11:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MicroWorld [2010.05.16 11:46:19 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld [2010.05.14 19:51:46 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2010.05.14 19:13:42 | 000,038,456 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys [2010.05.14 19:06:22 | 000,000,000 | ---D | C] -- C:\Programme\Realtek [2010.05.14 19:05:51 | 001,814,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll [2010.05.14 19:05:51 | 001,631,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll [2010.05.14 19:05:51 | 000,525,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2010.05.14 19:05:51 | 000,369,864 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll [2010.05.14 19:05:51 | 000,307,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll [2010.05.14 19:05:51 | 000,307,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll [2010.05.14 19:05:51 | 000,231,328 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys [2010.05.14 19:05:51 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll [2010.05.14 19:05:51 | 000,095,432 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll [2010.05.14 19:05:51 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll [2010.05.14 19:05:51 | 000,068,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHCoInst64.dll [2010.05.14 19:05:48 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2010.05.14 19:03:34 | 000,419,840 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2010.05.14 19:03:34 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2010.05.14 19:03:34 | 000,133,632 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2010.05.14 19:03:34 | 000,110,592 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2010.05.14 19:03:33 | 001,503,232 | ---- | C] (Creative) -- C:\Windows\SysWow64\adi_oal.dll [2010.05.14 19:03:32 | 001,828,352 | ---- | C] (Creative) -- C:\Windows\SysNative\adi_oal.dll [2010.05.14 18:23:16 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\Documents\DriverGenius [2010.05.14 18:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft [2010.05.14 18:05:12 | 000,000,000 | ---D | C] -- C:\Studio Vista Installer [2010.05.14 14:17:40 | 000,000,000 | ---D | C] -- C:\Programme\Pinnacle [2010.05.14 14:16:38 | 000,014,564 | ---- | C] (Pinnacle Systems GmbH) -- C:\Windows\SysWow64\drivers\PCLEPCI.sys [2010.05.14 14:14:03 | 000,041,219 | ---- | C] (Pinnacle Systems) -- C:\Windows\SysWow64\RSETPATH.exe [2010.05.14 14:14:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle Systems [2010.05.13 17:39:28 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\AppData\Local\QuickPar [2010.05.13 17:38:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickPar [2010.05.13 17:05:01 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\AppData\Roaming\CommunicaEtor [2010.05.13 17:02:43 | 000,000,000 | ---D | C] -- C:\ProgramData\CommunicaEtor [2010.05.09 15:14:38 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\Documents\CPR [2010.04.25 12:46:35 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\AppData\Roaming\DivX [2010.04.25 12:46:28 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\AppData\Local\Pinnacle [2010.04.25 12:46:25 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\Documents\Pinnacle Studio [2010.04.25 12:44:11 | 000,484,736 | ---- | C] (Pinnacle a division of Avid Technology, Inc.) -- C:\Windows\SysNative\drivers\MarvinAVS64.sys [2010.04.25 12:44:11 | 000,200,704 | ---- | C] (Pinnacle Systems) -- C:\Windows\SysWow64\MarvinUsb.ax [2010.04.25 12:44:11 | 000,070,656 | ---- | C] (Pinnacle Systems) -- C:\Windows\SysNative\PCLECoInst64.dll [2010.04.25 12:44:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pinnacle [2010.04.25 12:42:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle Studio Ultimate Collection [2010.04.25 12:41:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Projects [2010.04.25 12:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Yahoo! [2010.04.25 12:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Studio 14 [2010.04.25 12:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle Studio Plus [2010.04.25 12:40:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle [2010.04.25 12:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle [2010.04.25 12:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pegasus Imaging [2010.04.24 18:31:30 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010.04.24 18:31:30 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.04.24 18:31:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.04.24 18:31:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Users\Emiliano Bona\*.tmp files -> C:\Users\Emiliano Bona\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.05.21 11:06:26 | 004,718,592 | ---- | M] () -- C:\Users\Emiliano Bona\NTUSER.DAT [2010.05.21 10:58:04 | 001,692,200 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.05.21 10:58:04 | 000,718,752 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.05.21 10:58:04 | 000,674,356 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.05.21 10:58:04 | 000,165,424 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.05.21 10:58:04 | 000,136,806 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.05.21 10:55:06 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2010.05.21 10:54:14 | 000,000,454 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2D8B0EC7-EF9B-402F-BE31-F071A79F092F}.job [2010.05.21 10:50:50 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.05.21 10:50:33 | 000,003,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.05.21 10:50:33 | 000,003,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.05.21 10:50:21 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.05.21 10:50:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.05.21 10:49:47 | 000,219,644 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor [2010.05.20 22:58:20 | 000,524,288 | -HS- | M] () -- C:\Users\Emiliano Bona\NTUSER.DAT{509615dd-600b-11df-930e-005056c00008}.TMContainer00000000000000000001.regtrans-ms [2010.05.20 22:58:20 | 000,065,536 | -HS- | M] () -- C:\Users\Emiliano Bona\NTUSER.DAT{509615dd-600b-11df-930e-005056c00008}.TM.blf [2010.05.20 22:58:12 | 003,610,456 | -H-- | M] () -- C:\Users\Emiliano Bona\AppData\Local\IconCache.db [2010.05.20 22:28:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.05.20 21:38:05 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.05.16 14:33:21 | 000,000,600 | ---- | M] () -- C:\Users\Emiliano Bona\AppData\Roaming\winscp.rnd [2010.05.16 14:29:32 | 000,000,876 | ---- | M] () -- C:\Users\Public\Desktop\Salamander 2.52.lnk [2010.05.16 14:07:38 | 000,146,944 | ---- | M] () -- C:\Users\Emiliano Bona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.05.16 12:43:44 | 000,191,647 | ---- | M] () -- C:\Users\Emiliano Bona\Documents\pinfect.zip [2010.05.16 11:49:43 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx [2010.05.16 11:46:25 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll [2010.05.16 11:46:24 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll [2010.05.16 11:46:23 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe [2010.05.16 09:28:45 | 003,129,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.05.15 17:09:50 | 000,524,288 | -HS- | M] () -- C:\Users\Emiliano Bona\NTUSER.DAT{509615dd-600b-11df-930e-005056c00008}.TMContainer00000000000000000002.regtrans-ms [2010.05.15 13:37:30 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI [2010.05.15 12:58:36 | 000,524,288 | -HS- | M] () -- C:\Users\Emiliano Bona\NTUSER.DAT{cd363b38-f2f8-11de-9f8c-005056c00008}.TMContainer00000000000000000001.regtrans-ms [2010.05.15 12:58:36 | 000,065,536 | -HS- | M] () -- C:\Users\Emiliano Bona\NTUSER.DAT{cd363b38-f2f8-11de-9f8c-005056c00008}.TM.blf [2010.05.15 12:36:05 | 000,020,460 | ---- | M] () -- C:\Users\Emiliano Bona\Documents\cc_20100515_123559.reg [2010.05.15 12:32:47 | 000,001,724 | ---- | M] () -- C:\Users\Emiliano Bona\Desktop\CCleaner.lnk [2010.05.14 21:01:56 | 000,153,928 | ---- | M] () -- C:\Users\Emiliano Bona\AppData\Local\GDIPFONTCACHEV1.DAT [2010.05.14 21:01:34 | 001,697,752 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.05.14 21:01:15 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Player.lnk [2010.05.14 19:05:51 | 000,525,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2010.05.14 19:03:34 | 000,419,840 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2010.05.14 19:03:34 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2010.05.14 19:03:34 | 000,133,632 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2010.05.14 19:03:34 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2010.05.14 18:21:06 | 000,000,946 | ---- | M] () -- C:\Users\Emiliano Bona\Desktop\Driver Genius Professional Edition.lnk [2010.05.09 15:48:56 | 018,499,623 | ---- | M] () -- C:\Users\Emiliano Bona\Documents\vlc-1.0.5-win32.exe [2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.04.29 12:19:14 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.04.25 12:41:39 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Pinnacle Studio 14.lnk [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Users\Emiliano Bona\*.tmp files -> C:\Users\Emiliano Bona\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.05.20 21:38:05 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.05.16 14:40:00 | 000,002,270 | ---- | C] () -- C:\Users\Emiliano Bona\Desktop\filelist.bat [2010.05.16 14:33:21 | 000,000,600 | ---- | C] () -- C:\Users\Emiliano Bona\AppData\Roaming\winscp.rnd [2010.05.16 14:29:32 | 000,000,876 | ---- | C] () -- C:\Users\Public\Desktop\Salamander 2.52.lnk [2010.05.16 12:43:44 | 000,191,647 | ---- | C] () -- C:\Users\Emiliano Bona\Documents\pinfect.zip [2010.05.16 11:46:45 | 000,000,054 | ---- | C] () -- C:\Windows\Lic.xxx [2010.05.16 11:46:24 | 000,000,522 | ---- | C] () -- C:\Windows\SysWow64\Microsoft.VC80.CRT.manifest [2010.05.15 13:01:20 | 000,524,288 | -HS- | C] () -- C:\Users\Emiliano Bona\NTUSER.DAT{509615dd-600b-11df-930e-005056c00008}.TMContainer00000000000000000002.regtrans-ms [2010.05.15 13:01:20 | 000,524,288 | -HS- | C] () -- C:\Users\Emiliano Bona\NTUSER.DAT{509615dd-600b-11df-930e-005056c00008}.TMContainer00000000000000000001.regtrans-ms [2010.05.15 13:01:20 | 000,065,536 | -HS- | C] () -- C:\Users\Emiliano Bona\NTUSER.DAT{509615dd-600b-11df-930e-005056c00008}.TM.blf [2010.05.15 12:36:03 | 000,020,460 | ---- | C] () -- C:\Users\Emiliano Bona\Documents\cc_20100515_123559.reg [2010.05.14 21:01:15 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Player.lnk [2010.05.14 18:21:06 | 000,000,946 | ---- | C] () -- C:\Users\Emiliano Bona\Desktop\Driver Genius Professional Edition.lnk [2010.05.09 15:48:22 | 018,499,623 | ---- | C] () -- C:\Users\Emiliano Bona\Documents\vlc-1.0.5-win32.exe [2010.04.25 12:41:39 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Pinnacle Studio 14.lnk [2010.04.25 12:37:23 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI [2009.05.29 20:40:11 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.05.29 20:39:45 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009.05.19 19:55:06 | 000,000,000 | ---- | C] () -- C:\Windows\oodcnt.INI [2009.03.15 22:17:00 | 000,000,240 | ---- | C] () -- C:\Windows\CCPen200.ini [2009.03.04 07:59:42 | 000,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2009.03.04 07:59:40 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2009.03.04 07:59:40 | 002,255,360 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll [2009.03.04 07:59:40 | 000,795,648 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2009.03.04 07:59:40 | 000,130,048 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2009.03.04 07:59:38 | 000,067,584 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009.03.04 07:59:38 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest [2009.02.18 18:47:05 | 003,076,141 | ---- | C] () -- C:\Windows\SysWow64\msowc.dll [2009.02.12 20:29:45 | 001,697,752 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009.02.11 21:36:51 | 000,000,008 | RHS- | C] () -- C:\Windows\SysWow64\3C03C601C5.sys [2009.02.11 21:36:50 | 000,002,828 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys [2009.02.11 21:26:37 | 000,000,396 | ---- | C] () -- C:\Windows\lgfwup.ini [2009.02.11 17:15:56 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.INI [2009.02.11 17:15:15 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI [2009.02.11 17:15:14 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\hcwChDB.dll [2009.02.11 17:15:14 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\dmcrypto.dll [2009.02.11 17:14:38 | 000,003,769 | ---- | C] () -- C:\Windows\HCWPNP.INI [2009.02.11 14:42:08 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll [2009.02.11 14:42:08 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2009.02.11 14:42:06 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2009.02.11 14:42:06 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2009.02.10 22:01:15 | 000,033,160 | ---- | C] () -- C:\Windows\Ascd_log.ini [2009.02.10 22:00:49 | 000,032,179 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2008.02.07 10:05:18 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\hppatusg01.dll [2008.01.21 04:49:10 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2007.12.28 09:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2001.08.29 15:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\SysWow64\DK2WIN32.DLL ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:DB849A154DA21BC9 @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:CB0AACC9 < End of report > |
|
21.05.2010, 10:21
| #7 |
| | filelist.bat und windows version Und hier das zweite Log von OTL: Code:
ATTFilter OTL Extras logfile created on: 21.05.2010 11:02:04 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Users\Emiliano Bona\Downloads
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
