| HaraldHH | 07.07.2012 01:19 |
GVU Trojaner und jetzt?
Hallo zusammen,
jetzt hat es mich auch erwischt. Die Webseite von der "GVU" mit der Zahlungsaufforderung habe ich erhalten. Der Taskmanager spricht nicht mehr
an. Ich habe mit abgesicherten Modus gestartet und es geschafft, den McAfee-Scan zu starten. Der vollständig Scan hat folgende Meldung gebracht:
Viren/Trojaner und Cokkies isoliert. Generic Exploit!pzm GE39c72b-39b899223 C:\Users\Home2\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\6e39c72b-39b89923 wurd isoliert.
Leider hat diese Maßmahme nicht den erhofften Erfolg gebracht.
Anschließend habe ich mehrfach das Sytem mit und ohne F8 gestartet und auch tatsächlich geschafft, dasSystem aufrecht zu erhalten. So konnte ich OLT + Anti-Malware laufen lassen.
Systen: Windows 7, 64 Bit, Anitivirs: McAfee
Nachfolgend die Malwareergebnisse:
Spyware.Zbot.DG File
Spyware.Zbot.DG Memory Module Code:
OTL logfile created on: 06.07.2012 22:48:13 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Home2\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,99 Gb Total Physical Memory | 4,11 Gb Available Physical Memory | 68,58% Memory free
11,98 Gb Paging File | 9,37 Gb Available in Paging File | 78,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1387,07 Gb Total Space | 1288,85 Gb Free Space | 92,92% Space Free | Partition Type: NTFS
Drive D: | 200,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive J: | 465,76 Gb Total Space | 81,64 Gb Free Space | 17,53% Space Free | Partition Type: NTFS
Computer Name: HOME2-PC | User Name: Home2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Home2\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
PRC - C:\Program Files (x86)\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
PRC - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - c:\xampp\mysql\bin\mysqld.exe ()
PRC - C:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
PRC - c:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
PRC - C:\Windows\SysWOW64\Ctxfihlp.exe (Creative Technology Ltd)
PRC - C:\Windows\SysWOW64\CTxfispi.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe (Expert System S.p.A.)
PRC - C:\Program Files (x86)\Duden\Duden-Bibliothek\dudenbib.exe (Bibliographisches Institut GmbH)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch Frühjahr 2010\kstart32.EXE (telegate MEDIA AG)
PRC - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
PRC - C:\Program Files (x86)\Nuance\PDF Create! 6\PdfCreate6Hook.exe (Nuance Communications, Inc.)
PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe ()
PRC - C:\Program Files (x86)\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe (Sonic Solutions)
PRC - C:\Program Files (x86)\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe (Sonic Solutions)
========== Modules (No Company Name) ==========
MOD - C:\Users\Home2\AppData\Local\Temp\glom0_og.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\761fd1afc17f11bf6d49c3a7d16465ca\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Program Files (x86)\Duden\Duden Korrektor\MBControls.dll ()
MOD - c:\Programme\McAfee\MSK\mskapbho.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll ()
MOD - C:\program files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll ()
MOD - C:\Windows\SysWOW64\CTXFIGER.DLL ()
MOD - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
MOD - C:\Windows\SysWOW64\APOMngr.DLL ()
MOD - C:\Windows\SysWOW64\CmdRtr.DLL ()
MOD - C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe ()
MOD - C:\Windows\SysWOW64\HLINKPRX.DLL ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE ()
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (mfevtp) -- C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV - (StarMoney 8.0 OnlineUpdate) -- C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
SRV - (StarMoney 7.0 OnlineUpdate) -- C:\Program Files (x86)\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (mysql) -- c:\xampp\mysql\bin\mysqld.exe ()
SRV - (Apache2.2) -- c:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (AdobeActiveFileMonitor8.0) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (RoxMediaDB10) -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (RoxLiveShare) -- C:\Program Files (x86)\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe (Sonic Solutions)
SRV - (RoxMediaDB) -- C:\Program Files (x86)\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe (Sonic Solutions)
SRV - (RoxWatch) -- C:\Program Files (x86)\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe (Sonic Solutions)
SRV - (RoxUPnPRenderer) -- C:\Program Files (x86)\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe (Sonic Solutions)
SRV - (RoxUpnpServer) -- C:\Program Files (x86)\Roxio\Digital Home 8\RoxUpnpServer.exe (Sonic Solutions)
========== Driver Services (SafeList) ==========
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:64bit: - (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273) -- C:\Windows\SysNative\drivers\tdrpm273.sys (Acronis)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (dc3d) MS Hardware Device Detection Driver (USB) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (ha20x22k) -- C:\Windows\SysNative\drivers\ha20x22k.sys (Creative Technology Ltd)
DRV:64bit: - (ha20x2k) -- C:\Windows\SysNative\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV:64bit: - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd)
DRV:64bit: - (CTEXFIFX.SYS) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTEXFIFX) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT.SYS) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT.SYS) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (acedrv11) -- C:\Windows\SysNative\drivers\acedrv11.sys (Protect Software GmbH)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (vpcuxd) -- C:\Windows\SysNative\drivers\vpcuxd.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (RxFilter) -- C:\Windows\SysNative\drivers\RxFilter.sys (Sonic Solutions)
DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (DFUBTUSB) -- C:\Windows\SysNative\drivers\frmupgr.sys (Broadcom Corporation.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (RxFilter) -- C:\Windows\SysWOW64\drivers\RxFilter.sys (Sonic Solutions)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0D373E36-5D79-49FA-A10D-145F98B0AE6C}
