Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: PC friert ein mit Piep, aber nur bei Anmeldung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 26.08.2012, 15:00   #1
oelli
 
PC friert ein mit Piep, aber nur bei Anmeldung - Standard

PC friert ein mit Piep, aber nur bei Anmeldung



Hallo,

mein PC friert kurz nach dem Anmelden ein; zunächst nimmt Windows keine Tastatur/MAus mehr an, danach piept er kurz und der Mauszeiger bewegt sich nicht mehr.

Im nicht angmeldeten Zustand gibt es kein problem.

Ich habe einen Scan mit OTL vorbereitet, den ich aufgrund des Einfrierens leider nur im angesicherten Zustand ausführen konnte.

P.S.: der letzte Scan mit Malwarebytes Pro (vor dem Einfrieren) hat mir FileZilla als Problem gemeldet, das verwende ich aber bereist seit Jahren, ohne daß es Stress gab, insofern vertraue ich dem Programm.

Gruss

Jens

Hier der OTL Log:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 26.08.2012 15:52:55 - Run 4
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Dokumente und Einstellungen\JO\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 85,63% Memory free
5,34 Gb Paging File | 5,11 Gb Available in Paging File | 95,64% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 116,21 Gb Total Space | 78,65 Gb Free Space | 67,68% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 81,46 Gb Free Space | 34,98% Space Free | Partition Type: NTFS
Drive T: | 112,51 Gb Total Space | 14,97 Gb Free Space | 13,30% Space Free | Partition Type: NTFS
 
