| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows Betriebssystem blockiert-50€ Strafe Kritische Grenze Bitte um eure Hilfe Danke :)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.01.2012, 13:46
| #1 |
| |  Windows Betriebssystem blockiert-50€ Strafe Kritische Grenze Bitte um eure Hilfe Danke :) Hej Hej, liebe Freunde! Ich bin auch Opfer des bekannten 50€ Viruses mit folgender Meldung und Sperrung des Betriebssystems geworden: Durch das Besuchen von Seiten mit infizierten und pornografischen Inhalten ist das Computersystem an eine kritische Grenze getreten, nach der das System zusammenbrechen und die ganzen Dateien verloren gehen können. Um das System wiederherstellen zu können, müssen Sie ein zusätzliches Sicherheitsuptade herunterladen. Dieses Update ist ein kostenpflichtiges upgrade für besonders infizierte Windowssysteme. Es beschützt das System vollständig von Virus und Schadprogrammen, stabilisiert Ihr Computersystem und verhindert den Datenverlust Ich war schonmal so frei und haben den Quickscan dper Oldtimer gemacht hier die Daten: 1: Otl txt. OTL logfile created on: 22.01.2012 13:24:21 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Seppel\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 80,02% Memory free 4,00 Gb Paging File | 3,62 Gb Available in Paging File | 90,65% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 74,52 Gb Total Space | 1,47 Gb Free Space | 1,97% Space Free | Partition Type: NTFS Drive D: | 67,69 Gb Total Space | 64,49 Gb Free Space | 95,28% Space Free | Partition Type: NTFS Drive J: | 3,73 Gb Total Space | 0,00 Gb Free Space | 0,13% Space Free | Partition Type: FAT32 Computer Name: SEPPEL´S-PC | User Name: Seppel | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.01.22 13:20:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Seppel\Downloads\OTL.exe PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe ========== Modules (No Company Name) ========== MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ========== Win32 Services (SafeList) ========== SRV - [2011.12.14 12:23:32 | 001,514,304 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2011.07.02 15:17:36 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.06.12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2011.06.07 09:07:29 | 002,978,720 | ---- | M] (Emsi Software GmbH) [Auto | Stopped] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2011.04.27 17:25:11 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.02.11 04:34:22 | 000,664,944 | ---- | M] (Juniper Networks) [Auto | Stopped] -- C:\Programme\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService) SRV - [2011.01.12 10:48:49 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.09.06 17:56:38 | 000,247,096 | ---- | M] () [Auto | Stopped] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Stopped] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2009.09.11 11:33:54 | 000,009,216 | ---- | M] (Vodafone) [Auto | Stopped] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService) SRV - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) ========== Driver Services (SafeList) ========== DRV - [2011.12.12 19:31:38 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2011.07.02 15:17:46 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.07.02 15:17:46 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.02.20 20:30:06 | 000,073,728 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc) DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010.09.15 20:15:20 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010.09.05 11:25:22 | 000,041,928 | ---- | M] (Emsi Software GmbH) [File_System | System | Stopped] -- C:\Programme\Emsisoft Anti-Malware\a2dix86.sys -- (a2injectiondriver) DRV - [2010.05.05 08:40:32 | 000,011,776 | ---- | M] (Emsi Software GmbH) [Kernel | System | Stopped] -- C:\Programme\Emsisoft Anti-Malware\a2util32.sys -- (a2util) DRV - [2010.04.10 19:47:32 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dsNcAdpt.sys -- (dsNcAdpt) DRV - [2009.11.12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009.08.18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009.07.13 23:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2009.07.13 23:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009.06.29 16:59:02 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2009.06.29 16:59:02 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake) DRV - [2009.05.11 08:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.04.09 12:38:26 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2008.10.09 12:50:04 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM) DRV - [2007.07.31 02:39:00 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2007.05.25 10:15:16 | 001,743,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2006.11.14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://qip.ru IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.qip.ru/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AD 53 27 08 B1 C7 CA 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Seppel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/" FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 FF - prefs.js..extensions.enabledItems: QipCounter@qip.ru:1.0 FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14 FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101 FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\addon\ [2010.10.27 10:51:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2011.06.25 10:59:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.26 16:12:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.26 16:12:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2011.12.26 16:12:52 | 000,000,000 | ---D | M] [2010.03.19 23:29:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seppel\AppData\Roaming\mozilla\Extensions [2012.01.10 00:19:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seppel\AppData\Roaming\mozilla\Firefox\Profiles\xkffezr1.default\extensions [2010.07.19 12:37:42 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Seppel\AppData\Roaming\mozilla\Firefox\Profiles\xkffezr1.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89} [2012.01.05 16:08:03 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Seppel\AppData\Roaming\mozilla\Firefox\Profiles\xkffezr1.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012.01.09 10:23:47 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Seppel\AppData\Roaming\mozilla\Firefox\Profiles\xkffezr1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.08.28 00:52:45 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Seppel\AppData\Roaming\mozilla\Firefox\Profiles\xkffezr1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.11.13 13:50:07 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Seppel\AppData\Roaming\mozilla\Firefox\Profiles\xkffezr1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010.06.09 09:18:05 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Seppel\AppData\Roaming\mozilla\Firefox\Profiles\xkffezr1.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} [2011.06.01 18:33:16 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Seppel\AppData\Roaming\mozilla\Firefox\Profiles\xkffezr1.default\extensions\DTToolbar@toolbarnet.com [2010.07.19 12:37:57 | 000,000,000 | ---D | M] ("QipCounter") -- C:\Users\Seppel\AppData\Roaming\mozilla\Firefox\Profiles\xkffezr1.default\extensions\QipCounter@qip.ru [2010.05.06 18:12:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seppel\AppData\Roaming\mozilla\Sunbird\Profiles\9kubrrtv.default\extensions [2010.06.10 11:36:13 | 000,000,873 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\conduit.xml [2010.09.15 20:16:00 | 000,002,059 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\daemon-search.xml [2012.01.09 22:07:36 | 000,000,950 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin-1.xml [2011.03.19 16:47:04 | 000,000,950 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin-10.xml [2011.03.21 18:35:49 | 000,000,950 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin-11.xml [2011.04.13 19:26:18 | 000,000,950 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin-12.xml [2011.05.13 21:03:44 | 000,000,950 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin-13.xml [2011.11.10 16:04:41 | 000,000,950 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin-14.xml [2010.09.09 22:19:04 | 000,000,950 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin-2.xml [2010.09.12 15:12:35 | 000,000,950 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin-3.xml [2010.09.22 20:43:46 | 000,000,950 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin-4.xml [2010.10.24 15:26:17 | 000,000,950 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin-5.xml [2010.11.08 17:54:25 | 000,000,950 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin-6.xml [2010.11.09 17:33:24 | 000,000,950 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin-7.xml [2010.11.09 22:32:39 | 000,000,950 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin-8.xml [2011.01.02 18:41:26 | 000,000,950 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin-9.xml [2012.01.04 14:54:58 | 000,000,168 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin.gif [2012.01.04 14:54:58 | 000,000,618 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin.src [2010.05.12 16:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\icqplugin.xml [2011.02.03 11:27:44 | 000,002,062 | ---- | M] () -- C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\Profiles\xkffezr1.default\searchplugins\qip-search.xml [2011.05.29 12:14:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.06.25 10:59:20 | 000,000,000 | ---D | M] (Citavi Picker) -- C:\PROGRAMDATA\SWISS ACADEMIC SOFTWARE\CITAVI PICKER\FIREFOX () (No name found) -- C:\USERS\SEPPEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XKFFEZR1.