IE:64bit: - HKLM\..\SearchScopes\{0D373E36-5D79-49FA-A10D-145F98B0AE6C}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\prxtbElf_.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{51349ADB-FB3D-47C7-B6BA-C5307B322DC5}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2856415
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\prxtbElf_.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_def&AF=10588
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2856415
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/home"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: ietab@ip.cn:1.95.20100933
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.7.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.2b
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.2.0
FF - prefs.js..extensions.enabledItems: plugin@yontoo.com:1.20.00
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=adbartrp&mntrId=34908e13000000000000904ce5303a63&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Users\Home2\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Home2\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Home2\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012.07.02 10:42:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.30 19:25:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.06.30 19:25:25 | 000,000,000 | ---D | M]
[2010.03.15 22:57:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home2\AppData\Roaming\mozilla\Extensions
[2012.04.12 16:51:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home2\AppData\Roaming\mozilla\Firefox\Profiles\hsp7vlg4.default\extensions
[2011.06.19 18:01:22 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Home2\AppData\Roaming\mozilla\Firefox\Profiles\hsp7vlg4.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2012.02.10 13:44:27 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Home2\AppData\Roaming\mozilla\Firefox\Profiles\hsp7vlg4.default\extensions\ffxtlbr@babylon.com
[2011.06.25 23:10:28 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\Home2\AppData\Roaming\mozilla\Firefox\Profiles\hsp7vlg4.default\extensions\firebug@software.joehewitt.com
[2011.01.29 15:41:31 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Users\Home2\AppData\Roaming\mozilla\Firefox\Profiles\hsp7vlg4.default\extensions\ietab@ip.cn
[2012.02.10 13:32:34 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Home2\AppData\Roaming\mozilla\Firefox\Profiles\hsp7vlg4.default\extensions\plugin@yontoo.com
[2012.06.30 19:25:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.06.15 00:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.05.31 20:32:58 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012.03.01 13:16:57 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.10 13:44:26 | 000,002,275 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_def&mntrId=34908e13000000000000904ce5303a63
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Home2\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\Home2\AppData\Local\Google\Chrome\Application\18.0.1025.168\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Home2\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Home2\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Protect Disc License Acquisition Plugin (Enabled) = C:\Users\Home2\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Home2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Home2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\Home2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google-Suche = C:\Users\Home2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Yontoo = C:\Users\Home2\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.1_0\
CHR - Extension: Yontoo = C:\Users\Home2\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\
CHR - Extension: Google Mail = C:\Users\Home2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
CHR - Extension: Google Mail = C:\Users\Home2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20120626234901.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Elf 1 Toolbar) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\prxtbElf_.dll (Conduit Ltd.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120701162754.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (ZeonIEEventHelper Class) - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDF Create! 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Elf 1 Toolbar) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - C:\Program Files (x86)\Elf_1\prxtbElf_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Nuance PDF) - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Create! 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Elf 1 Toolbar) - {22E03916-85C5-44B0-8DC9-1830C11238D9} - C:\Program Files (x86)\Elf_1\prxtbElf_.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent File not found
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Nuance PDF Create! 6-reminder] C:\Program Files (x86)\Nuance\PDF Create! 6\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF6 Registry Controller] C:\Program Files (x86)\Nuance\PDF Create! 6\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Create! 6\pdfcreate6hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SAOB Monitor] C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [Duden Korrektor SysTray] C:\Program Files (x86)\Duden\Duden Korrektor\DKtray.exe (Expert System S.p.A.)
O4 - HKCU..\Run: [PixelPlanet PdfPrinter-Monitor] "C:\Program Files (x86)\PixelPlanet\PdfPrinter 6\PdfPrinterMonitor.exe" File not found
O4:64bit: - HKLM..\RunOnce: [DSUpdateLauncher] c:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\runhstart.bat ()
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - HKLM..\RunOnce: [STToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe ()
O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe (Sonic Solutions)