Computer Name: JC-PC-02 | User Name: JO | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\JO\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\system32\thomevnp.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (domovea_Service) -- C:\Programme\hager\domovea\Bin\Server\domovea_Service.exe (Hager Controls S.A.S)
SRV - (GiraControl) -- C:\Programme\GIRA\GiraControl\GC_Service.exe (Gira)
SRV - (nwtsrv) -- C:\Programme\FRITZ!Fernzugang\nwtsrv.exe (AVM Berlin)
SRV - (certsrv) -- C:\Programme\FRITZ!Fernzugang\certsrv.exe (AVM Berlin)
SRV - (avmike) -- C:\Programme\FRITZ!Fernzugang\avmike.exe (AVM Berlin)
SRV - (sdCoreService) -- C:\Programme\Spyware Doctor\pctsSvc.exe (PC Tools)
SRV - (sdAuxService) -- C:\Programme\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (ThreatFire) -- C:\Programme\Spyware Doctor\TFEngine\TFService.exe (PC Tools)
SRV - (FileZilla Server) -- C:\Programme\FileZilla Server\FileZilla server.exe (FileZilla Project)
SRV - (OpenVPNService) -- C:\Programme\OpenVPN\bin\openvpnserv.exe ()
SRV - (LVPrcSrv) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (SolidWorks Licensing Service) -- C:\Programme\Gemeinsame Dateien\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
SRV - (SentinelProtectionServer) -- C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc)
SRV - (SentinelKeysServer) -- C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc.)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (WinVNC4) -- C:\Programme\RealVNC\VNC4\winvnc4.exe (RealVNC Ltd.)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (Miramar AppleTalk Print Server) -- C:\Programme\Miramar\PC MACLAN\ATSPOOL.EXE (Miramar Systems Inc.)
SRV - (Miramar AppleTalk File Server) -- C:\Programme\Miramar\PC MACLAN\ATSERVER.EXE (Miramar Systems Inc.)
SRV - (ATMsg) -- C:\Programme\Miramar\PC MACLAN\ATMSG.EXE (Miramar Systems Inc.)
SRV - (RetroLauncher) -- C:\Programme\Dantz\Retrospect\launcher.exe (Dantz Development Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (catchme) -- C:\DOKUME~1\JO\LOKALE~1\Temp\catchme.sys File not found
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (Netaapl) -- C:\WINDOWS\system32\drivers\netaapl.sys (Apple Inc.)
DRV - (CtrnWinUsbLowerFilter) -- C:\WINDOWS\system32\drivers\CtrnWinUsbLowerFilter.sys (Crestron Electronics Inc.)
DRV - (pctplsg) -- C:\WINDOWS\system32\drivers\pctplsg.sys (PC Tools)
DRV - (RsFx0150) -- C:\WINDOWS\system32\drivers\RsFx0150.sys (Microsoft Corporation)
DRV - (NWIM) -- C:\WINDOWS\system32\drivers\avmnwim.sys (AVM Berlin)
DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools)
DRV - (pctgntdi) -- C:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools)
DRV - (TfSysMon) -- C:\WINDOWS\system32\drivers\TfSysMon.sys (PC Tools)
DRV - (TfFsMon) -- C:\WINDOWS\system32\drivers\TfFsMon.sys (PC Tools)
DRV - (TfNetMon) -- C:\WINDOWS\system32\drivers\TfNetMon.sys (PC Tools)
DRV - (tap0901) -- C:\WINDOWS\system32\drivers\tap0901.sys (The OpenVPN Project)
DRV - (WIBUKEY) -- C:\WINDOWS\system32\drivers\WibuKey.sys (WIBU-SYSTEMS AG)
DRV - (eusk3usb) -- C:\WINDOWS\system32\drivers\eusk3usb.sys (Eutron)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (npdrv) -- C:\WINDOWS\system32\drivers\npdrv.sys (Moxa Inc. )
DRV - (Wibukey2) -- C:\WINDOWS\system32\drivers\Wibukey2.sys (WIBU-SYSTEMS AG)
DRV - (Haspnt) -- C:\WINDOWS\system32\drivers\Haspnt.sys (Aladdin Knowledge Systems)
DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (PID_PEPI) -- C:\WINDOWS\system32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\WINDOWS\system32\drivers\lv302af.sys (Logitech Inc.)
DRV - (skeyusb) -- C:\WINDOWS\system32\drivers\skeyusb.sys (Aladdin Knowledge Systems Ltd.)
DRV - (eusk2par) -- C:\WINDOWS\system32\drivers\eusk2par.sys (Aladdin Knowledge Systems Ltd.)
DRV - (thomedav) -- C:\WINDOWS\system32\drivers\thomedav.sys ()
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (VIAHdAudAddService) -- C:\WINDOWS\system32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (Sentinel) -- C:\WINDOWS\system32\drivers\sentinel.sys (SafeNet, Inc.)
DRV - (monfilt) -- C:\WINDOWS\system32\drivers\monfilt.sys (Creative Technology Ltd.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (SNTNLUSB) -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS (SafeNet, Inc.)
DRV - (NHCIMONO_L) -- C:\WINDOWS\system32\drivers\nhcimonoL.sys (Lantronix)
DRV - (Hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (aksusb) -- C:\WINDOWS\system32\drivers\aksusb.sys (Aladdin Knowledge Systems Ltd.)
DRV - (akshasp) -- C:\WINDOWS\system32\drivers\akshasp.sys (Aladdin Knowledge Systems Ltd.)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (atfsd) -- C:\WINDOWS\system32\drivers\ATFSD.SYS (Miramar Systems Inc.)
DRV - (atalk) -- C:\WINDOWS\system32\drivers\ATALK.SYS (Miramar Systems Inc.)
DRV - (Pei16Wdm) -- C:\WINDOWS\system32\drivers\Pei16Wdm.sys (EIBA s.c.)
DRV - (Pei10Wdm) -- C:\WINDOWS\system32\drivers\Pei10Wdm.sys (EIBA s.c.)
DRV - (ElgTaDrv) -- C:\WINDOWS\system32\drivers\ElgTaDrv.sys (elmeg Kommunikationstechnik)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-682003330-362288127-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-682003330-362288127-1801674531-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-682003330-362288127-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-682003330-362288127-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-682003330-362288127-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Programme\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.07.23 13:46:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.05.30 15:18:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012.06.18 08:14:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2012.05.30 15:18:51 | 000,000,000 | ---D | M]
 