8.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 68.00% Memory free
16.00 Gb Paging File | 13.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 833.86 Gb Total Space | 352.09 Gb Free Space | 42.22% Space Free | Partition Type: NTFS
Drive D: | 2793.84 Gb Total Space | 902.50 Gb Free Space | 32.30% Space Free | Partition Type: NTFS
Drive E: | 2048.00 Gb Total Space | 1001.14 Gb Free Space | 48.88% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EMILIANOBONA-PC
Current User Name: Emiliano Bona
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = C2 FE 8D 6A DC 5B C8 01 [binary data]
"VistaSp2" = 3B F6 80 5C 91 E0 C9 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 0
"UacDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{033B7AD4-20F6-4AC0-BF54-353468DB32F9}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{2499DFC3-590C-4ED3-AF7D-6941CB39F02C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2CF0FAA2-26F6-434B-A9CC-0D836B7ADB5C}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2009.sp2\wnt500x64\rpcsandrasrv.exe |
"{2D40C7F9-B3F8-4897-B62D-58151A7B02CB}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2010\wnt500x64\rpcsandrasrv.exe |
"{3CE8553C-6FA9-4770-BFD3-A060B3563692}" = lport=9050 | protocol=6 | dir=in | name=tomcateventlisten |
"{404CDB32-37F7-4CBC-BC19-22DFD8CD4CF1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{454453B4-26B2-442C-BBCE-CA26144EF3DC}" = lport=161 | protocol=17 | dir=in | name=snmpagent |
"{4EB90740-6BB2-4A3F-BABD-65B5A4515D4D}" = lport=8443 | protocol=6 | dir=in | name=tomcatwithnonssl |
"{56B9C356-BD9D-4358-B224-017A8E4E6CCF}" = lport=5988 | protocol=6 | dir=in | name=cimserver |
"{5959D97D-DE78-4998-A3C8-4EEC94281619}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{5F4AA986-E402-45D0-A9F3-0C604B472088}" = rport=445 | protocol=6 | dir=out | app=system |
"{69F43F3A-3708-4AD8-B18D-89E23726DAAF}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2009.sp2\wnt500x64\rpcsandrasrv.exe |
"{8111B462-8EAE-409A-B87A-6251AC369793}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{8D6DC33A-23CA-4FE1-A30A-E9E39CBF92BA}" = rport=139 | protocol=6 | dir=out | app=system |
"{9B2AD83E-D558-4DF9-8A5B-5268E557CC65}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2010\wnt500x64\rpcsandrasrv.exe |
"{B2876513-60B5-4124-95CD-B4BCD4FA2CC8}" = rport=138 | protocol=17 | dir=out | app=system |
"{B2E91030-3CBD-4DAD-A8C1-099D8D1E1F84}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{B57BEB94-1308-442A-B42A-2C53EADFBA22}" = lport=445 | protocol=6 | dir=in | app=system |
"{B6EFD90C-4396-4047-9F77-AD5829B003C9}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2010\rpcagentsrv.exe |
"{BFC50727-42CC-4433-9D50-5FFA10C032E0}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{CA7CBD54-1277-4FC6-B258-ADAA24929BD6}" = lport=139 | protocol=6 | dir=in | app=system |
"{CFF47B21-CBC1-4D6B-8B9A-AA38DF875983}" = lport=138 | protocol=17 | dir=in | app=system |
"{D189A133-921B-4680-812B-A7186CA1985D}" = lport=137 | protocol=17 | dir=in | app=system |
"{D30D7A08-0864-495A-963C-DB741D48AEA9}" = lport=162 | protocol=17 | dir=in | name=snmptrap |
"{D3141D24-90BB-4826-A121-B1FA4925922E}" = lport=8080 | protocol=6 | dir=in | name=tomcatwithssl |
"{D97F7DDB-1C8C-40A6-A36B-19D18558EF26}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{FB2C712D-D5E5-4078-B5D5-270A0A12B5F2}" = rport=137 | protocol=17 | dir=out | app=system |
"{FF19BDA6-E54D-436D-AF39-C8D90A7EBE46}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2009.sp2\wnt500x64\rpcsandrasrv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FC905E-9D9E-473F-9C86-58E1F09AC0F9}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe |
"{0938FB80-4144-49EB-8143-2367E19CAFA9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{0E0E99B0-0E34-494A-AA48-D20AFF8E45F6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{10500176-15FF-4E16-9D8B-13BF0DED2F4C}" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia home media server\media server\twonkymedia.exe |
"{14870B34-3A12-49BB-8DA9-15010F2192DD}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{1AD8C4DD-6760-4A92-AD46-B7032DF576A1}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2010\rpcagentsrv.exe |
"{1BC9BE2D-8719-4CF7-8512-4AF2BF2D32A8}" = protocol=17 | dir=in | app=c:\users\emiliano bona\appdata\roaming\dropbox\bin\dropbox.exe |
"{22CFB5F8-C500-4F54-9639-4CD6DE79E5B1}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{24AD2B17-607F-4476-B823-144FAA6C4D1B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{2596669B-F273-449A-8010-6BC583F8E211}" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia home media server\media server\twonkymediaserver.exe |
"{342FA2F1-A5D9-45F4-AABD-C9CAB90040C6}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe |
"{3E816378-1B6C-48B7-BB29-6DD28A4C200E}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe |
"{4226D051-ACC3-400E-B711-2B7BB45A76A8}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{4B9BA759-2ECA-450E-B150-18007B706CE1}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe |
"{57D93AEF-9296-4E67-94B8-CF79F4007A85}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{5A484808-9A3E-40D3-81E2-D09982D7FD83}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5C4BC674-9591-49DF-BAA7-6F0640A2F6CF}" = protocol=6 | dir=in | app=c:\users\emiliano bona\appdata\roaming\dropbox\bin\dropbox.exe |
"{604584FD-E394-4648-91EA-E27FA45639A9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd\powerdvd.exe |
"{6F2D2924-B38D-48D4-B14E-7F282E6232ED}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\media manager for walkman\mediamanager.exe |
"{6F502DD5-5562-42F6-AAE9-E9647C9A7970}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7504DD6C-B80A-4424-A349-E00CA7B3B699}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{79ECECAD-4682-4D75-BF42-8B00D5E045D1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7B7A6FF6-8C28-410F-A7EE-36B93EE7FF9F}" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{99A18DA1-70B2-485B-9D09-FBA58AAAC1F4}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe |
"{A3A5B8E1-BAC6-4791-B1EC-2C88319A85C4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{A4AAB2E6-A437-4443-9ADA-F5B63F9647DF}" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{A7BD2387-11C1-4D17-B789-59075474B4B2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A9C38690-6EE0-4BF6-BBB0-477B7D4A0B47}" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia home media server\media server\twonkymedia.exe |
"{BF761C94-0CF4-4A64-B318-3A34089B5FC6}" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia home media server\media server\twonkymediaserver.exe |
"{D680251A-FFDE-4656-B280-3E72E015FDA9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{DFB75267-D36B-4F61-882B-65740F22CC9B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E29C75DC-C0AA-484F-AC65-3D39D9F46C59}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd8\powerdvd8.exe |
"{E3F255EA-6090-4029-B6B8-E5149A4CA565}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\media manager for walkman\mediamanager.exe |
"{E41C8873-825F-4F6A-A3B0-AE0BA3669F15}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{EAC7E249-F7CF-4F7C-9656-E4B44B69E131}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2010\wnt500x64\rpcsandrasrv.exe |
"{EEEE2B01-F98A-47FD-BFAC-F2771D72323B}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2010\wnt500x64\rpcsandrasrv.exe |
"{F4615758-E668-40E0-BC43-4CD7C90048C1}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe |
"{F776FB89-27B9-4F74-87F7-6AD067227034}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04C43AE1-5B72-487F-AC6C-6BC1AA19FE03}" = Microsoft IntelliPoint 6.2
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{087BEB30-5324-4615-A097-51DB44EC5B71}" = O&O Defrag Professional Edition
"{0D90AEC3-477D-6845-FD8E-8E75BEADB0F6}" = ATI Catalyst Install Manager
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4808" = CanoScan 5600F Scanner Driver
"{21E49794-7C13-4E84-8659-55BD378267D5}" = Windows Home Server-Connector
"{23F108F0-BD12-A639-8C6E-BB1F7AF736C1}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86416019FF}" = Java(TM) 6 Update 19 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2BF53A9A-EC11-4429-B29D-19A9276092EF}" = HP LaserJet Toolbox
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{31E8F586-4EF7-4500-844D-BA8756474FF1}" = Windows Automated Installation Kit
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{54360A73-B080-4A69-BFD4-53C190DD3AB0}" = HP Color LaserJet CP1210 Series
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{67DB4BFC-02AA-4806-B3CF-9840F29C92FA}" = Microsoft IntelliType Pro 6.2
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{692F4201-AB4C-4795-9F42-123F0601F8B7}" = LightsOut Client
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Treiber
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{982B2A0F-7679-41D6-A584-C8E735F4A8CD}" = Windows Home Server Toolkit 1.1
"{9A945B7E-4F69-4DDA-B14B-E4DE8446A010}" = MrvlUsgTracking64
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{AA45E50C-1447-48CD-9B49-61B82ED1F95C}" = Adobe Photoshop Lightroom 2.3 64-bit
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Professional Business 2010
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1EF69B7-7A97-40FC-9AF1-6D6656FF874F}" = ATI AVIVO64 Codecs
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D8CA28C4-54E8-454B-BD74-8EC4B97EA908}" = O&O Defrag Agent
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{F2981339-823E-4C62-9C6F-6733BAEE9EF5}" = Paragon Hard Disk Manager™ 2009 Suite
"{F323676A-B911-4B57-827F-32D02DCD4971}" = HP Color LaserJet CP1210 Series Toolbox
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.4)
"B0FFC364CE14DAFAFC484A60C2BB7758BC842A8F" = Windows-Treiberpaket - Anoto AB (PayPen) Input Pen (09/28/2007 2.0.0.0)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"HP Color LaserJet CP1210 Series" = HP Color LaserJet CP1210 Series
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v2.1.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"UltSounds" = Windows-Soundschemas
"UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0256757A-61E3-4595-9F2E-C9DAAB12410D}" = Redshift 7 Premium
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{0EEB3C40-2A8C-4045-B3F9-13C4A5C490C0}" = Nokia Home Media Server
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{158DC053-8BFA-4991-9B85-7AC5F7CA60A0}" = Diet + Exercise Assistant Desktop
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Hi-Def Suite
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 20
"{280ED870-1DF3-4574-A679-E2C4A8163249}_is1" = Registry System Wizard
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{36D8A747-3FC1-121F-6C92-2F79A9B3172D}" = Catalyst Control Center Graphics Full New
"{36FBFDA5-E422-4C01-BA7C-C067E8ACFD90}" = SmartList To Go
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D654496-9C3D-4565-858C-3E551ECDA4E2}" = Virtual Cable Tester
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E5A81BA-4702-490A-B729-0BFF6E7CBF96}" = Pinnacle PCI Performance Enhancer
"{3ED07A82-39A8-4D1A-BB36-23FCABD2AC9A}" = Acronis*True*Image*Echo Workstation
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{408FA92C-0766-48A1-8055-D6DFD27B7C2B}" = C-CHANNEL OnlineUpdate
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45395DE8-0081-437E-AD65-05DDD592559C}" = Garmin ANT Agent 2.2.1
"{45D4F727-43B5-49CD-B474-B9866A8F4FB8}" = Nokia Map Loader
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49F2D7DE-0EEE-4411-8283-16BAAECF2079}" = Media Manager for WALKMAN 1.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{4FFD1AB4-54F0-4069-88D9-3A55B38F874B}" = Nokia Ovi Suite Software Updater
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{51DEA889-E4BB-451B-B830-D94FF1C9293C}" = Beyond Contacts
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{60DED9C2-22BF-47A3-B6C8-6B141BA31DFD}" = Ovi Desktop Sync Engine
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{71F17309-007D-43F9-9313-DBFBA5FCB3B3}" = LightScribe Optical Disc Kit
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{77C499C8-AB66-11D5-BFC3-0050DADD1B5E}" = C-CHANNEL e-banking (PAYMAKER / NetBanking)
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7CF7C4D5-D30C-4ABA-A287-369B043087E8}" = Acronis*Universal*Restore for Acronis*True*Image*Echo*Workstation
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89D16846-7491-A3C3-89D9-006906602FA2}" = Catalyst Control Center Graphics Previews Common
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8CD52C41-69B2-4DE6-BFA0-E82FABE5E056}" = PayPen
"{8CDCDD72-388E-0A2A-4847-873C448033EA}" = Catalyst Control Center Graphics Previews Vista
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{99B58235-E533-44CD-A099-F1A4BC50A6F0}" = ODF Add-In für Microsoft Office
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9C09E3A4-850A-40B2-B94F-EBFB5349C238}" = hppusgCP1215
"{9c0f988f-f58b-4693-8903-0608067ea77a}" = Nero 9
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{A0494B41-EBD7-4C0D-91B7-DC39741B27BB}" = Express Gate
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.2 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = PowerBackup
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B095B0A4-50A5-46D7-9988-D038FEB040C0}" = Adobe Encore CS4 Library
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D0276D85-660F-49AA-9574-64E83FBC0930}" = WebPAMPRO
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{D831211C-EE0F-43E3-9F8C-E4832B34C18A}_is1" = M-DVD.Org V2 - "Ver. 2.5 Update"
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DA21FD3F-B753-4C72-9B0B-A34CA2271E51}" = C-CHANNEL SwissMoney
"{DC3F66CA-9DFD-41EA-9D9E-FD86F1446A3D}" = Catalyst Control Center Core Implementation
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}" = Nokia Ovi Suite
"{E25BEA72-89F8-121D-5481-0347B9446673}" = ccc-core-static