O4 - Startup: C:\Users\Home2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telefon- und Branchenbuch Frühjahr 2010 - Schnellstarter.lnk = C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch Frühjahr 2010\kstart32.EXE (telegate MEDIA AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Nuance\PDF Create! 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Inhalt der ausgewählten Links an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Nuance\PDF Create! 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Linkinhalt an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Nuance\PDF Create! 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: PDF-Datei aus Linkinhalt erstellen - C:\Program Files (x86)\Nuance\PDF Create! 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: PDF-Datei erstellen - C:\Program Files (x86)\Nuance\PDF Create! 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8:64bit: - Extra context menu item: PDF-Dateien aus den ausgewählten Links erstellen - C:\Program Files (x86)\Nuance\PDF Create! 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Nuance\PDF Create! 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Inhalt der ausgewählten Links an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Nuance\PDF Create! 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Linkinhalt an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Nuance\PDF Create! 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: PDF-Datei aus Linkinhalt erstellen - C:\Program Files (x86)\Nuance\PDF Create! 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: PDF-Datei erstellen - C:\Program Files (x86)\Nuance\PDF Create! 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O8 - Extra context menu item: PDF-Dateien aus den ausgewählten Links erstellen - C:\Program Files (x86)\Nuance\PDF Create! 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dyndns.org ([sanktpetri] https in Trusted sites)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553530000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4AFDC60-62B8-4548-82F2-72B1ED4E05B8}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DFFDD980-D70A-4713-A74F-9AB14F97CAA6}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{605960f1-f2c9-11de-9c04-002564e9a1b5}\Shell - "" = AutoRun
O33 - MountPoints2\{605960f1-f2c9-11de-9c04-002564e9a1b5}\Shell\AutoRun\command - "" = I:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.07.06 22:45:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.06.30 19:25:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.06.30 19:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.06.30 19:12:51 | 000,000,000 | ---D | C] -- C:\Users\Home2\AppData\Local\Macromedia
[2012.06.25 18:41:04 | 000,000,000 | ---D | C] -- C:\TEMP
[2012.06.24 17:44:03 | 000,000,000 | ---D | C] -- C:\Users\Home2\Documents\HMSP2013
[2012.06.23 12:17:51 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.23 12:17:51 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.06.23 12:17:51 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.23 12:16:30 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.06.23 12:16:30 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.06.23 12:16:30 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.06.23 12:16:03 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.06.23 12:16:03 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.06.14 00:29:28 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.06.14 00:29:28 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.06.14 00:29:28 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.06.14 00:29:27 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.06.14 00:29:26 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.06.14 00:29:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.06.14 00:29:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.06.14 00:29:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.06.14 00:29:23 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.06.14 00:29:23 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.06.14 00:29:23 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.06.14 00:29:23 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.06.14 00:29:22 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.06.13 18:17:17 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.06.13 18:17:08 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.06.13 18:17:06 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.06.13 18:17:04 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.06.13 18:17:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.06.13 18:17:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.06.13 18:16:45 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.06.13 18:16:36 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.06.13 18:16:31 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.06.12 15:41:55 | 000,000,000 | ---D | C] -- C:\Buch
[2012.06.08 12:42:52 | 000,000,000 | ---D | C] -- C:\Users\Home2\Documents\Access2010_BHV
[2010.01.05 18:12:58 | 008,656,832 | ---- | C] (Dell, Inc. ) -- C:\Users\Home2\AppData\Roaming\DataSafeDotNet.exe
[3 C:\Users\Home2\Documents\*.tmp files -> C:\Users\Home2\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.06 22:56:46 | 004,503,728 | ---- | M] () -- C:\ProgramData\go_0molg.pad
[2012.07.06 22:51:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2855445283-1414569937-4144548128-1003UA.job
[2012.07.06 22:51:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.06 22:48:12 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.06 22:48:12 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.06 22:43:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.06 22:40:49 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.06 22:40:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.06 22:40:28 | 529,883,135 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.06 19:58:35 | 000,062,308 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000004-00000000-00000000-00001102-0000000B-00441102}.rfx
[2012.07.06 19:58:35 | 000,062,308 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000004-00000000-00000000-00001102-0000000B-00441102}.rfx
[2012.07.06 19:58:35 | 000,000,820 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000004-00000000-00000000-00001102-0000000B-00441102}.rfx
[2012.07.06 16:22:54 | 000,001,887 | ---- | M] () -- C:\Users\Home2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.07.06 09:51:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2855445283-1414569937-4144548128-1003Core.job
[2012.07.04 18:28:36 | 004,378,624 | ---- | M] () -- C:\Users\Home2\Documents\Nordwind3.accdb
[2012.07.03 18:32:11 | 001,800,940 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.03 18:32:11 | 000,770,342 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.03 18:32:11 | 000,711,756 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.03 18:32:11 | 000,178,750 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.03 18:32:11 | 000,144,700 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.30 19:25:34 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.30 18:55:00 | 000,002,405 | ---- | M] () -- C:\Users\Home2\Desktop\Google Chrome.lnk