[2010.01.05 12:08:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Mozilla\Extensions
[2010.01.05 12:08:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.05.03 17:49:17 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Mozilla\Firefox\Profiles\ilqxafgf.default\extensions
[2010.05.03 15:02:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Mozilla\Firefox\Profiles\ilqxafgf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.11.11 04:17:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.03.07 16:20:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.23 13:46:41 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2008.01.16 02:28:50 | 000,155,648 | ---- | M] (Solidworks Corporation) -- C:\Programme\mozilla firefox\plugins\npEModelPlugin.dll
[2009.07.09 09:00:33 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Programme\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2012.06.07 10:38:47 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.07 10:38:47 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.07 10:38:47 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.07 10:38:47 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.07 10:38:47 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.07 10:38:47 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.10.19 08:32:15 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Programme\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Programme\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\..\Toolbar\ShellBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Programme\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Programme\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [FileZilla Server Interface] C:\Programme\FileZilla Server\FileZilla Server Interface.exe (FileZilla Project)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Miramar Systems, Inc.] C:\Programme\Miramar\PC MACLAN\ATMSG.EXE (Miramar Systems Inc.)
O4 - HKLM..\Run: [Nokia Tray Application] C:\Programme\Gemeinsame Dateien\Nokia\NCLTools\NclTray.exe (Nokia Mobile Phones)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Lantronix UBox USB Device Server Task.lnk = C:\Programme\Lantronix\UBox\nhciTaskL.exe (Lantronix)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\OKI LPR Utility.lnk = C:\Programme\Okidata\OKI LPR Utility\okilpr.exe (Oki Data Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\JO\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\JO\Startmenü\Programme\Autostart\OpenOffice.org 3.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\JO\Startmenü\Programme\Autostart\STRATO HiDrive.lnk = C:\Programme\STRATO AG\STRATO HiDrive\STRATO HiDrive.exe (STRATO)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O15 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\..Trusted Ranges: Range1 ([*] in Trusted sites)
O15 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\..Trusted Ranges: Range1 ([http] in Trusted sites)
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} hxxp://eic.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab (DjVuCtl Class)
O16 - DPF: {15A7CF10-CB3E-4265-8779-9FD22619E8ED} hxxp://192.168.0.101/XPanel.cab (XPanel Class)
O16 - DPF: {673204A0-F8B3-4090-8506-80658C5D02C6} hxxp://192.168.0.101/nwcv3setup.exe (WebVideoCtrl Class)
O16 - DPF: {6F83F815-49D0-46BB-A81C-A9D18C33A0E7} hxxp://192.168.0.201/cab/Dibos80.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {F184A6DA-2B5A-4507-8555-C05C5C5C9A9B} https://knapp-wfer.dyndns.org:7777/itcclient.cab (ITCClient Control)
O16 - DPF: {F74959B0-1779-472E-BE6E-3023E1DBEC73} hxxp://192.168.0.101/XInit.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50A9C4EB-F707-4899-8AE5-E053B5600E5D}: DhcpNameServer = 192.168.0.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50A9C4EB-F707-4899-8AE5-E053B5600E5D}: NameServer = 192.168.0.3,192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.26 15:36:34 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\JO\Desktop\OTL.exe
[2011.03.05 19:58:55 | 000,540,672 | ---- | C] (www.hsinfoman.de) -- C:\Programme\c-move.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.26 15:55:31 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.08.26 15:52:17 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\JO\Desktop\OTL.exe
[2012.08.26 15:42:44 | 047,519,955 | ---- | M] (                                                            ) -- C:\Dokumente und Einstellungen\JO\Desktop\setup_9.0.0.722_26.08.2012_12-35.exe
[2012.08.26 15:38:57 | 000,640,204 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.08.26 15:38:57 | 000,605,538 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.08.26 15:38:57 | 000,151,514 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.08.26 15:38:57 | 000,128,720 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.08.26 15:36:16 | 000,001,333 | ---- | M] () -- C:\Dokumente und Einstellungen\JO\Desktop\T.lnk
[2012.08.26 15:35:44 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.08.26 15:34:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.08.26 15:28:57 | 000,186,500 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.08.26 15:28:53 | 000,001,078 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.26 14:54:01 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.24 18:24:16 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.08.24 17:38:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.08.24 15:34:46 | 000,004,174 | ---- | M] () -- C:\Dokumente und Einstellungen\JO\Desktop\Berker Stückliste.pdf
[2012.08.24 15:34:41 | 000,005,520 | ---- | M] () -- C:\Dokumente und Einstellungen\JO\Desktop\Berker partslist.bsl
[2012.08.24 11:26:20 | 000,004,161 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2012.08.24 09:55:26 | 000,001,630 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[2012.08.18 08:05:03 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012.08.15 18:38:17 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.08.15 18:38:16 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.08.15 18:38:15 | 009,826,504 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012.08.13 15:21:11 | 000,707,418 | ---- | M] () -- C:\WINDOWS\unins000.exe
[2012.08.13 15:21:11 | 000,004,606 | ---- | M] () -- C:\WINDOWS\unins000.dat
[2012.08.09 11:40:50 | 000,019,901 | ---- | M] () -- C:\Dokumente und Einstellungen\JO\Desktop\Paketschein.pdf
 