"{E288FAEB-D102-0ACA-DF6A-9BD3C90FA08B}" = Catalyst Control Center HydraVision Full
"{E2FB1C9E-00C1-467E-BA75-E3FC6C4ACB3F}" = Pinnacle USB device drivers 2
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E4D35928-2C24-A87E-8240-CC7E25548F52}" = Catalyst Control Center Graphics Full Existing
"{E76CDA48-6FB1-49C5-0769-7B9444664056}" = Catalyst Control Center Graphics Light
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EB0F4554-AD4F-4C8C-9764-66AC2CF8D184}" = AMD OverDrive
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F20A984B-9B30-4A9E-A3AC-918AF0D85A48}" = Snagit 9.1.1
"{F2D45137-7631-4824-B285-52742329DE4B}" = Documents To Go
"{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}" = Microsoft WSE 2.0 SP3 Runtime
"{F5E0B89C-AABA-639D-B6F5-C3FB085FB120}" = CCC Help English
"{F600CCF3-9C88-4A22-B0B4-DDA82E997118}" = Adobe After Effects CS4 Template Projects & Footage
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FD6034A3-655C-49F0-B496-D4CBFD74D7A7}" = Palm Desktop by ACCESS
"{FF03F4E5-3269-459B-A5F3-DC0D7B2561FB}" = PayPen
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_14cffbe014b566bef9e9125ea146ab9" = Adobe Creative Suite 4 Master Collection
"aEton CommunicaEor" = aEton CommunicaEor
"Altap Salamander 2.52" = Altap Salamander 2.52
"ASAS Client V3" = ASAS Client V3
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CrystalDiskInfo_is1" = CrystalDiskInfo 3.3.0
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EXPERTool ATI_is1" = EXPERTool ATI 4.1
"Free Download Manager_is1" = Free Download Manager 3.0
"Google Updater" = Google Updater
"Hauppauge German Help Files and Resources" = Hauppauge German Help Files and Resources
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV DVB-T EPG Service" = Hauppauge WinTV DVB-T EPG Service
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"HijackThis" = HijackThis 2.0.2
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5 SE
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{D0276D85-660F-49AA-9574-64E83FBC0930}" = WebPAMPRO
"InterBase 6 Client Open Edition - 6.0.1.6" = InterBase 6 Client Open Edition - 6.0.1.6
"InterBase 6 Open Edition - 6.0.1.6" = InterBase 6 Open Edition - 6.0.1.6
"JAFSetup" = JAF Setup
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.7.0
"LHTTSENG" = L&H TTS3000 British English
"LHTTSFRF" = L&H TTS3000 Français
"LHTTSGED" = L&H TTS3000 Deutsch
"LHTTSITI" = L&H TTS3000 Italiano
"LightsOut Client" = LightsOut Client
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"MediaMonkey_is1" = MediaMonkey 3.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"N360" = Norton 360
"Nero - Burning Rom!UninstallKey" = Nero 6 Demo
"Nokia Maps Updater_is1" = Nokia Maps Updater 1.0.10
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"QuickPar" = QuickPar 0.9
"ratDVD" = ratDVD 0.78.1444
"Revo Uninstaller" = Revo Uninstaller 1.85
"Secunia PSI" = Secunia PSI
"TC UP" = Total Commander Ultima Prime 4.6.0.0
"TeraCopy_is1" = TeraCopy 1.22
"TomTom HOME" = TomTom HOME 2.7.3.1894
"TweakNow PowerPack Professional_is1" = TweakNow PowerPack Professional
"TwonkyvisionUPnPTwonkyMedia" = TwonkyMedia
"UnityWebPlayer" = Unity Web Player
"VLC media player" = VLC media player 1.0.2
"vLite_is1" = vLite
"WinRAR archiver" = WinRAR
"XMedia Recode" = XMedia Recode 2.1.1.1
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AI RoboForm" = AI RoboForm
"Dropbox" = Dropbox
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.05.2010 09:20:08 | Computer Name = EmilianoBona-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.05.2010 09:20:14 | Computer Name = EmilianoBona-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Error - 16.05.2010 09:20:14 | Computer Name = EmilianoBona-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Error - 20.05.2010 14:06:27 | Computer Name = EmilianoBona-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.05.2010 14:10:30 | Computer Name = EmilianoBona-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Error - 20.05.2010 15:03:45 | Computer Name = EmilianoBona-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 20.05.2010 16:36:20 | Computer Name = EmilianoBona-PC | Source = Application Hang | ID = 1002
Description = Programm SpybotSD.exe, Version 1.6.2.46 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 1bec Anfangszeit: 01caf85bf625b860 Zeitpunkt der Beendigung:
6
Error - 21.05.2010 04:52:16 | Computer Name = EmilianoBona-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.05.2010 04:55:52 | Computer Name = EmilianoBona-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Error - 21.05.2010 04:55:52 | Computer Name = EmilianoBona-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
[ OSession Events ]
Error - 11.05.2009 14:20:36 | Computer Name = EmilianoBona-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 20.05.2010 14:04:31 | Computer Name = EmilianoBona-PC | Source = netbt | ID = 4321
Description = Der Name "EMILIANOBONA-PC:0" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.178.27 registriert werden. Der Computer mit IP-Adresse 192.168.178.33
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 20.05.2010 14:04:41 | Computer Name = EmilianoBona-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{CABE3416-4061-483F-950A-8C7A12DFCFE8} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 20.05.2010 14:04:41 | Computer Name = EmilianoBona-PC | Source = netbt | ID = 4321
Description = Der Name "EMILIANOBONA-PC:20" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.178.27 registriert werden. Der Computer mit IP-Adresse 192.168.178.33
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 20.05.2010 14:06:51 | Computer Name = EmilianoBona-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 20.05.2010 14:08:41 | Computer Name = EmilianoBona-PC | Source = DCOM | ID = 10005
Description =
Error - 20.05.2010 14:08:41 | Computer Name = EmilianoBona-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 20.05.2010 14:10:14 | Computer Name = EmilianoBona-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 21.05.2010 04:49:39 | Computer Name = EmilianoBona-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\VD_FileDisk.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 21.05.2010 04:49:39 | Computer Name = EmilianoBona-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\pclepci.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 21.05.2010 04:52:22 | Computer Name = EmilianoBona-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
|
|
21.05.2010, 11:49
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | filelist.bat und windows version Ich wollte eigentlich einen Vollscan mit Malwarebytes sehen...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.05.2010, 16:20
| #9 |
| | filelist.bat und windows version Sorry, hier der neue Versuch mit Malwarebytes Malwarebytes' Anti-Malware 1.46 Malwarebytes Datenbank Version: 4121 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18904 21.05.2010 16:58:46 mbam-log-2010-05-21 (16-58-46).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 414338 Laufzeit: 1 Stunde(n), 10 Minute(n), 9 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
21.05.2010, 16:21
| #10 |
| | filelist.bat und windows version Hier das erste Log von OTL: Code:
ATTFilter OTL logfile created on: 21.05.2010 17:14:33 - Run 2 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Users\Emiliano Bona\Downloads 64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 8.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 59.00% Memory free 16.00 Gb Paging File | 13.00 Gb Available in Paging File | 79.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 833.86 Gb Total Space | 351.90 Gb Free Space | 42.20% Space Free | Partition Type: NTFS Drive D: | 2793.84 Gb Total Space | 902.50 Gb Free Space | 32.30% Space Free | Partition Type: NTFS Drive E: | 2048.00 Gb Total Space | 1001.14 Gb Free Space | 48.88% Space Free | Partition Type: NTFS F: Drive not present or media not loaded Drive G: | 465.76 Gb Total Space | 461.38 Gb Free Space | 99.06% Space Free | Partition Type: NTFS H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: EMILIANOBONA-PC Current User Name: Emiliano Bona Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Emiliano Bona\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Siber Systems) PRC - C:\Users\Emiliano Bona\AppData\Roaming\Dropbox\bin\Dropbox.exe () PRC - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) PRC - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) PRC - C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe () PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia) PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) PRC - C:\Program Files (x86)\Secunia\PSI\psi.exe (Secunia) PRC - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) PRC - C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe (Analog Devices, Inc.) PRC - C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) PRC - C:\Windows\SysWOW64\conime.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\WebPAMPRO\Agent\bin\bgasched.exe () PRC - C:\Program Files (x86)\WebPAMPRO\Agent\bin\swmgtd.exe () PRC - C:\Program Files (x86)\WebPAMPRO\Agent\bin\prevtlogd.exe () PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) PRC - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) PRC - C:\Program Files (x86)\ASUS\AASP\1.00.68\aaCenter.exe () PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.) PRC - C:\Program Files (x86)\WebPAMPRO\Agent\bin\slpd.exe () PRC - C:\Program Files (x86)\C-CHANNEL\PayPen\PayPen.exe (Anoto AB) PRC - C:\Program Files (x86)\C-CHANNEL\PayPen\CPenOCR.exe () PRC - C:\Program Files (x86)\C-CHANNEL\PayPen\CPenDesk.exe (Anoto AB) PRC - C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe () PRC - C:\Windows\SysWOW64\PSIService.exe () PRC - C:\Program Files (x86)\WebPAMPRO\Agent\bin\cimserver.exe () PRC - C:\Program Files (x86)\WebPAMPRO\Server\tomcat\bin\tomcat5.exe (Apache Software Foundation) PRC - C:\PROGRA~2\Borland\INTERB~1\Bin\ibguard.exe (Inprise Corporation) PRC - C:\PROGRA~2\Borland\INTERB~1\Bin\ibserver.exe (Inprise Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Emiliano Bona\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (arXfrSvc) -- C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe (Microsoft Corporation) SRV:64bit: - (WHSConnector) -- C:\Program Files\Windows Home Server\WHSConnector.exe (Microsoft Corporation) SRV:64bit: - (esClient) -- C:\Program Files\Windows Home Server\esClient.exe (Microsoft Corporation) SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation) SRV:64bit: - (AEADIFilters) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation) SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.) SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation) SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation) SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation) SRV:64bit: - (LoClntService) -- C:\Program Files\Windows Home Server\LightsOutClientService.exe (AxoNet Software GmbH) SRV:64bit: - (O&O Defrag) -- C:\Windows\SysNative\oodag.exe (O&O Software GmbH) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (Fax) -- C:\Windows\SysNative\fxssvc.exe (Microsoft Corporation) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Professional Business 2010\RpcAgentSrv.exe (SiSoftware) SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe (Symantec Corporation) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (AODService) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe () SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (TwonkyMedia) -- C:\Program Files (x86)\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe (PacketVideo) SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (slpreg) -- C:\Program Files (x86)\WebPAMPRO\Agent\bin\slpreg.exe () SRV - (Promise Service Management) -- C:\Program Files (x86)\WebPAMPRO\Agent\bin\swmgtd.exe () SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.) SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (ufad-ws60) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe (VMware, Inc.) SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (Adobe Version Cue CS4) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated) SRV - (SLP) -- C:\Program Files (x86)\WebPAMPRO\Agent\bin\slpd.exe () SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE () SRV - (EPGService) -- C:\PROGRA~2\WinTV\EPG Services\System\EPGService.exe (Hauppauge Computer Works) SRV - (ProtexisLicensing) -- C:\Windows\SysWOW64\PSIService.exe () SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2006.11.02 15:34:14 | 000,000,000 | ---D | M] SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof () SRV - (VSS) -- C:\Windows\SysWOW64\wbem\vss.mof () SRV - (PegasusCIMOMAgent) -- C:\Program Files (x86)\WebPAMPRO\Agent\bin\cimserver.exe () SRV - (Tomcat) -- C:\Program Files (x86)\WebPAMPRO\Server\tomcat\bin\tomcat5.exe (Apache Software Foundation) ========== Driver Services (SafeList) ========== DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atipmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys (Nokia) DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys (Nokia) DRV:64bit: - (nmwcdnsux64) -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys (Nokia) DRV:64bit: - (nmwcdnsucx64) -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys (Nokia) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\DRIVERS\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys (Advanced Micro Devices Inc.) DRV:64bit: - (ccHP) -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\ccHPx64.sys (Symantec Corporation) DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\SRTSP64.SYS (Symantec Corporation) DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SYMEFA64.SYS (Symantec Corporation) DRV:64bit: - (BHDrvx64) -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\BHDrvx64.sys (Symantec Corporation) DRV:64bit: - (SYMTDI) -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\SYMTDI.SYS (Symantec Corporation) DRV:64bit: - (SYMFW) -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\SYMFW.SYS (Symantec Corporation) DRV:64bit: - (SYMNDISV) -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\SYMNDISV.SYS (Symantec Corporation) DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SRTSPX64.SYS (Symantec Corporation) DRV:64bit: - (SymIM) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys (Symantec Corporation) DRV:64bit: - (PSI) -- C:\Windows\SysNative\DRIVERS\psi_mf.sys (Secunia) DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys () DRV:64bit: - (fvevol) -- C:\Windows\SysNative\DRIVERS\fvevol.sys (Microsoft Corporation) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation) DRV:64bit: - (timounter) -- C:\Windows\SysNative\DRIVERS\timntr.sys (Acronis) DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\DRIVERS\tifsfilt.sys (Acronis) DRV:64bit: - (snapman) -- C:\Windows\SysNative\DRIVERS\snapman.sys (Acronis) DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.) DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.) DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.) DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.) DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.) DRV:64bit: - (vmusb) -- C:\Windows\SysNative\Drivers\vmusb.sys (VMware, Inc.) DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\DRIVERS\vmnetbridge.sys (VMware, Inc.) DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\DRIVERS\vmnetadapter.sys (VMware, Inc.) DRV:64bit: - (UimBus) -- C:\Windows\SysNative\DRIVERS\uimx64.sys (Windows (R) 2000 DDK provider) DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\Drivers\LUsbFilt.Sys (Logitech, Inc.) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (L8042Kbd) -- C:\Windows\SysNative\DRIVERS\L8042Kbd.sys (Logitech, Inc.) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys (Nokia) DRV:64bit: - (hotcore3) -- C:\Windows\SysNative\DRIVERS\hotcore3.sys (Paragon Software Group) DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\DRIVERS\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\DRIVERS\wimfltr.sys (Microsoft Corporation) DRV:64bit: - (PayPen) -- C:\Windows\SysNative\Drivers\PayPen.sys () DRV:64bit: - (mv61xx) -- C:\Windows\SysNative\DRIVERS\mv61xx.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (HCW85BDA) -- C:\Windows\SysNative\drivers\HCW85BDA.sys (Hauppauge Computer Works) DRV:64bit: - (DSI_SiUSBXp_3_1) -- C:\Windows\SysNative\drivers\DSI_SiUSBXp_3_1.sys (Silicon Laboratories) DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\DRIVERS\NuidFltr.sys (Microsoft Corporation) DRV:64bit: - (Point64) -- C:\Windows\SysNative\DRIVERS\point64k.sys (Microsoft Corporation) DRV:64bit: - (Ser2pl) -- C:\Windows\SysNative\DRIVERS\ser2pl64.sys (Prolific Technology Inc.) DRV:64bit: - (CLBStor) -- C:\Windows\SysNative\DRIVERS\CLBStor.sys (Cyberlink Co.,Ltd.) DRV:64bit: - (CLBUDF) -- C:\Windows\SysNative\drivers\CLBUDF.sys (CyberLink Corporation.) DRV:64bit: - (PinnacleMarvinAVS) -- C:\Windows\SysNative\DRIVERS\MarvinAVS64.sys (Pinnacle a division of Avid Technology, Inc.) DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys () DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\DRIVERS\MarvinBus64.sys (Pinnacle Systems GmbH) DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100520.039\EX64.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100520.039\ENG64.SYS (Symantec Corporation) DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100513.002\IDSviA64.sys (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Professional Business 2010\WNt500x64\sandra.sys (SiSoftware) DRV - ({B154377D-700F-42cc-9474-23858FBDF4BD}) -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl (CyberLink Corp.) DRV - (CSC) -- C:\Windows\CSC [2009.02.10 21:44:46 | 000,000,000 | ---D | M] DRV - (vstor2-ws60) -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys (VMware, Inc.) DRV - (adfs) -- C:\Windows\SysWOW64\drivers\adfs.sys (Adobe Systems, Inc.) DRV - (pendfu) PenDfu (pendfu.sys) -- C:\Windows\SysWOW64\drivers\pendfu.sys (Anoto AB) DRV - (WimFltr) -- C:\Programme\Windows Imaging\wimfltr.inf () DRV - (AsIO) -- C:\Windows\SysWOW64\drivers\AsIO.sys () DRV - ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) -- C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl (Cyberlink Corp.) DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof () DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof () DRV - (VD_FileDisk) -- C:\Windows\SysWOW64\drivers\vd_filedisk.sys (Flint Incorporation) DRV - (CLBUDF) -- C:\Windows\CLBUDF.tbl () DRV - (PCLEPCI) -- C:\Windows\SysWOW64\drivers\PCLEPCI.sys (Pinnacle Systems GmbH) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Hotmail, Messenger, Lifestyle, Unterhaltung, Reisen, News, Sport und vieles mehr auf msn.ch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1F 6F 78 27 27 F4 CA 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4 FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.6.14 FF - prefs.js..extensions.enabledItems: locationbar2@design-noir.de:1.0.5 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.22 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.77 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26 FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.98 FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.11.14 20:13:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010.05.02 10:58:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.03.28 11:56:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.03 16:56:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.24 18:31:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.03.28 11:56:42 | 000,000,000 | ---D | M] [2009.04.04 20:39:58 | 000,000,000 | ---D | M] -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Extensions [2009.04.04 20:39:58 | 000,000,000 | ---D | M] -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2010.05.20 21:03:48 | 000,000,000 | ---D | M] -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions [2010.05.13 17:37:17 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010.05.02 12:26:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.05.20 21:03:43 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010.05.13 17:37:17 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2010.04.11 16:02:04 | 000,000,000 | ---D | M] -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions\DTToolbar@toolbarnet.com [2010.04.24 19:46:39 | 000,000,000 | ---D | M] -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions\foxmarks@kei.com [2010.03.07 16:06:19 | 000,000,000 | ---D | M] -- C:\Users\Emiliano Bona\AppData\Roaming\mozilla\Firefox\Profiles\9lqntu9d.default\extensions\locationbar2@design-noir.de [2009.06.02 20:08:18 | 000,002,399 | ---- | M] () -- C:\Users\Emiliano Bona\AppData\Roaming\Mozilla\FireFox\Profiles\9lqntu9d.default\searchplugins\daemon-search.xml [2010.05.21 10:51:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010.04.24 18:31:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.01.24 13:32:21 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.24 13:32:21 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.24 13:32:21 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.24 13:32:21 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.24 13:32:21 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.05.24 18:43:05 | 000,292,466 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 Proben bei 1000Gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 10072 more lines... O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll (TechSmith Corporation) O2:64bit: - BHO: (BrowserHelper Class) - {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation) O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll () O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3:64bit: - HKLM\..\Toolbar: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation) O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll (Symantec Corporation) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [HPUsageTracking] File not found O4:64bit: - HKLM..\Run: [OODefragTray] C:\Windows\SysNative\oodtray.exe (O&O Software GmbH) O4:64bit: - HKLM..\Run: [PrnStatusMX] C:\Programme\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.) O4:64bit: - HKLM..\Run: [SoundMAX] C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe () O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia) O4 - HKLM..\Run: [PCLEPCI] C:\Programme\Pinnacle\PPE\PPE.exe (Pinnacle Systems GmbH) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems) O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found O4 - Startup: C:\Users\Emiliano Bona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Emiliano Bona\AppData\Roaming\Dropbox\bin\Dropbox.exe () O4 - Startup: C:\Users\Emiliano Bona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IBAffinity.lnk = C:\Programme\CT\CTStudio5\IBAffinity.bat File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: RF - Formular ausfüllen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8:64bit: - Extra context menu item: RF - Formular speichern - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O8:64bit: - Extra context menu item: RF - Menü anpassen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8:64bit: - Extra context menu item: RF - RoboForm-Leiste ein/aus - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: RF - Formular ausfüllen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8 - Extra context menu item: RF - Formular speichern - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O8 - Extra context menu item: RF - Menü anpassen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra 'Tools' menuitem : RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra Button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra 'Tools' menuitem : RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra 'Tools' menuitem : RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: maris.com ([www.redshift] http in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} hxxp://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab (HPSDDX Class) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll (Symantec Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img33.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img33.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis) O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysWow64\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{02ddab8d-f7ab-11dd-8584-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{02ddab8d-f7ab-11dd-8584-806e6f6e6963}\Shell\AutoRun\command - "" = Z:\tools\shelexec.exe html\index.htm -- File not found O33 - MountPoints2\{4186dc0c-f877-11dd-990b-0023544281ec}\Shell - "" = AutoRun O33 - MountPoints2\{4186dc0c-f877-11dd-990b-0023544281ec}\Shell\AutoRun\command - "" = X:\autorun.exe -- File not found O33 - MountPoints2\{490d10e1-faaf-11dd-b538-005056c00008}\Shell\AutoRun\command - "" = H:\PortableRoboForm.exe -- File not found O33 - MountPoints2\{490d10e1-faaf-11dd-b538-005056c00008}\Shell\RoboForm2Go\command - "" = H:\PortableRoboForm.exe -- File not found O33 - MountPoints2\{627fc0b2-f9f7-11dd-b128-005056c00008}\Shell\AutoRun\command - "" = G:\PortableRoboForm.exe -- File not found O33 - MountPoints2\{627fc0b2-f9f7-11dd-b128-005056c00008}\Shell\RoboForm2Go\command - "" = G:\PortableRoboForm.exe -- File not found O33 - MountPoints2\{e16115e9-4f9f-11de-8fec-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{e16115e9-4f9f-11de-8fec-005056c00008}\Shell\AutoRun\command - "" = F:\Welcome\Welcome.exe -- File not found O33 - MountPoints2\{e39c42b8-0ef2-11de-937c-005056c00008}\Shell\AutoRun\command - "" = PortableRoboForm.exe O33 - MountPoints2\{e39c42b8-0ef2-11de-937c-005056c00008}\Shell\RoboForm2Go\command - "" = PortableRoboForm.