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI () (No name found) -- C:\USERS\SEPPEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XKFFEZR1.DEFAULT\EXTENSIONS\2020PLAYER@2020TECHNOLOGIES.COM.XPI [2011.05.29 13:38:49 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010.01.13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2011.05.29 13:38:59 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.05.29 13:38:59 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011.05.29 13:38:59 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.05.29 13:38:59 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.05.29 13:38:59 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.05.29 13:38:59 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.01.11 23:50:45 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (QipLI Class) - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\Seppel\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll (TODO: <Company name>) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Seppel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKCU..\Run: [Firefox helper] C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\firefox.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html () O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Free YouTube Download - C:\Users\Seppel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Seppel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA766D94-3628-4B9F-8F06-514C5AC4BD41}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E53DA40E-12E5-4ADE-836C-A72D5CE2BC87}: DhcpNameServer = 139.7.30.126 139.7.30.125 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FE2B44C2-732C-4E0F-AAEB-C3F47C358FEC}: DhcpNameServer = 139.7.30.126 139.7.30.125 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{07b0766b-2178-11e0-ab42-001d609e7e57}\Shell - "" = AutoRun O33 - MountPoints2\{07b0766b-2178-11e0-ab42-001d609e7e57}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{49673f93-c100-11df-a14e-001d609e7e57}\Shell - "" = AutoRun O33 - MountPoints2\{49673f93-c100-11df-a14e-001d609e7e57}\Shell\AutoRun\command - "" = F:\SETUP.EXE O33 - MountPoints2\{49673f93-c100-11df-a14e-001d609e7e57}\Shell\configure\command - "" = F:\SETUP.EXE O33 - MountPoints2\{49673f93-c100-11df-a14e-001d609e7e57}\Shell\install\command - "" = F:\SETUP.EXE O33 - MountPoints2\{9d0a231d-e1a6-11df-9d5e-001d609e7e57}\Shell - "" = AutoRun O33 - MountPoints2\{9d0a231d-e1a6-11df-9d5e-001d609e7e57}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{9d0a23ac-e1a6-11df-9d5e-001d609e7e57}\Shell - "" = AutoRun O33 - MountPoints2\{9d0a23ac-e1a6-11df-9d5e-001d609e7e57}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpReg: FreePDF Assistant - hkey= - key= - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) MsConfig - StartUpReg: ICQ - hkey= - key= - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.) MsConfig - StartUpReg: PDFPrint - hkey= - key= - C:\Programme\pdf24\pdf24.exe (Geek Software GmbH) MsConfig - StartUpReg: SearchSettings - hkey= - key= - File not found CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 30 Days ========== [2012.01.14 10:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.01.14 10:51:05 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.01.14 10:07:01 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011.12.30 01:55:33 | 000,000,000 | ---D | C] -- C:\Users\Seppel\AppData\Roaming\dvdcss [2011.12.27 12:44:21 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2011.12.27 12:44:09 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2011.12.27 12:43:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012 [2011.12.27 12:42:25 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012 [2011.12.27 12:39:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2011.12.26 16:12:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.12.26 16:12:19 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [1 C:\Users\Seppel\Documents\*.tmp files -> C:\Users\Seppel\Documents\*.tmp -> ] [1 C:\Users\Seppel\Desktop\*.tmp files -> C:\Users\Seppel\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.01.22 13:17:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.01.20 22:29:39 | 000,014,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.01.20 22:29:39 | 000,014,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.01.20 15:38:24 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI [2012.01.07 11:06:58 | 000,696,870 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.01.07 11:06:58 | 000,652,148 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.01.07 11:06:58 | 000,148,134 