========== Files Created - No Company Name ==========
 
[2012.08.26 15:37:58 | 047,519,955 | ---- | C] (                                                            ) -- C:\Dokumente und Einstellungen\JO\Desktop\setup_9.0.0.722_26.08.2012_12-35.exe
[2012.08.24 15:26:26 | 000,004,174 | ---- | C] () -- C:\Dokumente und Einstellungen\JO\Desktop\Berker Stückliste.pdf
[2012.08.24 15:09:29 | 000,005,520 | ---- | C] () -- C:\Dokumente und Einstellungen\JO\Desktop\Berker partslist.bsl
[2012.07.11 18:10:51 | 000,142,016 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.07.09 17:50:57 | 000,000,210 | ---- | C] () -- C:\WINDOWS\{D9C15833-DBC0-418C-B27E-921E2534F834}_WiseFW.ini
[2012.06.04 09:52:41 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2012.03.12 19:20:21 | 000,000,128 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft.SqlServer.Compact.351.32.bc
[2012.02.16 03:58:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.13 18:17:45 | 000,000,092 | ---- | C] () -- C:\WINDOWS\BJE_RC20PlugIn.INI
[2012.02.13 15:21:26 | 000,000,024 | ---- | C] () -- C:\Dokumente und Einstellungen\JO\Mediaport.conf
[2011.06.28 11:15:43 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat
[2011.06.28 11:13:12 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2011.03.16 09:24:43 | 000,707,418 | ---- | C] () -- C:\WINDOWS\unins001.exe
[2011.03.16 09:24:43 | 000,002,960 | ---- | C] () -- C:\WINDOWS\unins001.dat
[2011.03.05 19:58:56 | 000,374,857 | ---- | C] () -- C:\Programme\c-move_F.chm
[2011.03.05 19:58:55 | 000,416,473 | ---- | C] () -- C:\Programme\c-move.chm
[2011.02.23 16:07:48 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2011.02.08 14:23:42 | 000,659,824 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-682003330-362288127-1801674531-1003-0.dat
[2011.02.08 14:23:41 | 000,140,446 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2010.10.19 08:28:11 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.10.19 08:28:11 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.10.19 08:28:11 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.10.19 08:28:11 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.10.19 08:28:11 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.09.30 10:40:46 | 000,707,418 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2010.09.30 10:40:46 | 000,004,606 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2010.09.21 10:28:07 | 000,040,544 | ---- | C] () -- C:\WINDOWS\System32\CtrnDCls2.dll
[2010.09.09 11:57:18 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\ADAMTCP.dll
[2010.09.09 11:57:17 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\adv5ktcp.dll
[2010.03.05 12:14:13 | 000,000,135 | ---- | C] () -- C:\Dokumente und Einstellungen\JO\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009.12.02 15:19:26 | 000,014,848 | ---- | C] () -- C:\Dokumente und Einstellungen\JO\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== LOP Check ==========
 
[2010.06.04 11:13:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\3rd Eye Solutions
[2010.11.01 14:01:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVM
[2011.09.23 10:31:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Crestron
[2009.08.12 07:38:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Elka Shared
[2012.04.10 10:49:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2010.06.24 09:26:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GAEB-Viewer
[2012.06.21 10:06:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Gira
[2009.11.24 13:58:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GKsrv
[2012.01.24 13:47:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ISDNWatch
[2012.06.15 08:26:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KNX
[2010.03.08 13:42:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Medialon
[2009.11.30 10:32:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MediaMatrix
[2012.07.09 17:51:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Power-Tool
[2012.08.26 15:27:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2011.09.23 13:19:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.04.28 11:25:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Centra
[2012.07.11 13:59:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Crestron
[2012.08.26 15:29:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Dropbox
[2009.11.20 12:34:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\EIBA sc
[2012.04.10 10:50:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\elsterformular
[2009.06.16 10:56:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Foxit
[2012.08.24 10:10:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Foxit Software
[2012.01.24 13:49:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\FRITZ!
[2012.01.24 13:47:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\FRITZ!fax für FRITZ!Box
[2009.11.24 13:58:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\GAEB-Viewer
[2012.06.21 10:06:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Gira
[2009.11.24 13:58:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\GKsrv
[2012.03.12 19:14:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\hager
[2012.02.07 18:34:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\HS+FS Experte 2.7
[2012.06.25 15:56:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\IPP2
[2011.08.18 11:39:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Leadertech
[2012.06.07 08:39:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Mobotix
[2009.06.18 08:46:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\OpenOffice.org
[2012.03.20 09:13:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Saba
[2011.04.20 18:10:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\STRATO
[2012.04.13 13:35:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\TeamViewer
[2010.01.05 12:08:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Thunderbird
[2010.01.21 15:01:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\TPDesign4
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 164 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A8ADE5D8

< End of report >
         
--- --- ---


Hier die OTL-Extras.txt:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 26.08.2012 15:52:55 - Run 4
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Dokumente und Einstellungen\JO\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 85,63% Memory free
5,34 Gb Paging File | 5,11 Gb Available in Paging File | 95,64% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 116,21 Gb Total Space | 78,65 Gb Free Space | 67,68% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 81,46 Gb Free Space | 34,98% Space Free | Partition Type: NTFS
Drive T: | 112,51 Gb Total Space | 14,97 Gb Free Space | 13,30% Space Free | Partition Type: NTFS
 