[2012.06.30 15:57:35 | 004,304,896 | ---- | M] () -- C:\Users\Home2\Documents\Northwind 2007.accdb
[2012.06.30 15:56:27 | 002,752,512 | ---- | M] () -- C:\Users\Home2\Documents\Marketingprojekte.accdb
[2012.06.30 15:54:52 | 004,161,536 | ---- | M] () -- C:\Users\Home2\Documents\Gemeinnützige Spenden-Webdatenbank.accdb
[2012.06.30 15:54:33 | 003,305,472 | ---- | M] () -- C:\Users\Home2\Documents\Gemeinnützige Spenden.accdb
[2012.06.30 14:39:23 | 000,925,696 | ---- | M] () -- C:\Users\Home2\Documents\Institut.accdb
[2012.06.30 14:37:18 | 002,564,096 | ---- | M] () -- C:\Users\Home2\Documents\Projekte.accdb
[2012.06.30 14:36:39 | 001,642,496 | ---- | M] () -- C:\Users\Home2\Documents\Probleme2.accdb
[2012.06.30 14:13:58 | 001,191,936 | ---- | M] () -- C:\Users\Home2\Documents\Aufgaben3.accdb
[2012.06.30 14:10:29 | 004,403,200 | ---- | M] () -- C:\Users\Home2\Documents\Nordwind2.accdb
[2012.06.25 19:09:08 | 000,001,804 | ---- | M] () -- C:\Users\Home2\Desktop\Adressdatenverwaltung2010.accdb - Verknüpfung.lnk
[2012.06.23 21:51:13 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.23 21:51:13 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.06.23 15:20:44 | 000,770,048 | ---- | M] () -- C:\Users\Home2\Documents\CreaKombi.accdb
[2012.06.21 17:45:27 | 001,581,056 | ---- | M] () -- C:\Users\Home2\Documents\Kontakte2.accdb
[2012.06.18 17:55:52 | 000,897,024 | ---- | M] () -- C:\Users\Home2\Documents\Lieferantensuche97-2.accdb
[2012.06.18 16:54:54 | 000,692,224 | ---- | M] () -- C:\Users\Home2\Documents\CreaKombi2.accdb
[2012.06.16 21:31:53 | 000,442,368 | ---- | M] () -- C:\Users\Home2\Documents\Benutzerverwaltung97.accdb
[2012.06.16 19:20:50 | 000,688,128 | ---- | M] () -- C:\Users\Home2\Documents\CreaKombi1.accdb
[2012.06.16 18:48:26 | 000,212,992 | ---- | M] () -- C:\Users\Home2\Documents\OptTest.mdb
[2012.06.14 14:22:30 | 000,482,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.13 14:48:22 | 000,000,406 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012.06.08 11:27:42 | 002,760,704 | ---- | M] () -- C:\Users\Home2\Documents\Database2.accdb
[2012.06.08 11:22:28 | 002,830,336 | ---- | M] () -- C:\Users\Home2\Documents\Gemeinnützige Spenden4.accdb
[3 C:\Users\Home2\Documents\*.tmp files -> C:\Users\Home2\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.06 16:22:54 | 004,503,728 | ---- | C] () -- C:\ProgramData\go_0molg.pad
[2012.07.06 16:22:54 | 000,001,887 | ---- | C] () -- C:\Users\Home2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.07.04 18:26:17 | 004,378,624 | ---- | C] () -- C:\Users\Home2\Documents\Nordwind3.accdb
[2012.06.30 19:25:34 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.06.30 14:38:41 | 000,925,696 | ---- | C] () -- C:\Users\Home2\Documents\Institut.accdb
[2012.06.30 14:36:52 | 002,564,096 | ---- | C] () -- C:\Users\Home2\Documents\Projekte.accdb
[2012.06.30 14:31:15 | 001,642,496 | ---- | C] () -- C:\Users\Home2\Documents\Probleme2.accdb
[2012.06.30 14:10:48 | 001,191,936 | ---- | C] () -- C:\Users\Home2\Documents\Aufgaben3.accdb
[2012.06.30 14:00:49 | 004,403,200 | ---- | C] () -- C:\Users\Home2\Documents\Nordwind2.accdb
[2012.06.25 19:06:31 | 000,001,804 | ---- | C] () -- C:\Users\Home2\Desktop\Adressdatenverwaltung2010.accdb - Verknüpfung.lnk
[2012.06.21 17:44:12 | 001,581,056 | ---- | C] () -- C:\Users\Home2\Documents\Kontakte2.accdb
[2012.06.18 17:50:32 | 000,897,024 | ---- | C] () -- C:\Users\Home2\Documents\Lieferantensuche97-2.accdb
[2012.06.18 16:54:03 | 000,692,224 | ---- | C] () -- C:\Users\Home2\Documents\CreaKombi2.accdb
[2012.06.16 19:20:10 | 000,688,128 | ---- | C] () -- C:\Users\Home2\Documents\CreaKombi1.accdb
[2012.06.10 12:58:23 | 000,770,048 | ---- | C] () -- C:\Users\Home2\Documents\CreaKombi.accdb
[2012.06.08 11:23:40 | 002,760,704 | ---- | C] () -- C:\Users\Home2\Documents\Database2.accdb
[2012.06.08 11:22:47 | 002,752,512 | ---- | C] () -- C:\Users\Home2\Documents\Marketingprojekte.accdb
[2012.06.08 11:21:29 | 002,830,336 | ---- | C] () -- C:\Users\Home2\Documents\Gemeinnützige Spenden4.accdb
[2012.04.18 23:07:46 | 000,003,584 | ---- | C] () -- C:\Users\Home2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.19 14:21:58 | 000,008,192 | ---- | C] () -- C:\Users\Home2\AppData\Roaming\DMX.bmk
[2011.11.19 14:20:03 | 000,000,093 | ---- | C] () -- C:\Users\Home2\AppData\Local\fusioncache.dat
[2011.10.21 18:16:54 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\Wrkgadm.exe
[2011.01.13 17:13:23 | 000,009,097 | ---- | C] () -- C:\Windows\DirPrintOK.ini
[2010.10.20 11:44:08 | 000,446,464 | ---- | C] () -- C:\Windows\SysWow64\Tx32.dll
[2010.10.20 11:44:08 | 000,000,151 | ---- | C] () -- C:\Windows\SysWow64\ic32.ini
[2010.09.15 11:49:28 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.08.21 14:59:46 | 000,002,585 | ---- | C] () -- C:\Windows\Uileitz.INI
[2010.08.21 13:35:33 | 000,000,302 | ---- | C] () -- C:\Windows\lpp32.ini
[2010.08.21 13:25:13 | 000,000,051 | ---- | C] () -- C:\Windows\NetEasyPrint_Server_Demo.ini
[2010.08.21 13:25:10 | 000,058,910 | ---- | C] () -- C:\Windows\uinst32etzsd.ini
[2010.08.21 13:25:02 | 000,000,030 | ---- | C] () -- C:\Windows\m_s.ini
[2010.08.12 22:14:11 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2010.04.06 00:06:06 | 000,007,666 | ---- | C] () -- C:\Users\Home2\AppData\Local\Resmon.ResmonCfg
[2010.03.24 12:29:32 | 000,000,406 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.01.15 23:06:41 | 000,000,760 | ---- | C] () -- C:\Users\Home2\AppData\Roaming\setup_ldm.iss
========== LOP Check ==========
[2011.05.18 12:27:09 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\0126897F-D2F4-4FFA-BCDE-A9183300CB3D
[2011.01.27 13:09:47 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\67ED2350-3659-4781-8F9E-EC74F2D6811F
[2011.09.25 10:49:21 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\938AE64A-0A39-4E80-A227-70A147B42D15
[2010.09.18 17:42:05 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\AC9AC5A4-6092-4A4A-8831-837180105E05
[2011.09.25 11:00:16 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\Acronis
[2011.11.10 19:58:28 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\AquaSoft
[2010.06.03 10:58:11 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\Avery
[2010.08.13 13:14:25 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\CAD-KAS