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.01.07 11:06:58 | 000,121,080 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.01.06 18:47:12 | 001,004,681 | ---- | M] () -- C:\Users\Seppel\Desktop\Kartellrecht Fall 7.jpg [2012.01.04 14:40:12 | 001,093,220 | ---- | M] () -- C:\Users\Seppel\Desktop\Social_Media_Hypovereinsabnkpw-1111-sh-2.pdf [2011.12.30 12:35:14 | 003,806,810 | ---- | M] () -- C:\Users\Seppel\Desktop\Memo.m4a [2011.12.27 12:44:00 | 000,002,166 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2011.12.27 12:44:00 | 000,002,146 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk [2011.12.26 16:12:37 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.12.26 16:09:19 | 000,002,479 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk [1 C:\Users\Seppel\Documents\*.tmp files -> C:\Users\Seppel\Documents\*.tmp -> ] [1 C:\Users\Seppel\Desktop\*.tmp files -> C:\Users\Seppel\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.01.06 18:47:06 | 001,004,681 | ---- | C] () -- C:\Users\Seppel\Desktop\Kartellrecht Fall 7.jpg [2012.01.04 14:40:12 | 001,093,220 | ---- | C] () -- C:\Users\Seppel\Desktop\Social_Media_Hypovereinsabnkpw-1111-sh-2.pdf [2011.12.30 12:35:11 | 003,806,810 | ---- | C] () -- C:\Users\Seppel\Desktop\Memo.m4a [2011.12.27 12:44:00 | 000,002,166 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2011.12.27 12:43:59 | 000,002,146 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk [2011.12.27 12:43:57 | 000,002,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk [2011.12.26 16:12:37 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011.12.26 16:09:19 | 000,002,479 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk [2011.11.01 14:41:07 | 000,149,724 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2011.10.14 12:38:44 | 000,000,206 | ---- | C] () -- C:\Windows\System32\MRT.INI [2011.07.12 17:14:11 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2011.05.27 21:23:52 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.02.25 23:24:25 | 001,743,232 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2011.02.25 23:24:24 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2011.01.19 14:34:13 | 000,000,017 | ---- | C] () -- C:\Windows\System32\shortcut_ex.dat [2010.10.26 11:51:07 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010.10.26 11:51:07 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD7010.DAT [2010.09.26 16:36:10 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat [2010.08.04 10:10:42 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe [2010.08.04 10:10:41 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2010.05.15 16:57:48 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2010.04.09 22:04:21 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010.03.19 22:24:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009.07.14 09:47:43 | 000,696,870 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.07.14 09:47:43 | 000,148,134 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 05:33:53 | 000,431,376 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009.07.14 03:05:48 | 000,652,148 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009.07.14 03:05:48 | 000,121,080 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.06.18 19:29:04 | 000,197,654 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2009.06.16 12:25:02 | 000,121,512 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2009.02.18 17:55:22 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe [2009.02.03 20:52:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe [2005.05.06 19:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll ========== LOP Check ========== [2011.04.22 18:46:32 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\4Media [2010.03.19 23:18:28 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\Ashampoo [2010.09.26 22:36:57 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\avidemux [2010.10.27 10:52:47 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\Bytemobile [2010.04.09 22:04:33 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\Canneverbe Limited [2010.09.19 22:41:02 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\DAEMON Tools Lite [2010.08.25 13:31:45 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\de.comdirect.ticker.CD5696F93DD370A1D14916944CB4AC4A409DD315.1 [2011.12.09 16:17:11 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\DVDVideoSoft [2011.11.28 11:31:02 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\DVDVideoSoftIEHelpers [2011.05.09 23:24:22 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\EurekaLog [2010.04.25 20:42:45 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\FAlterSoft [2010.09.26 21:25:22 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\GetRightToGo [2011.12.29 19:04:15 