Computer Name: JC-PC-02 | User Name: JO | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-682003330-362288127-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"548:TCP" = 548:TCP:*:Disabled:Apple Share IP
"548:UDP" = 548:UDP:*:Disabled:Apple Share IP
"5800:TCP" = 5800:TCP:*:Enabled:VNC
"5900:TCP" = 5900:TCP:*:Enabled:VNC
"10010:TCP" = 10010:TCP:*:Enabled:UBOX
"10010:UDP" = 10010:UDP:*:Enabled:UBOX
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"5031:TCP" = 5031:TCP:*:Enabled:FritzFax
"5031:UDP" = 5031:UDP:*:Enabled:FritzFax
"4504:TCP" = 4504:TCP:*:Enabled:domovea for VPN
"4505:TCP" = 4505:TCP:*:Enabled:domovea for ICE
"2899:TCP" = 2899:TCP:*:Enabled:domovea for webserver
"2900:TCP" = 2900:TCP:*:Enabled:domovea for UPnP discovery
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\NPortAdminSuite\bin\npadmer.exe" = C:\Programme\NPortAdminSuite\bin\npadmer.exe:*:Enabled:npadmer -- ()
"C:\Programme\Claris Corp\FileMaker Pro 4.0\FileMaker Pro.exe" = C:\Programme\Claris Corp\FileMaker Pro 4.0\FileMaker Pro.exe:*:Enabled:FileMaker Pro -- (Claris Corporation)
"C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe" = C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe:*:Enabled:Sentinel Protection Server -- (SafeNet, Inc)
"C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe" = C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe:*:Enabled:Sentinel Keys Server -- (SafeNet, Inc.)
"C:\Programme\Aston\WinSwitch3\WSEDITOR.exe" = C:\Programme\Aston\WinSwitch3\WSEDITOR.exe:*:Enabled:WinSwitch Editor -- (ASTON GmbH)
"C:\Programme\Aston\WinSwitch3\WSKERNEL.exe" = C:\Programme\Aston\WinSwitch3\WSKERNEL.exe:*:Enabled:Classic Runtime / Professional Server -- (ASTON GmbH)
"C:\Programme\EIB-Programme\Power-Tool\ToolBApp.exe" = C:\Programme\EIB-Programme\Power-Tool\ToolBApp.exe:*:Enabled:ToolBApp.exe -- (Busch-Jaeger Elektro GmbH)
"C:\Programme\IPP\ipp.bin" = C:\Programme\IPP\ipp.bin:*:Enabled:ipp -- ()
"C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Ets\EtsNg.exe" = C:\Programme\Ets\EtsNg.exe:*:Enabled:ETS3 Professional -- (KNX Association)
"C:\Programme\Gemeinsame Dateien\EIBA sc\Falcon\Falcon.exe" = C:\Programme\Gemeinsame Dateien\EIBA sc\Falcon\Falcon.exe:*:Enabled:Falcon -- (KNX Association)
"C:\Programme\MediaMatrix\NWare 1.5.0\pandad.exe" = C:\Programme\MediaMatrix\NWare 1.5.0\pandad.exe:*:Enabled:pandad -- ()
"C:\Programme\MediaMatrix\NWare 1.5.0\NWare.exe" = C:\Programme\MediaMatrix\NWare 1.5.0\NWare.exe:*:Enabled:NWare Application -- (Peavey Electronics)
"C:\Programme\MediaMatrix\NWare 1.5.0\pion_emulator.exe" = C:\Programme\MediaMatrix\NWare 1.5.0\pion_emulator.exe:*:Disabled:pion_emulator -- ()
"C:\Programme\GIRA\HS+FS\exp232\DE\hilfe.exe" = C:\Programme\GIRA\HS+FS\exp232\DE\hilfe.exe:*:Enabled:hilfe -- ()
"C:\Programme\Nexia\Nexia.exe" = C:\Programme\Nexia\Nexia.exe:*:Enabled:Nexia System Software Executable -- (Biamp Systems)
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\Programme\GIRA\HS+FS\exp232\DE\experte.exe" = C:\Programme\GIRA\HS+FS\exp232\DE\experte.exe:*:Enabled:experte -- ()
"C:\Programme\Medialon Manager 3\MedialonManager.exe" = C:\Programme\Medialon Manager 3\MedialonManager.exe:*:Enabled:Show & Media Control Software -- (Medialon)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\OpenVPN\bin\openvpn.exe" = C:\Programme\OpenVPN\bin\openvpn.exe:*:Enabled:openvpn -- ()
"C:\Programme\GIRA\HS+FS\exp240\DE\hilfe.exe" = C:\Programme\GIRA\HS+FS\exp240\DE\hilfe.exe:*:Enabled:hilfe -- ()