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (OODBS) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.05.20 21:38:12 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\AppData\Roaming\Malwarebytes [2010.05.20 21:38:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.05.20 21:38:01 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.05.20 21:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.05.20 21:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.05.16 14:29:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Altap Salamander 2.5 [2010.05.16 14:13:05 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\Desktop\avenger [2010.05.16 12:43:54 | 000,000,000 | ---D | C] -- C:\escan [2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\VDLL.DLL [2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\runouce.exe [2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe [2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE [2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe [2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe [2010.05.16 11:46:26 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll [2010.05.16 11:46:25 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll [2010.05.16 11:46:24 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe [2010.05.16 11:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MicroWorld [2010.05.16 11:46:19 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld [2010.05.14 19:51:46 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2010.05.14 19:13:42 | 000,038,456 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys [2010.05.14 19:06:22 | 000,000,000 | ---D | C] -- C:\Programme\Realtek [2010.05.14 19:05:51 | 001,814,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll [2010.05.14 19:05:51 | 001,631,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll [2010.05.14 19:05:51 | 000,525,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2010.05.14 19:05:51 | 000,369,864 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll [2010.05.14 19:05:51 | 000,307,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll [2010.05.14 19:05:51 | 000,307,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll [2010.05.14 19:05:51 | 000,231,328 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys [2010.05.14 19:05:51 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll [2010.05.14 19:05:51 | 000,095,432 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll [2010.05.14 19:05:51 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll [2010.05.14 19:05:51 | 000,068,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHCoInst64.dll [2010.05.14 19:05:48 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2010.05.14 19:03:34 | 000,419,840 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2010.05.14 19:03:34 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2010.05.14 19:03:34 | 000,133,632 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2010.05.14 19:03:34 | 000,110,592 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2010.05.14 19:03:33 | 001,503,232 | ---- | C] (Creative) -- C:\Windows\SysWow64\adi_oal.dll [2010.05.14 19:03:32 | 001,828,352 | ---- | C] (Creative) -- C:\Windows\SysNative\adi_oal.dll [2010.05.14 18:23:16 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\Documents\DriverGenius [2010.05.14 18:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft [2010.05.14 18:05:12 | 000,000,000 | ---D | C] -- C:\Studio Vista Installer [2010.05.14 14:17:40 | 000,000,000 | ---D | C] -- C:\Programme\Pinnacle [2010.05.14 14:16:38 | 000,014,564 | ---- | C] (Pinnacle Systems GmbH) -- C:\Windows\SysWow64\drivers\PCLEPCI.sys [2010.05.14 14:14:03 | 000,041,219 | ---- | C] (Pinnacle Systems) -- C:\Windows\SysWow64\RSETPATH.exe [2010.05.14 14:14:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle Systems [2010.05.13 17:39:28 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\AppData\Local\QuickPar [2010.05.13 17:38:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickPar [2010.05.13 17:05:01 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\AppData\Roaming\CommunicaEtor [2010.05.13 17:02:43 | 000,000,000 | ---D | C] -- C:\ProgramData\CommunicaEtor [2010.05.09 15:14:38 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\Documents\CPR [2010.04.25 12:46:35 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\AppData\Roaming\DivX [2010.04.25 12:46:28 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\AppData\Local\Pinnacle [2010.04.25 12:46:25 | 000,000,000 | ---D | C] -- C:\Users\Emiliano Bona\Documents\Pinnacle Studio [2010.04.25 12:44:11 | 000,484,736 | ---- | C] (Pinnacle a division of Avid Technology, Inc.) -- C:\Windows\SysNative\drivers\MarvinAVS64.sys [2010.04.25 12:44:11 | 000,200,704 | ---- | C] (Pinnacle Systems) -- C:\Windows\SysWow64\MarvinUsb.ax [2010.04.25 12:44:11 | 000,070,656 | ---- | C] (Pinnacle Systems) -- C:\Windows\SysNative\PCLECoInst64.dll [2010.04.25 12:44:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pinnacle [2010.04.25 12:42:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle Studio Ultimate Collection [2010.04.25 12:41:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Projects [2010.04.25 12:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Yahoo! [2010.04.25 12:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Studio 14 [2010.04.25 12:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle Studio Plus [2010.04.25 12:40:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle [2010.04.25 12:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle [2010.04.25 12:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pegasus Imaging [2010.04.24 18:31:30 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010.04.24 18:31:30 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.04.24 18:31:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.04.24 18:31:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Users\Emiliano Bona\*.tmp files -> C:\Users\Emiliano Bona\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.05.21 17:14:13 | 004,718,592 | ---- | M] () -- C:\Users\Emiliano Bona\NTUSER.DAT [2010.05.21 16:28:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.05.21 15:47:42 | 001,692,200 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.05.21 15:47:42 | 000,718,752 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.05.21 15:47:42 | 000,674,356 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.05.21 15:47:42 | 000,165,424 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.05.21 15:47:42 | 000,136,806 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.05.21 15:44:25 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2010.05.21 15:42:33 | 000,000,680 | ---- | M] () -- C:\Users\Emiliano Bona\AppData\Local\d3d9caps.dat [2010.05.21 15:38:33 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.05.21 15:38:17 | 000,003,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.05.21 15:38:17 | 000,003,840 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.05.21 15:38:08 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.05.21 15:37:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.05.21 15:37:34 | 000,220,921 | ---- | M] () -- C:\Windows\SysNative\oodbs.lor [2010.05.21 15:33:33 | 000,524,288 | -HS- | M] () -- C:\Users\Emiliano Bona\NTUSER.DAT{509615dd-600b-11df-930e-005056c00008}.TMContainer00000000000000000001.regtrans-ms [2010.05.21 15:33:33 | 000,065,536 | -HS- | M] () -- C:\Users\Emiliano Bona\NTUSER.DAT{509615dd-600b-11df-930e-005056c00008}.TM.blf [2010.05.21 15:33:30 | 006,291,456 | -H-- | M] () -- C:\Users\Emiliano Bona\AppData\Local\IconCache.db [2010.05.21 12:41:43 | 000,146,944 | ---- | M] () -- C:\Users\Emiliano Bona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.05.21 12:31:59 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI [2010.05.21 11:39:15 | 000,000,454 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2D8B0EC7-EF9B-402F-BE31-F071A79F092F}.job [2010.05.20 21:38:05 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.05.16 14:33:21 | 000,000,600 | ---- | M] () -- C:\Users\Emiliano Bona\AppData\Roaming\winscp.rnd [2010.05.16 14:29:32 | 000,000,876 | ---- | M] () -- C:\Users\Public\Desktop\Salamander 2.52.lnk [2010.05.16 12:43:44 | 000,191,647 | ---- | M] () -- C:\Users\Emiliano Bona\Documents\pinfect.zip [2010.05.16 11:49:43 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx [2010.05.16 11:46:25 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr80.dll [2010.05.16 11:46:24 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp80.dll [2010.05.16 11:46:23 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\SysWow64\eEmpty.exe [2010.05.16 09:28:45 | 003,129,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.05.15 17:09:50 | 000,524,288 | -HS- | M] () -- C:\Users\Emiliano Bona\NTUSER.DAT{509615dd-600b-11df-930e-005056c00008}.TMContainer00000000000000000002.regtrans-ms [2010.05.15 12:58:36 | 000,524,288 | -HS- | M] () -- C:\Users\Emiliano Bona\NTUSER.DAT{cd363b38-f2f8-11de-9f8c-005056c00008}.TMContainer00000000000000000001.regtrans-ms [2010.05.15 12:58:36 | 000,065,536 | -HS- | M] () -- C:\Users\Emiliano Bona\NTUSER.DAT{cd363b38-f2f8-11de-9f8c-005056c00008}.TM.blf [2010.05.15 12:36:05 | 000,020,460 | ---- | M] () -- C:\Users\Emiliano Bona\Documents\cc_20100515_123559.reg [2010.05.15 12:32:47 | 000,001,724 | ---- | M] () -- C:\Users\Emiliano Bona\Desktop\CCleaner.lnk [2010.05.14 21:01:56 | 000,153,928 | ---- | M] () -- C:\Users\Emiliano Bona\AppData\Local\GDIPFONTCACHEV1.DAT [2010.05.14 21:01:34 | 001,697,752 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.05.14 21:01:15 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Player.lnk [2010.05.14 19:05:51 | 000,525,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2010.05.14 19:03:34 | 000,419,840 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2010.05.14 19:03:34 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2010.05.14 19:03:34 | 000,133,632 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2010.05.14 19:03:34 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2010.05.14 18:21:06 | 000,000,946 | ---- | M] () -- C:\Users\Emiliano Bona\Desktop\Driver Genius Professional Edition.lnk [2010.05.09 15:48:56 | 018,499,623 | ---- | M] () -- C:\Users\Emiliano Bona\Documents\vlc-1.0.5-win32.exe [2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.04.29 12:19:14 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.04.25 12:41:39 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Pinnacle Studio 14.lnk [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Users\Emiliano Bona\*.tmp files -> C:\Users\Emiliano Bona\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.05.21 15:42:33 | 000,000,680 | ---- | C] () -- C:\Users\Emiliano Bona\AppData\Local\d3d9caps.dat [2010.05.20 21:38:05 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.05.16 14:40:00 | 000,002,270 | ---- | C] () -- C:\Users\Emiliano Bona\Desktop\filelist.bat [2010.05.16 14:33:21 | 000,000,600 | ---- | C] () -- C:\Users\Emiliano Bona\AppData\Roaming\winscp.rnd [2010.05.16 14:29:32 | 000,000,876 | ---- | C] () -- C:\Users\Public\Desktop\Salamander 2.52.lnk [2010.05.16 12:43:44 | 000,191,647 | ---- | C] () -- C:\Users\Emiliano Bona\Documents\pinfect.zip [2010.05.16 11:46:45 | 000,000,054 | ---- | C] () -- C:\Windows\Lic.xxx [2010.05.16 11:46:24 | 000,000,522 | ---- | C] () -- C:\Windows\SysWow64\Microsoft.VC80.CRT.manifest [2010.05.15 13:01:20 | 000,524,288 | -HS- | C] () -- C:\Users\Emiliano Bona\NTUSER.DAT{509615dd-600b-11df-930e-005056c00008}.TMContainer00000000000000000002.regtrans-ms [2010.05.15 13:01:20 | 000,524,288 | -HS- | C] () -- C:\Users\Emiliano Bona\NTUSER.DAT{509615dd-600b-11df-930e-005056c00008}.TMContainer00000000000000000001.regtrans-ms [2010.05.15 13:01:20 | 000,065,536 | -HS- | C] () -- C:\Users\Emiliano Bona\NTUSER.DAT{509615dd-600b-11df-930e-005056c00008}.TM.blf [2010.05.15 12:36:03 | 000,020,460 | ---- | C] () -- C:\Users\Emiliano Bona\Documents\cc_20100515_123559.reg [2010.05.14 21:01:15 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Player.lnk [2010.05.14 18:21:06 | 000,000,946 | ---- | C] () -- C:\Users\Emiliano Bona\Desktop\Driver Genius Professional Edition.lnk [2010.05.09 15:48:22 | 018,499,623 | ---- | C] () -- C:\Users\Emiliano Bona\Documents\vlc-1.0.5-win32.exe [2010.04.25 12:41:39 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Pinnacle Studio 14.lnk [2010.04.25 12:37:23 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI [2009.05.29 20:40:11 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.05.29 20:39:45 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009.05.19 19:55:06 | 000,000,000 | ---- | C] () -- C:\Windows\oodcnt.INI [2009.03.15 22:17:00 | 000,000,240 | ---- | C] () -- C:\Windows\CCPen200.ini [2009.03.04 07:59:42 | 000,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2009.03.04 07:59:40 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2009.03.04 07:59:40 | 002,255,360 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll [2009.03.04 07:59:40 | 000,795,648 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2009.03.04 07:59:40 | 000,130,048 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2009.03.04 07:59:38 | 000,067,584 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009.03.04 07:59:38 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest [2009.02.18 18:47:05 | 003,076,141 | ---- | C] () -- C:\Windows\SysWow64\msowc.dll [2009.02.12 20:29:45 | 001,697,752 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009.02.11 21:36:51 | 000,000,008 | RHS- | C] () -- C:\Windows\SysWow64\3C03C601C5.sys [2009.02.11 21:36:50 | 000,002,828 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys [2009.02.11 21:26:37 | 000,000,396 | ---- | C] () -- C:\Windows\lgfwup.ini [2009.02.11 17:15:56 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.INI [2009.02.11 17:15:15 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI [2009.02.11 17:15:14 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\hcwChDB.dll [2009.02.11 17:15:14 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\dmcrypto.dll [2009.02.11 17:14:38 | 000,003,769 | ---- | C] () -- C:\Windows\HCWPNP.INI [2009.02.11 14:42:08 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll [2009.02.11 14:42:08 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2009.02.11 14:42:06 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2009.02.11 14:42:06 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2009.02.10 22:01:15 | 000,033,160 | ---- | C] () -- C:\Windows\Ascd_log.ini [2009.02.10 22:00:49 | 000,032,179 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2008.02.07 10:05:18 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\hppatusg01.dll [2008.01.21 04:49:10 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2007.12.28 09:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2001.08.29 15:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\SysWow64\DK2WIN32.DLL ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:DB849A154DA21BC9 @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:CB0AACC9 < End of report > |
|
21.05.2010, 16:23
| #11 |
| | filelist.bat und windows version Hier das zweite Log von OTL: Code:
ATTFilter OTL Extras logfile created on: 21.05.2010 17:14:33 - Run 2
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Users\Emiliano Bona\Downloads
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
8.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 59.00% Memory free
16.00 Gb Paging File | 13.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 833.86 Gb Total Space | 351.90 Gb Free Space | 42.20% Space Free | Partition Type: NTFS
Drive D: | 2793.84 Gb Total Space | 902.50 Gb Free Space | 32.30% Space Free | Partition Type: NTFS
Drive E: | 2048.00 Gb Total Space | 1001.14 Gb Free Space | 48.88% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 465.76 Gb Total Space | 461.38 Gb Free Space | 99.06% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: EMILIANOBONA-PC