[2012.01.28 17:40:26 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\Canon
[2010.10.31 18:30:17 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\Duden
[2012.02.10 13:35:36 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\IrfanView
[2010.03.12 19:25:35 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\klickTel
[2010.01.15 23:06:47 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\Leadertech
[2012.02.24 13:27:45 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\LogoMaker
[2010.06.29 08:19:10 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\Nuance
[2011.01.31 16:07:40 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\Opera
[2010.05.30 16:59:55 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\PixelPlanet
[2010.10.20 12:07:58 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\ProtectDisc
[2010.07.16 19:32:13 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\Sigel
[2012.05.31 14:13:43 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\SmartTools
[2010.03.25 19:47:45 | 000,000,000 | ---D | M] -- C:\Users\Home2\AppData\Roaming\Zeon
[2012.06.26 21:16:31 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Word-Privat:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\WebProf:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Test-Datenbanken:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Spenderessen2011:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Seminare_2Halbjahr2011:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Seminare_20062011:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Privat:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Petri-Zuwendungsverwaltung:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\PdfGrabber:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\PDF-Favoriten:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\PDF_Dokumente:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Outlook-Dateien:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\OneNote-Notizbücher:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\ÖffentlichSeminare2010_Temporär:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\ÖffentlicheSeminare2012:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\ÖffentlicheSeminare2011:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\ÖffentlicheSeminare2010_alt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\ÖffentlicheSeminare2010:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\My Albums:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Meine Websites:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\LogoMaker:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Klub Q:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\HmspZusammenstellungaus2010_2011:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\HMSP2013:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\HMSP2012_2HJ:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Hmsp2012_03112011:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\HMSP2012:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Hmsp2011:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Hmsp_Sept2010:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Hmsp_Herbst2011:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Helferdatei:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\HD-BSZ_21062011:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\HD-BSZ_12082011:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\HD-BSZ_11012011:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\HD-BSZ:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\FlyerSeminar2012:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Entwurf_Jahresbericht:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\EinstiegCSS:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Eigene Datenquellen:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\diashow1.mpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\diashow.mpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Desktopablegen:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\CSS_Website:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\css_pur:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\BSZ-WORD:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\BSZ-Statistik:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\BSZ-Logos:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\BSZ-Fahrtkosten:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\BSZ-Fachberatung:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\BSZ_Website_Bilder:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\BSZ_Veranstaltungen:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\BSZ_Umstellung2010:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\BSZ_EXCEL:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\BSZ:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Bildungsspender:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\belkin:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Ausstellung-Zuhoeren-St-Petri-e-mail.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\AccessBasics:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Access2010_VBA:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Access2010_Trainingsbuch:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Access2010_Programmierung:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Access2010_Kulpa:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Access2010_DB_entwickeln:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Access2010_BHV:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\Access2010_Basis:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\2011:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Home2\Documents\01022012:Roxio EMC Stream
@Alternate Data Stream - 240 bytes -> C:\ProgramData\TEMP:07C8C7C8
< End of report >
Code:
OTL Extras logfile created on: 07.07.2012 00:28:26 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Home2\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,99 Gb Total Physical Memory | 4,21 Gb Available Physical Memory | 70,24% Memory free
11,98 Gb Paging File | 9,10 Gb Available in Paging File | 75,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1387,07 Gb Total Space | 1288,83 Gb Free Space | 92,92% Space Free | Partition Type: NTFS
Drive J: | 465,76 Gb Total Space | 81,64 Gb Free Space | 17,53% Space Free | Partition Type: NTFS