"C:\Programme\Dataton\WATCHOUT 4\WATCHMAKER.exe" = C:\Programme\Dataton\WATCHOUT 4\WATCHMAKER.exe:*:Enabled:WATCHOUT Production Software -- (Dataton AB)
"C:\Programme\Medialon\Medialon Manager 5\MXM\AppRemote.exe" = C:\Programme\Medialon\Medialon Manager 5\MXM\AppRemote.exe:*:Enabled:Medialon XObject Module -- (Medialon)
"C:\Programme\Dataton\WATCHOUT 4\WATCHPOINT.EXE" = C:\Programme\Dataton\WATCHOUT 4\WATCHPOINT.EXE:*:Enabled:WATCHOUT Display Software -- (Dataton AB)
"C:\Programme\Medialon\Medialon Manager 5\MedialonManager.exe" = C:\Programme\Medialon\Medialon Manager 5\MedialonManager.exe:*:Enabled:Medialon Manager 5.5.2 -- (Medialon)
"C:\Programme\TeamViewer\Version5\TeamViewer.exe" = C:\Programme\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"D:\Installer\EIB\Hersteller\Gira\Homeserver\c-move.exe" = D:\Installer\EIB\Hersteller\Gira\Homeserver\c-move.exe:*:Enabled:c-move
"C:\Programme\ETS4\ETS4.exe" = C:\Programme\ETS4\ETS4.exe:*:Enabled:ETS4 -- (KNX Association cvba)
"C:\Programme\GIRA\HS+FS\exp250\DE\hilfe.exe" = C:\Programme\GIRA\HS+FS\exp250\DE\hilfe.exe:*:Enabled:hilfe -- ()
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\STRATO AG\STRATO HiDrive\openVPN\openvpn.exe" = C:\Programme\STRATO AG\STRATO HiDrive\openVPN\openvpn.exe:*:Enabled:openvpn -- ()
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft  Fax Console -- (Microsoft Corporation)
"C:\Programme\Gemeinsame Dateien\EIBA sc\Eagle\SybaseRT8\Win32\rteng8.exe" = C:\Programme\Gemeinsame Dateien\EIBA sc\Eagle\SybaseRT8\Win32\rteng8.exe:*:Disabled:Adaptive Server Anywhere Network Server -- (iAnywhere Solutions, Inc.)
"D:\11-200 CN HAW Finkenau\CRESTRON Projekt\CN\TPMC-8X_01_XPanel.xexe\bin\Xpanel.exe" = D:\11-200 CN HAW Finkenau\CRESTRON Projekt\CN\TPMC-8X_01_XPanel.xexe\bin\Xpanel.exe:*:Enabled:e-control 2 Module
"C:\Programme\GIRA\c-move.exe" = C:\Programme\GIRA\c-move.exe:*:Enabled:c-move -- (www.hsinfoman.de)
"C:\Programme\Harman Pro\London Architect\Main.exe" = C:\Programme\Harman Pro\London Architect\Main.exe:*:Enabled:HiQnet London Architect -- (BSS Audio)
"C:\Programme\TeamViewer\Version6\TeamViewer.exe" = C:\Programme\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Programme\c-move.exe" = C:\Programme\c-move.exe:*:Enabled:c-move -- (www.hsinfoman.de)
"C:\Programme\Crestron\VMK-WIN\VmkWinTray.exe" = C:\Programme\Crestron\VMK-WIN\VmkWinTray.exe:*:Enabled:Crestron VMK-WIN Tray
"C:\Programme\Crestron\VMK-WIN\VmkWinHelper.exe" = C:\Programme\Crestron\VMK-WIN\VmkWinHelper.exe:*:Enabled:Crestron VMK-WIN Helper
"C:\Programme\Crestron\VMK-WIN\VmkWinAppHelper.exe" = C:\Programme\Crestron\VMK-WIN\VmkWinAppHelper.exe:*:Enabled:Crestron VMK-WIN Application Helper
"C:\Programme\Crestron\VMK-WIN\VmkWinApp.exe" = C:\Programme\Crestron\VMK-WIN\VmkWinApp.exe:*:Enabled:Crestron VMK-WIN Application
"C:\Programme\Bose\ControlSpace 2.200\bin\CSDesigner.exe" = C:\Programme\Bose\ControlSpace 2.200\bin\CSDesigner.exe:*:Enabled:ControlSpace Designer ver2.200 -- (Bose Corporation)
"C:\Programme\Bose\ControlSpace 2.200\bin\CSupdate.exe" = C:\Programme\Bose\ControlSpace 2.200\bin\CSupdate.exe:*:Enabled:ControlSpace Designer Firmware Update v2.200 -- (AuBit, Ltd. (JAPAN))
"C:\Programme\TeamViewer\Version7\TeamViewer.exe" = C:\Programme\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000000-0000-0000-0000-000000000000}" = KNX eteC Falcon Runtime v1.7
"{00060000-0000-1004-8002-0000C06B5161}" = WibuKey Setup (WibuKey Remove)