Current User Name: Emiliano Bona
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = C2 FE 8D 6A DC 5B C8 01 [binary data]
"VistaSp2" = 3B F6 80 5C 91 E0 C9 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 0
"UacDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{033B7AD4-20F6-4AC0-BF54-353468DB32F9}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{2499DFC3-590C-4ED3-AF7D-6941CB39F02C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2CF0FAA2-26F6-434B-A9CC-0D836B7ADB5C}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2009.sp2\wnt500x64\rpcsandrasrv.exe |
"{2D40C7F9-B3F8-4897-B62D-58151A7B02CB}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2010\wnt500x64\rpcsandrasrv.exe |
"{3CE8553C-6FA9-4770-BFD3-A060B3563692}" = lport=9050 | protocol=6 | dir=in | name=tomcateventlisten |
"{404CDB32-37F7-4CBC-BC19-22DFD8CD4CF1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{454453B4-26B2-442C-BBCE-CA26144EF3DC}" = lport=161 | protocol=17 | dir=in | name=snmpagent |
"{4EB90740-6BB2-4A3F-BABD-65B5A4515D4D}" = lport=8443 | protocol=6 | dir=in | name=tomcatwithnonssl |
"{56B9C356-BD9D-4358-B224-017A8E4E6CCF}" = lport=5988 | protocol=6 | dir=in | name=cimserver |
"{5959D97D-DE78-4998-A3C8-4EEC94281619}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{5F4AA986-E402-45D0-A9F3-0C604B472088}" = rport=445 | protocol=6 | dir=out | app=system |
"{69F43F3A-3708-4AD8-B18D-89E23726DAAF}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2009.sp2\wnt500x64\rpcsandrasrv.exe |
"{8111B462-8EAE-409A-B87A-6251AC369793}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{8D6DC33A-23CA-4FE1-A30A-E9E39CBF92BA}" = rport=139 | protocol=6 | dir=out | app=system |
"{9B2AD83E-D558-4DF9-8A5B-5268E557CC65}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2010\wnt500x64\rpcsandrasrv.exe |
"{B2876513-60B5-4124-95CD-B4BCD4FA2CC8}" = rport=138 | protocol=17 | dir=out | app=system |
"{B2E91030-3CBD-4DAD-A8C1-099D8D1E1F84}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{B57BEB94-1308-442A-B42A-2C53EADFBA22}" = lport=445 | protocol=6 | dir=in | app=system |
"{B6EFD90C-4396-4047-9F77-AD5829B003C9}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2010\rpcagentsrv.exe |
"{BFC50727-42CC-4433-9D50-5FFA10C032E0}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{CA7CBD54-1277-4FC6-B258-ADAA24929BD6}" = lport=139 | protocol=6 | dir=in | app=system |
"{CFF47B21-CBC1-4D6B-8B9A-AA38DF875983}" = lport=138 | protocol=17 | dir=in | app=system |
"{D189A133-921B-4680-812B-A7186CA1985D}" = lport=137 | protocol=17 | dir=in | app=system |
"{D30D7A08-0864-495A-963C-DB741D48AEA9}" = lport=162 | protocol=17 | dir=in | name=snmptrap |
"{D3141D24-90BB-4826-A121-B1FA4925922E}" = lport=8080 | protocol=6 | dir=in | name=tomcatwithssl |
"{D97F7DDB-1C8C-40A6-A36B-19D18558EF26}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{FB2C712D-D5E5-4078-B5D5-270A0A12B5F2}" = rport=137 | protocol=17 | dir=out | app=system |
"{FF19BDA6-E54D-436D-AF39-C8D90A7EBE46}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2009.sp2\wnt500x64\rpcsandrasrv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FC905E-9D9E-473F-9C86-58E1F09AC0F9}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe |
"{0938FB80-4144-49EB-8143-2367E19CAFA9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{0E0E99B0-0E34-494A-AA48-D20AFF8E45F6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{10500176-15FF-4E16-9D8B-13BF0DED2F4C}" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia home media server\media server\twonkymedia.exe |
"{14870B34-3A12-49BB-8DA9-15010F2192DD}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{1AD8C4DD-6760-4A92-AD46-B7032DF576A1}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2010\rpcagentsrv.exe |
"{1BC9BE2D-8719-4CF7-8512-4AF2BF2D32A8}" = protocol=17 | dir=in | app=c:\users\emiliano bona\appdata\roaming\dropbox\bin\dropbox.exe |
"{22CFB5F8-C500-4F54-9639-4CD6DE79E5B1}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{24AD2B17-607F-4476-B823-144FAA6C4D1B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{2596669B-F273-449A-8010-6BC583F8E211}" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia home media server\media server\twonkymediaserver.exe |
"{342FA2F1-A5D9-45F4-AABD-C9CAB90040C6}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe |
"{3E816378-1B6C-48B7-BB29-6DD28A4C200E}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe |
"{4226D051-ACC3-400E-B711-2B7BB45A76A8}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{4B9BA759-2ECA-450E-B150-18007B706CE1}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\rm.exe |
"{57D93AEF-9296-4E67-94B8-CF79F4007A85}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{5A484808-9A3E-40D3-81E2-D09982D7FD83}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5C4BC674-9591-49DF-BAA7-6F0640A2F6CF}" = protocol=6 | dir=in | app=c:\users\emiliano bona\appdata\roaming\dropbox\bin\dropbox.exe |
"{604584FD-E394-4648-91EA-E27FA45639A9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd\powerdvd.exe |
"{6F2D2924-B38D-48D4-B14E-7F282E6232ED}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\media manager for walkman\mediamanager.exe |
"{6F502DD5-5562-42F6-AAE9-E9647C9A7970}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7504DD6C-B80A-4424-A349-E00CA7B3B699}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{79ECECAD-4682-4D75-BF42-8B00D5E045D1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7B7A6FF6-8C28-410F-A7EE-36B93EE7FF9F}" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{99A18DA1-70B2-485B-9D09-FBA58AAAC1F4}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\umi.exe |
"{A3A5B8E1-BAC6-4791-B1EC-2C88319A85C4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{A4AAB2E6-A437-4443-9ADA-F5B63F9647DF}" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{A7BD2387-11C1-4D17-B789-59075474B4B2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A9C38690-6EE0-4BF6-BBB0-477B7D4A0B47}" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia home media server\media server\twonkymedia.exe |
"{BF761C94-0CF4-4A64-B318-3A34089B5FC6}" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia home media server\media server\twonkymediaserver.exe |
"{D680251A-FFDE-4656-B280-3E72E015FDA9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{DFB75267-D36B-4F61-882B-65740F22CC9B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E29C75DC-C0AA-484F-AC65-3D39D9F46C59}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd8\powerdvd8.exe |
"{E3F255EA-6090-4029-B6B8-E5149A4CA565}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\media manager for walkman\mediamanager.exe |
"{E41C8873-825F-4F6A-A3B0-AE0BA3669F15}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{EAC7E249-F7CF-4F7C-9656-E4B44B69E131}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2010\wnt500x64\rpcsandrasrv.exe |
"{EEEE2B01-F98A-47FD-BFAC-F2771D72323B}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra professional business 2010\wnt500x64\rpcsandrasrv.exe |
"{F4615758-E668-40E0-BC43-4CD7C90048C1}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 14\programs\studio.exe |
"{F776FB89-27B9-4F74-87F7-6AD067227034}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04C43AE1-5B72-487F-AC6C-6BC1AA19FE03}" = Microsoft IntelliPoint 6.2
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{087BEB30-5324-4615-A097-51DB44EC5B71}" = O&O Defrag Professional Edition
"{0D90AEC3-477D-6845-FD8E-8E75BEADB0F6}" = ATI Catalyst Install Manager
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4808" = CanoScan 5600F Scanner Driver
"{21E49794-7C13-4E84-8659-55BD378267D5}" = Windows Home Server-Connector
"{23F108F0-BD12-A639-8C6E-BB1F7AF736C1}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86416019FF}" = Java(TM) 6 Update 19 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2BF53A9A-EC11-4429-B29D-19A9276092EF}" = HP LaserJet Toolbox
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{31E8F586-4EF7-4500-844D-BA8756474FF1}" = Windows Automated Installation Kit
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{54360A73-B080-4A69-BFD4-53C190DD3AB0}" = HP Color LaserJet CP1210 Series
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{67DB4BFC-02AA-4806-B3CF-9840F29C92FA}" = Microsoft IntelliType Pro 6.2
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{692F4201-AB4C-4795-9F42-123F0601F8B7}" = LightsOut Client
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Treiber
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{982B2A0F-7679-41D6-A584-C8E735F4A8CD}" = Windows Home Server Toolkit 1.1
"{9A945B7E-4F69-4DDA-B14B-E4DE8446A010}" = MrvlUsgTracking64
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{AA45E50C-1447-48CD-9B49-61B82ED1F95C}" = Adobe Photoshop Lightroom 2.3 64-bit
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Professional Business 2010
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1EF69B7-7A97-40FC-9AF1-6D6656FF874F}" = ATI AVIVO64 Codecs
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D8CA28C4-54E8-454B-BD74-8EC4B97EA908}" = O&O Defrag Agent
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{F2981339-823E-4C62-9C6F-6733BAEE9EF5}" = Paragon Hard Disk Manager™ 2009 Suite
"{F323676A-B911-4B57-827F-32D02DCD4971}" = HP Color LaserJet CP1210 Series Toolbox
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.4)
"B0FFC364CE14DAFAFC484A60C2BB7758BC842A8F" = Windows-Treiberpaket - Anoto AB (PayPen) Input Pen (09/28/2007 2.0.0.0)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"HP Color LaserJet CP1210 Series" = HP Color LaserJet CP1210 Series
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v2.1.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"UltSounds" = Windows-Soundschemas
"UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0256757A-61E3-4595-9F2E-C9DAAB12410D}" = Redshift 7 Premium
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{0EEB3C40-2A8C-4045-B3F9-13C4A5C490C0}" = Nokia Home Media Server
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{158DC053-8BFA-4991-9B85-7AC5F7CA60A0}" = Diet + Exercise Assistant Desktop
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Hi-Def Suite
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 20
"{280ED870-1DF3-4574-A679-E2C4A8163249}_is1" = Registry System Wizard
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{36D8A747-3FC1-121F-6C92-2F79A9B3172D}" = Catalyst Control Center Graphics Full New
"{36FBFDA5-E422-4C01-BA7C-C067E8ACFD90}" = SmartList To Go
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D654496-9C3D-4565-858C-3E551ECDA4E2}" = Virtual Cable Tester
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E5A81BA-4702-490A-B729-0BFF6E7CBF96}" = Pinnacle PCI Performance Enhancer
"{3ED07A82-39A8-4D1A-BB36-23FCABD2AC9A}" = Acronis*True*Image*Echo Workstation
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{408FA92C-0766-48A1-8055-D6DFD27B7C2B}" = C-CHANNEL OnlineUpdate
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45395DE8-0081-437E-AD65-05DDD592559C}" = Garmin ANT Agent 2.2.1
"{45D4F727-43B5-49CD-B474-B9866A8F4FB8}" = Nokia Map Loader
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49F2D7DE-0EEE-4411-8283-16BAAECF2079}" = Media Manager for WALKMAN 1.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{4FFD1AB4-54F0-4069-88D9-3A55B38F874B}" = Nokia Ovi Suite Software Updater
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{51DEA889-E4BB-451B-B830-D94FF1C9293C}" = Beyond Contacts
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{60DED9C2-22BF-47A3-B6C8-6B141BA31DFD}" = Ovi Desktop Sync Engine
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{71F17309-007D-43F9-9313-DBFBA5FCB3B3}" = LightScribe Optical Disc Kit
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{77C499C8-AB66-11D5-BFC3-0050DADD1B5E}" = C-CHANNEL e-banking (PAYMAKER / NetBanking)
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7CF7C4D5-D30C-4ABA-A287-369B043087E8}" = Acronis*Universal*Restore for Acronis*True*Image*Echo*Workstation
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89D16846-7491-A3C3-89D9-006906602FA2}" = Catalyst Control Center Graphics Previews Common
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8CD52C41-69B2-4DE6-BFA0-E82FABE5E056}" = PayPen
"{8CDCDD72-388E-0A2A-4847-873C448033EA}" = Catalyst Control Center Graphics Previews Vista
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{99B58235-E533-44CD-A099-F1A4BC50A6F0}" = ODF Add-In für Microsoft Office
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9C09E3A4-850A-40B2-B94F-EBFB5349C238}" = hppusgCP1215
"{9c0f988f-f58b-4693-8903-0608067ea77a}" = Nero 9
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{A0494B41-EBD7-4C0D-91B7-DC39741B27BB}" = Express Gate
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.2 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = PowerBackup
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B095B0A4-50A5-46D7-9988-D038FEB040C0}" = Adobe Encore CS4 Library
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D0276D85-660F-49AA-9574-64E83FBC0930}" = WebPAMPRO
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{D831211C-EE0F-43E3-9F8C-E4832B34C18A}_is1" = M-DVD.Org V2 - "Ver. 2.5 Update"
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DA21FD3F-B753-4C72-9B0B-A34CA2271E51}" = C-CHANNEL SwissMoney
"{DC3F66CA-9DFD-41EA-9D9E-FD86F1446A3D}" = Catalyst Control Center Core Implementation
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}" = Nokia Ovi Suite
"{E25BEA72-89F8-121D-5481-0347B9446673}" = ccc-core-static
"{E288FAEB-D102-0ACA-DF6A-9BD3C90FA08B}" = Catalyst Control Center HydraVision Full
"{E2FB1C9E-00C1-467E-BA75-E3FC6C4ACB3F}" = Pinnacle USB device drivers 2
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E4D35928-2C24-A87E-8240-CC7E25548F52}" = Catalyst Control Center Graphics Full Existing