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\ICQ [2010.05.06 11:40:40 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\ImgBurn [2011.10.18 11:54:43 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\Juniper Networks [2010.09.26 22:03:43 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\mkvtoolnix [2010.03.21 18:05:05 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\NVD [2011.01.10 22:38:55 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\OpenOffice.org [2010.09.26 19:33:15 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\PMS [2010.07.19 12:38:06 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\QIP [2011.01.15 11:56:35 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\Raevh [2010.08.03 16:25:33 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\Red Kawa [2010.07.28 11:59:09 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\Regensoft [2011.06.26 19:38:57 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\SoftGrid Client [2010.08.03 11:40:14 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\streamripper [2011.06.25 11:13:17 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\Swiss Academic Software [2010.03.21 12:25:12 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\TeamViewer [2010.03.21 18:05:13 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\TP [2011.12.27 12:43:14 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\TuneUp Software [2010.06.08 23:39:50 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\Uqopux [2010.10.27 10:52:59 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\Vodafone [2011.01.16 19:16:04 | 000,000,000 | ---D | M] -- C:\Users\Seppel\AppData\Roaming\Vodafone Mobile Connect [2012.01.09 00:10:56 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2010.01.10 15:32:02 | 000,000,000 | -H-D | M] -- C:\$AVG [2010.06.22 10:26:00 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2008.07.16 22:52:57 | 000,000,000 | ---D | M] -- C:\ADSM_PData_0150 [2011.07.04 11:24:33 | 000,000,000 | -HSD | M] -- C:\Boot [2012.01.14 10:52:30 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2010.03.19 22:46:38 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2010.07.05 12:52:30 | 000,000,000 | -HSD | M] -- C:\found.000 [2011.07.03 12:10:55 | 000,000,000 | RH-D | M] -- C:\MSOCache [2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.01.14 10:51:05 | 000,000,000 | R--D | M] -- C:\Program Files [2011.12.27 12:39:37 | 000,000,000 | -H-D | M] -- C:\ProgramData [2010.03.19 22:46:38 | 000,000,000 | -HSD | M] -- C:\Programme [2010.03.19 22:46:39 | 000,000,000 | -HSD | M] -- C:\Recovery [2011.10.15 19:24:46 | 000,000,000 | -H-D | M] -- C:\Recycle.Bin [2012.01.18 10:46:15 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2010.03.19 22:46:53 | 000,000,000 | R--D | M] -- C:\Users [2009.09.17 11:55:59 | 000,000,000 | ---D | M] -- C:\VirtualDJPortable [2012.01.20 22:30:56 | 000,000,000 | ---D | M] -- C:\Windows [2010.05.05 19:51:34 | 000,000,000 | ---D | M] -- C:\Windows7Install < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: AGP440.SYS > [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: EXPLORER.EXE > [2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe [2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe < MD5 for: IASTORV.SYS > [2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys [2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys [2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0033117673c16921\iaStorV.sys [2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys [2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys [2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys [2011.03.11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll [2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys [2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys [2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvstor.sys [2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys [2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys [2011.03.11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys [2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll [2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll [2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll [2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll [2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WINLOGON.EXE > [2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys [2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > < %USERPROFILE%\*.