Computer Name: HOME2-PC | User Name: Home2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E7FFFF-727F-4BFA-8B15-4C26CC8F1F8C}" = lport=139 | protocol=6 | dir=in | app=system |
"{08496CAE-732A-4CAA-A691-866B52C293A0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0EA52B19-2726-4B75-B653-D436B5ED08ED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{27500981-4395-4BF8-9E90-952F7324C059}" = lport=445 | protocol=6 | dir=in | app=system |
"{29A2ADF8-CD71-4FD7-8DE9-8F4C0A5E2ABF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3270D079-E467-4620-9D07-D43C7FB87299}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3E0830F9-AD53-4A6B-AF53-0AE41DE0C876}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5ACEC3C6-DAF4-4234-883F-C1C394FEC0C8}" = rport=445 | protocol=6 | dir=out | app=system |
"{7C953E1D-09B5-4704-8C3B-2FF4A75F85FD}" = rport=138 | protocol=17 | dir=out | app=system |
"{8491CF4E-8392-4125-BDFB-B480109BB374}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8B6021CB-FC82-40D8-889F-F2D0AC277750}" = lport=2869 | protocol=6 | dir=in | app=system |
"{95A918D2-537C-410E-9219-0DD90D2EDC75}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{9737F082-F2CE-4651-A84D-346D954FFF42}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9EEAD624-F5FB-46AF-BCD5-F3121A61713D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A5207D60-30E5-4EB6-84A0-C15947ACCBAF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{BB3C72DF-7CEA-4B5F-B911-8DBFBADCF21D}" = lport=138 | protocol=17 | dir=in | app=system |
"{BC914EA2-DE50-4C49-8C17-AA5CA3C2EE19}" = rport=139 | protocol=6 | dir=out | app=system |
"{C2944231-CCCB-4143-862C-745F0401E9D9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C2BCD2BF-D30B-4A39-8368-E4239CFB227D}" = rport=137 | protocol=17 | dir=out | app=system |
"{CA9F267E-20C7-4284-95CC-45121A57A6EB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D16A9DFC-F0A8-468E-9AF7-D0495ED2D9DE}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{DA3615C0-7A5A-4FA6-ABE6-F3E40A533748}" = lport=137 | protocol=17 | dir=in | app=system |
"{DACBA6BB-EFF8-4B7D-83F4-7EB5BD54CB57}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EA91099A-555E-421D-B4CF-303BFF5DF77B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F1ADBA44-3595-4190-B683-324E5E61931A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F7989AED-6CA6-4110-9635-F112CCA300C8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FEC70EA4-F29B-4924-99B7-E57859E4BEC1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05A15342-742E-4B20-A1DB-D01241C815F2}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{0EC4EFFF-7AF7-4038-A9C2-F6D238E9437F}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{0FBAC44C-3F72-4913-85E6-9A39DB30DFCC}" = protocol=17 | dir=in | app=c:\program files (x86)\roxio\digital home 8\roxupnpserver.exe |
"{17C35E02-FF5F-4887-A435-364F4F8B56C2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1E9360B9-E6FB-4ABC-9924-7065409FB5D7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{21EBA9E1-52F2-4494-831A-02C24B560135}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{23F29A2D-79C9-40F8-BF41-6A2B8D853ADF}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{23F6AA5E-A0E6-46CB-8D6F-4E6911548A2C}" = protocol=6 | dir=in | app=c:\program files (x86)\starmoney 8.0\app\starmoney.exe |
"{27FE0DC4-1E19-4D20-9EA9-D509F64509FD}" = protocol=6 | dir=out | app=system |
"{30DAB7CF-DC65-46EF-839F-B8D10BE1390E}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{31E2492F-A5F8-4258-9892-65314B113E34}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{331F90C1-9704-43BC-9177-0EA3C855F456}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{3749C3EE-F20D-4C9F-AE91-34530E9A45EB}" = protocol=6 | dir=in | app=c:\program files (x86)\starmoney 7.0\app\starmoney.exe |
"{405A49D2-5603-4E8C-A5C7-B06F69B413A8}" = protocol=17 | dir=in | app=c:\program files (x86)\starmoney 7.0\ouservice\starmoneyonlineupdate.exe |
"{41D8664A-8545-411A-A4E4-603C5C267F71}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{429BE60A-347F-45BA-B750-72FD8ABA6A4D}" = protocol=6 | dir=in | app=c:\program files (x86)\roxio\digital home 8\roxupnpserver.exe |
"{498E14AB-D9E0-43BD-B2A7-65F3A568B0DF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4A26878C-2DAE-49DC-A2BF-52A277F043E9}" = protocol=17 | dir=in | app=c:\program files (x86)\starmoney 7.0\app\starmoney.exe |
"{4F401F38-A2AB-4345-B3DD-0B33214DD3C7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{517B0BAB-7371-4225-B58F-9242C990981E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{54165524-05E6-403E-BF40-C8CB59C86B32}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{54EE6E2E-032D-4EA8-AE38-67FF7D19B3CA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5599FDCD-C045-4B11-89EE-BD12ACBEE4CC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{595FC0BB-5F03-4CE5-A68E-36C6219084E9}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{671A2183-8029-4A48-9CAF-FF042FFFF11B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6AB7CC49-7480-42C4-BEFF-FAE7C6211B85}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{75A232A5-C4F9-45AB-832E-A8A84E63DE43}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{7F44DEF8-953C-466F-B24F-94DDE3C4B93A}" = protocol=6 | dir=in | app=c:\program files (x86)\starmoney 7.0\ouservice\starmoneyonlineupdate.exe |
"{81F02F20-8F76-4B90-A490-F09F0B55922B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{90903269-1931-4CD9-B129-1AB6AA2D8EC6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{945845C6-6FA3-4C95-99A7-6E472DBB6043}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{94C4570B-E6D7-4ADA-832C-720A217ACF5F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{B5A7DD1C-ED4A-44A4-B738-FB17070BDD99}" = protocol=17 | dir=in | app=c:\program files (x86)\starmoney 8.0\app\starmoney.exe |
"{B73E351A-4DB5-4FA9-A44C-5A77C9933E62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B81A2694-EB74-4A7A-BF5C-A978E5D4EF73}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C09D74ED-9DB4-4A76-AE98-54F3C5FD992E}" = protocol=6 | dir=in | app=c:\program files (x86)\starmoney 8.0\ouservice\starmoneyonlineupdate.exe |
"{C25AB976-782A-4C88-81E6-C4AD172F8048}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{D5EC8AB9-8601-4F4B-8B09-DB9392D11643}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DF08BB4F-15A1-4557-87A8-775A6B6D9ABB}" = protocol=17 | dir=in | app=c:\program files (x86)\starmoney 8.0\ouservice\starmoneyonlineupdate.exe |