"{E76CDA48-6FB1-49C5-0769-7B9444664056}" = Catalyst Control Center Graphics Light
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EB0F4554-AD4F-4C8C-9764-66AC2CF8D184}" = AMD OverDrive
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F20A984B-9B30-4A9E-A3AC-918AF0D85A48}" = Snagit 9.1.1
"{F2D45137-7631-4824-B285-52742329DE4B}" = Documents To Go
"{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}" = Microsoft WSE 2.0 SP3 Runtime
"{F5E0B89C-AABA-639D-B6F5-C3FB085FB120}" = CCC Help English
"{F600CCF3-9C88-4A22-B0B4-DDA82E997118}" = Adobe After Effects CS4 Template Projects & Footage
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FD6034A3-655C-49F0-B496-D4CBFD74D7A7}" = Palm Desktop by ACCESS
"{FF03F4E5-3269-459B-A5F3-DC0D7B2561FB}" = PayPen
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_14cffbe014b566bef9e9125ea146ab9" = Adobe Creative Suite 4 Master Collection
"aEton CommunicaEor" = aEton CommunicaEor
"Altap Salamander 2.52" = Altap Salamander 2.52
"ASAS Client V3" = ASAS Client V3
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CrystalDiskInfo_is1" = CrystalDiskInfo 3.3.0
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EXPERTool ATI_is1" = EXPERTool ATI 4.1
"Free Download Manager_is1" = Free Download Manager 3.0
"Google Updater" = Google Updater
"Hauppauge German Help Files and Resources" = Hauppauge German Help Files and Resources
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV DVB-T EPG Service" = Hauppauge WinTV DVB-T EPG Service
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"HijackThis" = HijackThis 2.0.2
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Ulead Burn.Now 4.5 SE
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{D0276D85-660F-49AA-9574-64E83FBC0930}" = WebPAMPRO
"InterBase 6 Client Open Edition - 6.0.1.6" = InterBase 6 Client Open Edition - 6.0.1.6
"InterBase 6 Open Edition - 6.0.1.6" = InterBase 6 Open Edition - 6.0.1.6
"JAFSetup" = JAF Setup
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.7.0
"LHTTSENG" = L&H TTS3000 British English
"LHTTSFRF" = L&H TTS3000 Français
"LHTTSGED" = L&H TTS3000 Deutsch
"LHTTSITI" = L&H TTS3000 Italiano
"LightsOut Client" = LightsOut Client
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"MediaMonkey_is1" = MediaMonkey 3.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"N360" = Norton 360
"Nero - Burning Rom!UninstallKey" = Nero 6 Demo
"Nokia Maps Updater_is1" = Nokia Maps Updater 1.0.10
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"QuickPar" = QuickPar 0.9
"ratDVD" = ratDVD 0.78.1444
"Revo Uninstaller" = Revo Uninstaller 1.85
"Secunia PSI" = Secunia PSI
"TC UP" = Total Commander Ultima Prime 4.6.0.0
"TeraCopy_is1" = TeraCopy 1.22
"TomTom HOME" = TomTom HOME 2.7.3.1894
"TweakNow PowerPack Professional_is1" = TweakNow PowerPack Professional
"TwonkyvisionUPnPTwonkyMedia" = TwonkyMedia
"UnityWebPlayer" = Unity Web Player
"VLC media player" = VLC media player 1.0.2
"vLite_is1" = vLite
"WinRAR archiver" = WinRAR
"XMedia Recode" = XMedia Recode 2.1.1.1
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AI RoboForm" = AI RoboForm
"Dropbox" = Dropbox
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 20.05.2010 14:06:27 | Computer Name = EmilianoBona-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.05.2010 14:10:30 | Computer Name = EmilianoBona-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Error - 20.05.2010 15:03:45 | Computer Name = EmilianoBona-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 20.05.2010 16:36:20 | Computer Name = EmilianoBona-PC | Source = Application Hang | ID = 1002
Description = Programm SpybotSD.exe, Version 1.6.2.46 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 1bec Anfangszeit: 01caf85bf625b860 Zeitpunkt der Beendigung:
6
Error - 21.05.2010 04:52:16 | Computer Name = EmilianoBona-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.05.2010 04:55:52 | Computer Name = EmilianoBona-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Error - 21.05.2010 04:55:52 | Computer Name = EmilianoBona-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Error - 21.05.2010 09:40:53 | Computer Name = EmilianoBona-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Error - 21.05.2010 09:40:53 | Computer Name = EmilianoBona-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen bereits aktiven Komponentenversion. Die widersprüchlichen
Komponenten sind: Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Error - 21.05.2010 09:42:05 | Computer Name = EmilianoBona-PC | Source = WinMgmt | ID = 10
Description =
[ OSession Events ]
Error - 11.05.2009 14:20:36 | Computer Name = EmilianoBona-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 21.05.2010 04:52:22 | Computer Name = EmilianoBona-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 21.05.2010 08:16:41 | Computer Name = EmilianoBona-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 21.05.2010 09:37:16 | Computer Name = EmilianoBona-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\VD_FileDisk.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 21.05.2010 09:37:16 | Computer Name = EmilianoBona-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\pclepci.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 21.05.2010 09:42:06 | Computer Name = EmilianoBona-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 21.05.2010 09:42:06 | Computer Name = EmilianoBona-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 21.05.2010 09:42:06 | Computer Name = EmilianoBona-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.05.2010 09:42:06 | Computer Name = EmilianoBona-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 21.05.2010 09:42:06 | Computer Name = EmilianoBona-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.05.2010 09:42:15 | Computer Name = EmilianoBona-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
Besten Dank Emiliano |
|
21.05.2010, 19:15
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | filelist.bat und windows version Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Falls Du "WebPAMPRO" kennst und brauchst, führ das Script nicht aus!! Code:
ATTFilter :OTL
PRC - C:\Program Files (x86)\WebPAMPRO\Agent\bin\bgasched.exe ()
PRC - C:\Program Files (x86)\WebPAMPRO\Agent\bin\swmgtd.exe ()
PRC - C:\Program Files (x86)\WebPAMPRO\Agent\bin\prevtlogd.exe ()
PRC - C:\Program Files (x86)\WebPAMPRO\Agent\bin\slpd.exe ()
PRC - C:\Program Files (x86)\WebPAMPRO\Agent\bin\cimserver.exe ()
SRV - (slpreg) -- C:\Program Files (x86)\WebPAMPRO\Agent\bin\slpreg.exe ()
SRV - (SLP) -- C:\Program Files (x86)\WebPAMPRO\Agent\bin\slpd.exe ()
DRV - (CLBUDF) -- C:\Windows\CLBUDF.tbl ()
[2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\VDLL.DLL
[2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\runouce.exe
[2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE
[2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[2010.05.16 11:49:43 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe
[2010.05.16 12:43:44 | 000,191,647 | ---- | M] () -- C:\Users\Emiliano Bona\Documents\pinfect.zip
[2009.02.11 21:36:51 | 000,000,008 | RHS- | C] () -- C:\Windows\SysWow64\3C03C601C5.sys
[2009.02.11 21:36:50 | 000,002,828 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
:Files
C:\Program Files (x86)\WebPAMPRO
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.05.2010, 22:16
| #13 |
| | filelist.bat und windows version Hier das Logfile nach dem Fix: All processes killed ========== OTL ========== No active process named Program Files was found! No active process named Program Files was found! No active process named Program Files was found! No active process named Program Files was found! No active process named Program Files was found! Service slpreg stopped successfully! Service slpreg deleted successfully! C:\Program Files (x86)\WebPAMPRO\Agent\bin\slpreg.exe moved successfully. Service SLP stopped successfully! Service SLP deleted successfully! C:\Program Files (x86)\WebPAMPRO\Agent\bin\slpd.exe moved successfully. Error: Unable to stop service CLBUDF! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CLBUDF deleted successfully. C:\Windows\CLBUDF.tbl moved successfully. C:\Windows\VDLL.DLL folder moved successfully. C:\Windows\SysWow64\runouce.exe folder moved successfully. C:\Windows\rundll16.exe folder moved successfully. C:\Windows\RUNDL132.EXE folder moved successfully. C:\Windows\logo1_.exe folder moved successfully. C:\Windows\logo_1.exe folder moved successfully. C:\Users\Emiliano Bona\Documents\pinfect.zip moved successfully. C:\Windows\SysWOW64\3C03C601C5.sys moved successfully. C:\Windows\SysWOW64\KGyGaAvL.sys moved successfully. ========== FILES ========== C:\Program Files (x86)\WebPAMPRO\Server\tomcat\work\Catalina\localhost\promise\org\apache\jsp\mseries folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\work\Catalina\localhost\promise\org\apache\jsp\html folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\work\Catalina\localhost\promise\org\apache\jsp folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\work\Catalina\localhost\promise\org\apache folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\work\Catalina\localhost\promise\org folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\work\Catalina\localhost\promise folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\work\Catalina\localhost\manager folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\work\Catalina\localhost\host-manager folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\work\Catalina\localhost folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\work\Catalina folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\work folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\lib\CVS folder moved successfully. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\lib scheduled to be moved on reboot. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\v3HBASeries\util folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\v3HBASeries\feature folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\v3HBASeries folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\utility\dbWrapper folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\utility folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\testMSeries folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\subsystemComponents folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\repository folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\OEMCustomization folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\MSeries folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\jsf\managedbean\v3HBAManagedBean folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\jsf\managedbean\util folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\jsf\managedbean\model folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\jsf\managedbean folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\jsf\converter folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\jsf folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\HBAComponents\feature folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\HBAComponents folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\exceptions folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\eventCustomization folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\database\dao folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\database\base folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\database folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\constants folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\commonComponents folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\client folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\cimWebUtility\toCimom folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise\cimWebUtility folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com\promise folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes\com folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\classes folder moved successfully. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF scheduled to be moved on reboot. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\v3HBASeries\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\v3HBASeries folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\mseries\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\mseries folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\js\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\js folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\inc\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\inc folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\treeImages\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\treeImages folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_traditionalChinese\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_traditionalChinese folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_spanish\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_spanish folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_simplifiedChinese\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_simplifiedChinese folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_russian\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_russian folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_korean\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_korean folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_japanese\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_japanese folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_italian\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_italian folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_german\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_german folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_french\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_french folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_english\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\image_english folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\enclosureImages\eClass\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\enclosureImages\eClass folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\enclosureImages\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\enclosureImages folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\images folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\html\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\html folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\help\icons\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\help\icons folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\help\english\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\help\english folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\help\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\help folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\errorPages\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\errorPages folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\debug\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\debug folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\database\CVS folder moved successfully. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\database scheduled to be moved on reboot. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\css\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\css folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\conf\CVS folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\conf folder moved successfully. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise scheduled to be moved on reboot. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps scheduled to be moved on reboot. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\temp folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\shared\lib folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\shared\classes folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\shared folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\server\webapps\manager\WEB-INF\lib folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\server\webapps\manager\WEB-INF folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\server\webapps\manager\images folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\server\webapps\manager folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\server\webapps\host-manager\WEB-INF\lib folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\server\webapps\host-manager\WEB-INF folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\server\webapps\host-manager\images folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\server\webapps\host-manager folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\server\webapps folder moved successfully. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\server\lib scheduled to be moved on reboot. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\server\classes folder moved successfully. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\server scheduled to be moved on reboot. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\logs scheduled to be moved on reboot. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\conf\Catalina\localhost folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\conf\Catalina folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\conf folder moved successfully. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\common\lib scheduled to be moved on reboot. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\common\i18n scheduled to be moved on reboot. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\common\endorsed folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\common\classes folder moved successfully. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\common scheduled to be moved on reboot. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\bin scheduled to be moved on reboot. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Server\tomcat scheduled to be moved on reboot. C:\Program Files (x86)\WebPAMPRO\Server\tftpserver\tftpboot folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tftpserver\com\globalros\tftp\test folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tftpserver\com\globalros\tftp\server folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tftpserver\com\globalros\tftp\mbean folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tftpserver\com\globalros\tftp\common folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tftpserver\com\globalros\tftp\client folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tftpserver\com\globalros\tftp folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tftpserver\com\globalros folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tftpserver\com folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tftpserver folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\temp\isn certs folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\temp\cimom certs folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\temp folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\jars folder moved successfully. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Server scheduled to be moved on reboot. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi\SystemV folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi\Pacific folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi\Indian folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi\Europe folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi\Etc folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi\Australia folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi\Atlantic folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi\Asia folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi\Antarctica folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi\America\North_Dakota folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi\America\Kentucky folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi\America\Indiana folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi\America\Argentina folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi\America folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi\Africa folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\zi folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\security folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\management folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\javaws folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\images\cursors folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\images folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\im folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\i386 folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\fonts folder moved successfully. Folder move failed. C:\Program Files (x86)\WebPAMPRO\jre\lib\ext scheduled to be moved on reboot. C:\Program Files (x86)\WebPAMPRO\jre\lib\deploy folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\cmm folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\audio folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\applet folder moved successfully. Folder move failed. C:\Program Files (x86)\WebPAMPRO\jre\lib scheduled to be moved on reboot. C:\Program Files (x86)\WebPAMPRO\jre\bin\server folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\bin\client folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\bin folder moved successfully. Folder move failed. C:\Program Files (x86)\WebPAMPRO\jre scheduled to be moved on reboot. C:\Program Files (x86)\WebPAMPRO\Agent\slp folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#PromiseTech\qualifiers folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#PromiseTech\instances folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#PromiseTech\classes folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#PromiseTech folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#PG_InterOp\qualifiers folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#PG_InterOp\instances folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#PG_InterOp\classes folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#PG_InterOp folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#PG_Internal\qualifiers folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#PG_Internal\instances folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#PG_Internal\classes folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#PG_Internal folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#cimv2\qualifiers folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#cimv2\instances folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#cimv2\classes folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root#cimv2 folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root\qualifiers folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root\instances folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root\classes folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\logs folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\cgi\icons folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\cgi\htdocs folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\cgi\cgi-bin folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\cgi folder moved successfully. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Agent\bin scheduled to be moved on reboot. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Agent scheduled to be moved on reboot. Folder move failed. C:\Program Files (x86)\WebPAMPRO scheduled to be moved on reboot. ========== COMMANDS ========== File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Default ->Temporary Internet Files folder emptied: 33109 bytes ->Flash cache emptied: 41 bytes User: Default User ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Emiliano Bona ->Temp folder emptied: 2073792 bytes ->Temporary Internet Files folder emptied: 1223700 bytes ->Java cache emptied: 60806015 bytes ->FireFox cache emptied: 34956427 bytes ->Google Chrome cache emptied: 819568 bytes ->Flash cache emptied: 2508 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 138410 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 37446 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 328 bytes RecycleBin emptied: 4661718253 bytes Total Files Cleaned = 4'541.00 mb OTL by OldTimer - Version 3.2.5.0 log created on 05212010_225515 Files\Folders moved on Reboot... C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF\lib folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\WEB-INF folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise\database folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps\promise folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\webapps folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\server\lib folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\server folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\logs folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\common\lib folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\common\i18n folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\common folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat\bin folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server\tomcat folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Server folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib\ext folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre\lib folder moved successfully. C:\Program Files (x86)\WebPAMPRO\jre folder moved successfully. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Agent\bin scheduled to be moved on reboot. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root\qualifiers folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root\instances folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root\classes folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository\root folder moved successfully. C:\Program Files (x86)\WebPAMPRO\Agent\repository folder moved successfully. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Agent\logs scheduled to be moved on reboot. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Agent\bin scheduled to be moved on reboot. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Agent scheduled to be moved on reboot. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Agent\logs scheduled to be moved on reboot. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Agent\bin scheduled to be moved on reboot. Folder move failed. C:\Program Files (x86)\WebPAMPRO\Agent scheduled to be moved on reboot. Folder move failed. C:\Program Files (x86)\WebPAMPRO scheduled to be moved on reboot. File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot. File\Folder C:\Users\Emiliano Bona\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! File\Folder C:\Windows\temp\hsperfdata_EMILIANOBONA-PC$\3268 not found! File\Folder C:\Windows\temp\JETF43D.tmp not found! Registry entries deleted on Reboot... Weiterhin vielen Dank!! Emiliano |
|
23.05.2010, 20:23
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | filelist.bat und windows version Ok. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.05.2010, 15:13
| #15 |
| | filelist.bat und windows version Hallo Arne Ich werde die nächsten paar Tage abwesend sein, so dass ich den Scan erst am nächsten Wochenende wird ausführen können. Werde dann wieder posten. Besten Dank ! Emiliano |
|
| Themen zu filelist.bat und windows version |
| folge, folgendes, lösung, meldung, problem, supported, version, vista, windows |
Linear-Darstellung