* > [2009.12.02 09:35:14 | 000,051,698 | ---- | M] () -- C:\Users\Seppel\NeleJan.jpg [2012.01.22 13:32:26 | 007,340,032 | -HS- | M] () -- C:\Users\Seppel\ntuser.dat [2012.01.22 13:32:26 | 000,262,144 | -HS- | M] () -- C:\Users\Seppel\ntuser.dat.LOG1 [2010.03.19 22:46:53 | 000,000,000 | -HS- | M] () -- C:\Users\Seppel\ntuser.dat.LOG2 [2010.06.25 10:52:24 | 000,065,536 | -HS- | M] () -- C:\Users\Seppel\NTUSER.DAT{4a6fb532-803c-11df-adcb-001d609e7e57}.TM.blf [2010.06.25 10:52:24 | 000,524,288 | -HS- | M] () -- C:\Users\Seppel\NTUSER.DAT{4a6fb532-803c-11df-adcb-001d609e7e57}.TMContainer00000000000000000001.regtrans-ms [2010.06.25 10:52:24 | 000,524,288 | -HS- | M] () -- C:\Users\Seppel\NTUSER.DAT{4a6fb532-803c-11df-adcb-001d609e7e57}.TMContainer00000000000000000002.regtrans-ms [2010.03.20 01:53:49 | 000,065,536 | -HS- | M] () -- C:\Users\Seppel\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2010.03.20 01:53:49 | 000,524,288 | -HS- | M] () -- C:\Users\Seppel\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2010.03.20 01:53:49 | 000,524,288 | -HS- | M] () -- C:\Users\Seppel\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2011.10.15 19:21:41 | 000,065,536 | -HS- | M] () -- C:\Users\Seppel\ntuser.dat{735633c4-f656-11e0-8720-001d609e7e57}.TM.blf [2011.10.15 19:21:41 | 000,524,288 | -HS- | M] () -- C:\Users\Seppel\ntuser.dat{735633c4-f656-11e0-8720-001d609e7e57}.TMContainer00000000000000000001.regtrans-ms [2011.10.15 19:21:41 | 000,524,288 | -HS- | M] () -- C:\Users\Seppel\ntuser.dat{735633c4-f656-11e0-8720-001d609e7e57}.TMContainer00000000000000000002.regtrans-ms [2011.07.03 11:54:49 | 000,065,536 | -HS- | M] () -- C:\Users\Seppel\ntuser.dat{c6ad8f5c-a562-11e0-8161-001d609e7e57}.TM.blf [2011.07.03 11:54:49 | 000,524,288 | -HS- | M] () -- C:\Users\Seppel\ntuser.dat{c6ad8f5c-a562-11e0-8161-001d609e7e57}.TMContainer00000000000000000001.regtrans-ms [2011.07.03 11:54:49 | 000,524,288 | -HS- | M] () -- C:\Users\Seppel\ntuser.dat{c6ad8f5c-a562-11e0-8161-001d609e7e57}.TMContainer00000000000000000002.regtrans-ms [2010.11.24 20:56:52 | 000,065,536 | -HS- | M] () -- C:\Users\Seppel\NTUSER.DAT{fd0b6e00-f7fc-11df-b9ae-001d609e7e57}.TM.blf [2010.11.24 20:56:52 | 000,524,288 | -HS- | M] () -- C:\Users\Seppel\NTUSER.DAT{fd0b6e00-f7fc-11df-b9ae-001d609e7e57}.TMContainer00000000000000000001.regtrans-ms [2010.11.24 20:56:52 | 000,524,288 | -HS- | M] () -- C:\Users\Seppel\NTUSER.DAT{fd0b6e00-f7fc-11df-b9ae-001d609e7e57}.TMContainer00000000000000000002.regtrans-ms [2010.03.19 22:46:54 | 000,000,020 | -HS- | M] () -- C:\Users\Seppel\ntuser.ini [2010.06.02 21:25:24 | 000,000,073 | ---- | M] () -- C:\Users\Seppel\pmp_usb.ini [2010.06.10 10:04:09 | 000,016,384 | -HS- | M] () -- C:\Users\Seppel\Thumbs.db < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < End of report > und die Extras.txt.: OTL Extras logfile created on: 22.01.2012 13:24:21 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Seppel\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,60 Gb Available Physical Memory | 80,02% Memory free 4,00 Gb Paging File | 3,62 Gb Available in Paging File | 90,65% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 74,52 Gb Total Space | 1,47 Gb Free Space | 1,97% Space Free | Partition Type: NTFS Drive D: | 67,69 Gb Total Space | 64,49 Gb Free Space | 95,28% Space Free | Partition Type: NTFS Drive J: | 3,73 Gb Total Space | 0,00 Gb Free Space | 0,13% Space Free | Partition Type: FAT32 Computer Name: SEPPEL´S-PC | User Name: Seppel | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D576CAB-1261-32DB-7491-6B645AA574CC}" = comdirect BörsenTicker "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18 "{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel "{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4 "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect Lite "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE) "{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support "{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2 "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010 "{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010 "{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{94895EA7-873E-4FCB-9C7B-DD3F7019D618}_is1" = Free Video Cutter 1.1 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8 "{9D210D79-AEC5-453B-960C-4DD2C73931E1}" = Bonjour-Druckdienste "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE) "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AntiPlagiarist_is1" = AntiPlagiarist 2.2 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "AviSynth" = AviSynth 2.5 "CCleaner" = CCleaner "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "de.comdirect.ticker.CD5696F93DD370A1D14916944CB4AC4A409DD315.1" = comdirect BörsenTicker "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "Easy Video Splitter_is1" = Easy Video Splitter 1.28 "Emsisoft Anti-Malware_is1" = Emsisoft Anti-Malware 5.1 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.8 "Free YouTube Download_is1" = Free YouTube Download version 3.0.18.1123 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.14.1206 "FreePDF_XP" = FreePDF (Remove only) "GPL Ghostscript 