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{0573BDB1-CD8C-4591-BA90-DFCAD8F8C5AE}_is1" = Crestron Engraver v5.04.020.01
"{08A7C6C5-394F-4335-B32F-28C938704D2F}" = Lantronix UBox USB Device Server
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{15D6691B-73D3-41C7-87AF-CF685FE84D99}_is1" = MxEasy 1.5.1
"{1B52BC01-2F6E-4FAE-BB09-1F28D2BF1D63}_is1" = Crestron Toolbox 2.33.051.55
"{1B90A851-50F3-4040-B28B-07FAC963D50D}" = IT Tools For ETS3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20E9498A-B525-479B-8668-CCB91AB7F9C6}" = domovea Server
"{262D707F-6978-476D-8EFE-6A72AF32236C}" = PC MACLAN
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 26
"{28B38A2B-05F0-45C9-BB93-3A419492D43C}" = Raum- / Controlpanel Software V1.3
"{291B3A3B-F808-45B8-8113-DF232FCB6C82}" = Microsoft .NET Compact Framework 3.5
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005
"{2CD48761-FFED-4D34-8087-222CA36C5575}" = EIBA OPC Export v1.2
"{2DD388FF-6422-43C9-86A1-C7A99C83E946}" = ASUS nVidia Driver
"{2FF43F5D-5729-4E02-A548-310E30A5F29B}" = Microsoft CAPICOM 2.1.0.2 SDK
"{335424A2-2C4E-49F3-A066-58635269DB83}" = Sentinel Protection Installer 7.4.2
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35695AD9-F477-478E-948F-1BAD4C986F21}" = IP-Project Macros für ETS
"{38ADB9A6-798C-11D6-A855-00105A80791C}" = OKI Network Extension
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E00C574-B650-401D-A898-4581AAD6CC74}" = STRATO HiDrive
"{4151A975-4546-45E5-92AD-F9AF3F68D24A}" = BJE Logic Time Plugin
"{4448ABF6-786D-4C3D-A49D-7BB237E6DD17}" = Foxit PDF IFilter
"{4509D9E5-57F8-45B0-9091-4676D709FD7A}" = Microsoft SQL Server Native Client
"{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}" = Microsoft SQL Server VSS Writer
"{48B30FAA-0262-4F96-9C4F-0B8C2E781C91}" = EIBA ETS PEI Driver Update v1.4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB6A079-178B-4144-B21F-4D1AE71666A2}" = Microsoft SQL Server 2008 R2 Native Client
"{4C223826-2448-425F-9746-02395DD8450D}" = NWare 1.5.0
"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared
"{4E021ED8-0141-40AC-88B7-99B92FB5FCE3}" = ShredIt for Windows
"{53585E8B-4E7F-4135-B3C2-EF06337E8448}" = Medialon Manager 5
"{5448C223-8C56-41C2-A292-65DE01556B6B}" = WATCHOUT 4
"{55C28EF3-2EA3-46AB-B1E7-54B96C5A6921}" = Viewport v3.110
"{572880F8-A845-48E1-97B8-3800E9155B18}" = ETS3 Professional
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = SQL Server 2008 R2 Database Engine Services
"{5A3343F2-006E-4524-9654-CD4136F9A3C4}" = b+b EIBTools / FIAVis
"{5DC36978-AB9A-4A23-9C12-D90D2BB781B7}" = AVM FRITZ!Fernzugang
"{60570530-B40D-40EC-8472-E13DA9050135}" = D-Nav Controls
"{6686F38D-1A32-4A8C-94D7-A2AA9C5F3C9B}_is1" = Crestron Device Database44.06.001.00
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7005C601-B415-4D77-B2ED-FF40E3DACDED}" = DEAL for Windows
"{71B06E52-A152-43DE-B414-C2DD22D81A25}" = Crestron MasterInstaller
"{7273A166-3420-4372-AE91-A450216823DB}" = Developer Tools for UPnP Technologies
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}" = Microsoft SQL Server 2008 R2 Setup (English)
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79555FF3-33D2-4DE2-89D3-5AA98D387070}" = London Architect
"{795A5DA8-D442-42B4-887F-8DCBC7D4AFA7}" = TP-Visu
"{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{82E6FC8A-535B-4852-A0EE-38AA7E0E8573}" = ControlSpace Designer ver2.200
"{857DA860-472D-483E-AC6E-B9D7DDCDB0BA}" = Microsoft Expression Design 3