"{F0A8A588-8999-43A9-ACFE-90CA46541B1F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FBB1FF65-359D-401B-8619-3AF193D8F8DC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{02AD9D20-03D2-4DE0-8793-E8253026AD86}" = EMCGadgets64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807" = CanoScan LiDE 200 Scanner Driver
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{1FBEA8BA-D40B-48BC-85BC-EE2D5575F27C}" = Microsoft SQL Server VSS Writer
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7C39E0D1-E138-42B1-B083-213EC2CF7692}" = Microsoft SQL Server Native Client
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9035EEAC-E957-467C-89F7-90C48AA26331}" = Nuance PDF Create! 6
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00F0E3D5-D6C8-4997-BB42-7F5784C8586B}" = Roxio Creator 8.2 XE
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Create
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1FCBD504-AB7D-4757-9A14-850348384B08}" = StarMoney
"{20288888-A7AF-4B24-8AEB-398D20CD563C}" = Sound Blaster X-Fi
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2B10F0FA-2BCB-4B08-96FB-BD0788B16564}" = klickTel Telefon- und Branchenbuch Frühjahr 2010
"{2E8ECB58-EE3A-452C-B57E-1B982735F0F2}" = Duden Korrektor PLUS
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3FF8E8A7-5BA8-4D9E-B976-B05B2B00B0AE}" = Microsoft Expression Web 4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D26B533-269B-4C01-B59E-80A6864824A5}" = Microsoft Expression Encoder 4
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy CD and DVD Burning
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5C81B189-5456-40C4-9313-7FE6FA6DD64C}" = Duden-Bibliothek
"{612B5D2E-8084-4102-91DE-24281E4EFB2C}" = Roxio Easy CD and DVD Burning
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{660B9447-5F6A-463E-B2D5-F2EEF9C3EE15}" = Microsoft Access 2010 Interactive Guide DEU
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{837E620D-B93E-4D84-A753-BE1DBEB716B1}" = StarMoney
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86F4B795-EA3D-48BD-ADFA-DA44B39059F9}" = StarMoney
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A4C0D1E-40F9-48DF-A8ED-AC7E60A5DDCA}" = StarMoney 7.0
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FD0F94D-4594-48A0-BE99-5265367603D8}" = Microsoft Expression Design 4
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}" = Multimedia Card Reader
"{9FFC4C2D-374D-482B-AA58-67282CE23695}" = AquaSoft DiaShow 7 Premium
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Intel(R) Programm für die Prozessorerkennung
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.1 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2F2B987-F2BC-4969-95F2-92099486B811}" = StarMoney
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F21D2032-60FE-4729-9C87-46F1615FB965}" = Microsoft Expression Encoder 4 Screen Capture Codec
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5993FCC-DF5D-4879-B70D-AA1F379C5C6B}" = Microsoft Expression Web 4 Service Pack 2
"{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"{FD66E9A0-54C8-4F01-B5C7-9EF9716541AE}" = StarMoney 8.0
"{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Advanced PDF-to-Word 1.0" = Advanced PDF-to-Word 1.0
"AquaSoft DiaShow 7 Premium" = AquaSoft DiaShow 7 Premium
"AudioCS" = Creative Audio-Systemsteuerung
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"BabylonToolbar" = Babylon toolbar on IE
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"conduitEngine" = Conduit Engine
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"Design_7.0.20516.0" = Microsoft Expression Design 4
"DirPrintOK" = DirPrintOK
"Dolby Digital Live Pack" = Dolby Digital Live Pack
"Elf_1 Toolbar" = Elf 1 Toolbar
"Encoder_4.0.1651.0" = Microsoft Expression Encoder 4
"GPL Ghostscript 9.05" = GPL Ghostscript
"InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}" = Multimedia Card Reader
"InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"IrfanView" = IrfanView (remove only)
"LogoMaker_is1" = LogoMaker 4.0
"Microsoft Access 2002 VBA SFS-Übungsdateien" = Microsoft Access 2002 VBA SFS-Übungsdateien
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"MSC" = McAfee SecurityCenter
"Office14.SingleImage" = Microsoft Office Professional 2010
"OpenAL" = OpenAL
"Opera 11.51.1087" = Opera 11.51
"PDF Editor 3" = PDF Editor 3
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PSPad editor_is1" = PSPad editor
"SmartToolsBooklet-Assistentv3.00" = SmartTools Publishing • Word Booklet-Assistent
"SmartToolsClassic Menü 2010, 2007v1.50" = SmartTools Publishing • Word Classic Menü 2010, 2007
"SmartToolsGlobale Suchev1.50" = SmartTools Publishing • Access Globale Suche
"SmartToolsJahresplanv2.00" = SmartTools Publishing • Excel Jahresplan
"SmartToolsSecurity Managerv1.00" = SmartTools Publishing • Access Security Manager
"SmartToolsSerienmailerv2.02" = SmartTools Publishing • Word Serienmailer
"SmartToolsZahl in Wortenv2.50" = SmartTools Publishing • Access Zahl in Worten
"Techinfo Doppelte Datensätze" = Techinfo Doppelte Datensätze
"TSPCzwei" = TSPCzwei
"Web_4.0.1303.0" = Microsoft Expression Web 4
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"xampp" = XAMPP 1.7.4
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Access Berater Suchen-AddIn" = Access Berater Suchen-AddIn
"Access_aktuell · Beispieldatenbank 'Mehrfachauswahl' (FFC)" = Access_aktuell · Beispieldatenbank 'Mehrfachauswahl' (FFC)
"Access_aktuell · Beispieldatenbank 'Word Office Automation' (FCB)" = Access_aktuell · Beispieldatenbank 'Word Office Automation' (FCB)
"Google Chrome" = Google Chrome
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 03.07.2012 11:58:39 | Computer Name = Home2-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 9.0.8112.16446,
Zeitstempel: 0x4fb57c8f Name des fehlerhaften Moduls: YontooIEClient.dll, Version:
1.10.1.0, Zeitstempel: 0x4ee16049 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001e37b
ID
des fehlerhaften Prozesses: 0x1b74 Startzeit der fehlerhaften Anwendung: 0x01cd5934b40cb8ca
Pfad
der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Yontoo\YontooIEClient.dll Berichtskennung:
f3c9b527-c527-11e1-994f-002564e9a1b5
Error - 03.07.2012 13:59:56 | Computer Name = Home2-PC | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Duden\Duden Korrektor\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei
"C:\Program Files (x86)\Duden\Duden Korrektor\adxloader.dll.Manifest" in Zeile
2. Das Stammelement der Manifestdatei muss assembliert sein.
Error - 03.07.2012 14:01:59 | Computer Name = Home2-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 04.07.2012 03:31:34 | Computer Name = Home2-PC | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Duden\Duden Korrektor\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei
"C:\Program Files (x86)\Duden\Duden Korrektor\adxloader.dll.Manifest" in Zeile
2. Das Stammelement der Manifestdatei muss assembliert sein.
Error - 04.07.2012 03:36:32 | Computer Name = Home2-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 05.07.2012 03:43:16 | Computer Name = Home2-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16446,
Zeitstempel: 0x4fb57c8f Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x77b31264 ID des fehlerhaften
Prozesses: 0x1ad0 Startzeit der fehlerhaften Anwendung: 0x01cd5a81d4f0c6b0 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 14694962-c675-11e1-9cc9-002564e9a1b5
Error - 05.07.2012 07:24:43 | Computer Name = Home2-PC | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Duden\Duden Korrektor\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei
"C:\Program Files (x86)\Duden\Duden Korrektor\adxloader.dll.Manifest" in Zeile
2. Das Stammelement der Manifestdatei muss assembliert sein.
Error - 05.07.2012 07:29:10 | Computer Name = Home2-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 06.07.2012 05:50:43 | Computer Name = Home2-PC | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Duden\Duden Korrektor\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei
"C:\Program Files (x86)\Duden\Duden Korrektor\adxloader.dll.Manifest" in Zeile
2. Das Stammelement der Manifestdatei muss assembliert sein.
Error - 06.07.2012 05:57:18 | Computer Name = Home2-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16446,
Zeitstempel: 0x4fb57c8f Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc00000fd Fehleroffset: 0x74ede2d4 ID des fehlerhaften
Prozesses: 0x4bc Startzeit der fehlerhaften Anwendung: 0x01cd5b5db93d03ba Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: f811df3e-c750-11e1-9129-002564e9a1b5
[ Broadcom Wireless LAN Events ]
Error - 28.04.2012 03:12:52 | Computer Name = Home2-PC | Source = WLAN-Tray | ID = 0
Description = 09:12:48, Sat, Apr 28, 12 Error - Unable to gain access to user store
Error - 30.04.2012 12:09:29 | Computer Name = Home2-PC | Source = WLAN-Tray | ID = 0
Description = 18:09:27, Mon, Apr 30, 12 Error - Unable to gain access to user store
Error - 01.05.2012 02:41:05 | Computer Name = Home2-PC | Source = WLAN-Tray | ID = 0
Description = 08:41:05, Tue, May 01, 12 Error - Unable to gain access to user store
Error - 09.06.2012 07:34:05 | Computer Name = Home2-PC | Source = WLAN-Tray | ID = 0
Description = 13:34:05, Sat, Jun 09, 12 Error - Unable to gain access to user store
Error - 12.06.2012 02:34:52 | Computer Name = Home2-PC | Source = WLAN-Tray | ID = 0
Description = 08:34:48, Tue, Jun 12, 12 Error - Unable to gain access to user store
[ Media Center Events ]
Error - 02.01.2012 08:11:45 | Computer Name = Home2-PC | Source = MCUpdate | ID = 0
Description = 13:11:44 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
Error - 02.01.2012 08:11:49 | Computer Name = Home2-PC | Source = MCUpdate | ID = 0
Description = 13:11:45 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
Error - 02.01.2012 14:18:48 | Computer Name = Home2-PC | Source = MCUpdate | ID = 0
Description = 19:18:48 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
Error - 02.01.2012 14:18:50 | Computer Name = Home2-PC | Source = MCUpdate | ID = 0
Description = 19:18:49 - MCESpotlight konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
Error - 02.01.2012 14:18:51 | Computer Name = Home2-PC | Source = MCUpdate | ID = 0
Description = 19:18:51 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
Error - 02.01.2012 14:18:55 | Computer Name = Home2-PC | Source = MCUpdate | ID = 0
Description = 19:18:52 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
Error - 02.01.2012 15:22:10 | Computer Name = Home2-PC | Source = MCUpdate | ID = 0
Description = 20:22:10 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
Error - 02.01.2012 15:22:11 | Computer Name = Home2-PC | Source = MCUpdate | ID = 0
Description = 20:22:11 - MCESpotlight konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
Error - 02.01.2012 15:22:12 | Computer Name = Home2-PC | Source = MCUpdate | ID = 0
Description = 20:22:12 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
Error - 02.01.2012 15:22:14 | Computer Name = Home2-PC | Source = MCUpdate | ID = 0
Description = 20:22:13 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
[ System Events ]
Error - 06.07.2012 15:39:11 | Computer Name = Home2-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 06.07.2012 15:40:03 | Computer Name = Home2-PC | Source = DCOM | ID = 10005
Description =
Error - 06.07.2012 15:40:38 | Computer Name = Home2-PC | Source = DCOM | ID = 10005
Description =
Error - 06.07.2012 15:41:09 | Computer Name = Home2-PC | Source = DCOM | ID = 10005
Description =
Error - 06.07.2012 15:44:06 | Computer Name = Home2-PC | Source = DCOM | ID = 10005
Description =
Error - 06.07.2012 15:47:01 | Computer Name = Home2-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 06.07.2012 16:19:01 | Computer Name = Home2-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 06.07.2012 16:40:43 | Computer Name = Home2-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SessionLauncher" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 06.07.2012 16:41:08 | Computer Name = Home2-PC | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 06.07.2012 16:41:08 | Computer Name = Home2-PC | Source = VDS Basic Provider | ID = 33554433
Description =
< End of report >
Ich bin nun nicht der Systemspezialist und möchte daher nicht Dinge tun, die sich im nachhinein als falsch herausstellen.
Deshalb bin ich sehr dankbar, wenn ich hier Hilfe erfahren könnte.
Vielen Dank und Grüße
Harald |