8.71" = GPL Ghostscript 8.71 "GPL Ghostscript 9.00" = GPL Ghostscript 9.00 "ICQToolbar" = ICQ Toolbar "ImgBurn" = ImgBurn "iSkysoft Video Converter_is1" = iSkysoft Video Converter(Build 2.2.0.0) "JDownloader" = JDownloader "Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0 "Juniper Network Connect 7.1.0" = Juniper Networks Network Connect 7.1.0 "Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "MIDI Klavier_is1" = MIDI Klavier 1.0.1 "MKVtoolnix" = MKVtoolnix 4.6.0 "Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de) "Mozilla Sunbird (0.9)" = Mozilla Sunbird (0.9) "Native Instruments Traktor DJ Studio 3" = Native Instruments Traktor DJ Studio 3 "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "PDF Blender" = PDF Blender "PokerStars.net" = PokerStars.net "PS3 Video 9" = PS3 Video 9 6 "Redirection Port Monitor" = RedMon - Redirection Port Monitor "Steam App 300" = Day of Defeat: Source "StoppUhr" = StoppUhr "Streamripper" = Streamripper (Remove only) "TuneUp Utilities 2012" = TuneUp Utilities 2012 "Uninstall_is1" = Uninstall 1.0.0.1 "USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam "Videora iPhone 3G Converter" = Videora iPhone 3G Converter 5 "VLC media player" = VLC media player 1.0.1 "Winamp" = Winamp "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR "YouTube Downloader App" = YouTube Downloader App 2.00 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Juniper_Setup_Client" = Juniper Networks, Inc. Setup Client "QIP Infium" = QIP Infium 2.0.9036 "Winamp Detect" = Winamp Erkennungs-Plug-in ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 22.07.2011 10:45:27 | Computer Name = Seppel´s-PC | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error - 24.07.2011 12:44:58 | Computer Name = Seppel´s-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: Setup.exe_Microsoft Setup Bootstrapper, Version: 14.0.4755.1000, Zeitstempel: 0x4b989df1 Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003bc21 ID des fehlerhaften Prozesses: 0x1740 Startzeit der fehlerhaften Anwendung: 0x01cc4a20ffdacc42 Pfad der fehlerhaften Anwendung: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\ole32.dll Berichtskennung: 440cf60e-b614-11e0-98d5-001d609e7e57 Error - 24.07.2011 12:46:07 | Computer Name = Seppel´s-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: Setup.exe_Microsoft Setup Bootstrapper, Version: 14.0.4755.1000, Zeitstempel: 0x4b989df1 Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003bc21 ID des fehlerhaften Prozesses: 0x1dd0 Startzeit der fehlerhaften Anwendung: 0x01cc4a2123ca63e6 Pfad der fehlerhaften Anwendung: C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\ole32.dll Berichtskennung: 6d3bb57d-b614-11e0-98d5-001d609e7e57 Error - 25.07.2011 06:11:59 | Computer Name = Seppel´s-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig. . Error - 25.07.2011 06:12:23 | Computer Name = Seppel´s-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig. . Error - 25.07.2011 06:12:53 | Computer Name = Seppel´s-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig. . Error - 26.07.2011 07:00:15 | Computer Name = Seppel´s-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 9.3.0.148, Zeitstempel: 0x4b309800 Name des fehlerhaften Moduls: Updater.api_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4b307543 Ausnahmecode: 0xc0000005 Fehleroffset: 0x69bbcfc2 ID des fehlerhaften Prozesses: 0x1c04 Startzeit der fehlerhaften Anwendung: 0x01cc4b8326428cf6 Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe Pfad des fehlerhaften Moduls: Updater.api Berichtskennung: 708f4da2-b776-11e0-98d5-001d609e7e57 Error - 26.07.2011 07:00:34 | Computer Name = Seppel´s-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 9.3.0.148, Zeitstempel: 0x4b309800 Name des fehlerhaften Moduls: Updater.api_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4b307543 Ausnahmecode: 0xc0000005 Fehleroffset: 0x69baa265 ID des fehlerhaften Prozesses: 0x1c04 Startzeit der fehlerhaften Anwendung: 0x01cc4b8326428cf6 Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe Pfad des fehlerhaften Moduls: Updater.api Berichtskennung: 7c161067-b776-11e0-98d5-001d609e7e57 Error - 26.07.2011 10:44:19 | Computer Name = Seppel´s-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 9.3.0.148, Zeitstempel: 0x4b309800 Name des fehlerhaften Moduls: AcroRd32.dll, Version: 9.3.0.148, Zeitstempel: 0x4b307339 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0052bde3 ID des fehlerhaften Prozesses: 0x1e14 Startzeit der fehlerhaften Anwendung: 0x01cc4b96a60e77dd Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe Pfad des fehlerhaften Moduls: C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.dll Berichtskennung: be21a4eb-b795-11e0-98d5-001d609e7e57 Error - 27.07.2011 09:36:48 | Computer Name = Seppel´s-PC | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. [ Media Center Events ] Error - 11.08.2011 06:03:46 | Computer Name = Seppel´s-PC | Source = MCUpdate | ID = 0 Description = 12:03:45 - Fehler beim Herstellen der Internetverbindung. 12:03:46 - Serververbindung konnte nicht hergestellt werden.. Error - 11.08.2011 06:04:19 | Computer Name = Seppel´s-PC | Source = MCUpdate | ID = 0 Description = 12:03:52 - Fehler beim Herstellen der Internetverbindung. 12:03:52 - Serververbindung konnte nicht hergestellt werden.. Error - 14.08.2011 05:22:07 | Computer Name = Seppel´s-PC | Source = MCUpdate | ID = 0 Description = 11:22:07 - Fehler beim Herstellen der Internetverbindung. 11:22:07 - Serververbindung konnte nicht hergestellt werden.. Error - 14.08.2011 05:22:18 | Computer Name = Seppel´s-PC | Source = MCUpdate | ID = 0 Description = 11:22:12 - Fehler beim Herstellen der Internetverbindung. 11:22:12 - Serververbindung konnte nicht hergestellt werden.. Error - 23.08.2011 05:24:58 | Computer Name = Seppel´s-PC | Source = MCUpdate | ID = 0 Description = 11:24:58 - Fehler beim Herstellen der Internetverbindung. 11:24:58 - Serververbindung konnte nicht hergestellt werden.. Error - 23.08.2011 05:25:12 | Computer Name = Seppel´s-PC | Source = MCUpdate | ID = 0 Description = 11:25:04 - Fehler beim Herstellen der Internetverbindung. 11:25:04 - Serververbindung konnte nicht hergestellt werden.. Error - 24.08.2011 05:03:43 | Computer Name = Seppel´s-PC | Source = MCUpdate | ID = 0 Description = 11:03:43 - Fehler beim Herstellen der Internetverbindung. 11:03:43 - Serververbindung konnte nicht hergestellt werden.. Error - 24.08.2011 05:04:56 | Computer Name = Seppel´s-PC | Source = MCUpdate | ID = 0 Description = 11:04:04 - Fehler beim Herstellen der Internetverbindung. 11:04:04 - Serververbindung konnte nicht hergestellt werden.. Error - 31.08.2011 04:01:09 | Computer Name = Seppel´s-PC | Source = MCUpdate | ID = 0 Description = 10:01:09 - Fehler beim Herstellen der Internetverbindung. 10:01:09 - Serververbindung konnte nicht hergestellt werden.. Error - 31.08.2011 04:01:31 | Computer Name = Seppel´s-PC | Source = MCUpdate | ID = 0 Description = 10:01:15 - Fehler beim Herstellen der Internetverbindung. 10:01:15 - Serververbindung konnte nicht hergestellt werden.. [ System Events ] Error - 22.01.2012 08:34:26 | Computer Name = Seppel´s-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 22.01.2012 08:37:40 | Computer Name = Seppel´s-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 22.01.2012 08:37:40 | Computer Name = Seppel´s-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 22.01.2012 08:37:40 | Computer Name = Seppel´s-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 22.01.2012 08:39:26 | Computer Name = Seppel´s-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 22.01.2012 08:39:26 | Computer Name = Seppel´s-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 22.01.2012 08:39:26 | Computer Name = Seppel´s-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 22.01.2012 08:39:38 | Computer Name = Seppel´s-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 22.01.2012 08:39:38 | Computer Name = Seppel´s-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 22.01.2012 08:39:38 | Computer Name = Seppel´s-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 < End of report > Ich wäre euch total Dankbar wenn ihr mir helfen könntet  Stecke gerade in meiner Klausurenphase und bin sehr auf mein Notbook angewiesen Beste Grüße Jan |
|
22.01.2012, 17:28
| #2 |
| /// Malware-holic   | Windows Betriebssystem blockiert-50€ Strafe Kritische Grenze Bitte um eure Hilfe Danke :) hi
__________________dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user. wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts. • Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. Code:
ATTFilter :OTL
O4 - HKCU..\Run: [Firefox helper] C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
:Files
C:\Users\Seppel\AppData\Roaming\Mozilla\Firefox\firefox.exe
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]
• Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren. starte in den normalen modus. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Drücke bitte die  + E Taste.
__________________ |
|
| Themen zu Windows Betriebssystem blockiert-50€ Strafe Kritische Grenze Bitte um eure Hilfe Danke :) |
| antivir, avira, bho, bonjour, bootstrapper, cdburnerxp, converter, defender, desktop, document, emsisoft, emsisoft anti-malware, excel.exe, explorer, fehler, firefox, format, infizierte, install.exe, jdownloader, langs, logfile, microsoft, microsoft office word, mp3, nvidia, nvstor.sys, object, plug-in, registry, required, richtlinie, rundll, safer networking, seiten, senden, software, studio, usb 2.0, version=1.0, video converter, vodafone, webcheck, windows, winlogon.exe, youtube downloader |
Linear-Darstellung