"{85E064EA-4092-4E0C-871F-61594123E06F}" = EIBA iETS Client v1.3
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{892AAFA1-CBEE-419C-905D-BA2B728BB32A}" = GIRA TS3plus Plugin 1.0.0.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A5F34E2-37CF-4AD4-808C-2D413786E31A}" = Microsoft Visual C Runtime
"{8B508184-4E86-41C9-BCFF-EF8B1C7EF2BF}_is1" = Crestron SIMPL Window 3.11.15.00
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{91853E08-7EF3-4C87-8D49-C6F9DBC4FE5A}" = GiraControl
"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9543BDC2-B910-4ED8-AD92-B8B92040245D}" = KNX eteC Falcon Runtime v2.1
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B42A6A6-035B-43FC-A7AC-C99F1D084384}" = SIMPL Windows v2.12
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9E52ACC4-ABB4-41A1-9D99-1229F0E3C0C2}_is1" = Crestron Database 33.01.004.01
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F2E6BA-6756-4D8D-808E-671F4862EF2B}" = KNX ETS4
"{AA3983BF-9B72-484E-972A-E47BBAFA9CCA}" = VisionTools Pro-e v4.0
"{AE7D0D42-842F-11D4-B1F0-0050DA8095DF}" = Retrospect 5.15
"{b17ff919-2d84-4f2a-94d1-4c5254d8924f}" = KNX eteC Falcon Runtime v2.0
"{B4FD7198-3B0D-4A2B-AF76-DA4BA70E9D8B}" = EIBA iETS Telegram Recorder Client v1.3
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 Database Engine Services
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B88DD411-AD46-4F89-A54F-575B0AA667C3}" = GAEB-Viewer
"{B9681EB8-76E5-4022-AE84-F6B7CE464554}" = KNX ETS4 Additional Runtime
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C885A1B2-184E-4C57-8C2B-78B250E1EFCA}" = Touchpanel Graphics v1.00
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD23CF22-1DA2-4351-B6C4-B1A2859C68AC}" = eDrawings 2008
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files 
"{D9C15833-DBC0-418C-B27E-921E2534F834}" = Power-Tool
"{DE3F165D-D00A-ws-008-ETS3}_is1" = ETS3 - Wetterstation 2v06 Gira
"{DE3F165D-D00A-ws-012-ETS3}_is1" = ETS3 - Wetterstation 2v03 Merten
"{E11AC1A7-2F59-4911-90ED-E0B55D2101D6}" = Berker TS RTR Plugin 0.0.1.0
"{E304E05B-A86B-4B3C-BB57-9D0197442B09}" = Nokia PC Suite 4.81
"{E74BC26C-A114-4AE0-990E-BBFBB9F592A4}_is1" = Crestron VisionTools Pro-e 5.0.38.02
"{EA6DF39D-500E-4C3B-8B38-8675A798DB13}" = Text Overlay 2.0
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 Database Engine Shared
"{F074C96B-CBD0-4614-B4DA-E7A5B81CB721}" = Power-Project V4.5
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F1028A20-AE8B-44CE-BBAA-155F66952FE7}" = Network Camera View3
"{F109A292-33BA-4A96-9C9F-1739AE72EB62}" = WIN-Tools - elmeg WIN-Tools V5.44
"{F15D925E-9E7E-4F8D-8F5F-803B6EF23A58}" = KNX eteC Falcon Runtime v1.7
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FB97A745-D1E6-435D-B942-264E94F89938}" = SIMPL+ Cross Compiler
"{FB99852D-8340-4B3E-8051-3229879586C5}" = KNXTP1-IEC61131Controller-IpRouter
"{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 Common Files
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ADAM-5000TCP-6000 Utility Ver 2.36" = ADAM-5000TCP-6000 Utility Ver 2.36
"ADAM-5000TCP-6000 Utility Ver 2.37" = ADAM-5000TCP-6000 Utility Ver 2.37
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"AFPL Ghostscript 8.53" = AFPL Ghostscript 8.53
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"AjaxVisu (Gira)" = AjaxVisu v2.2.090902
"Ask Toolbar_is1" = Foxit Toolbar
"Audia" = Audia
"Az008ETS3_is1" = ETS3 - Alarmzentrale Gira 1v06
"Biq006ETS3_is1" = ETS3 - B.IQ-Display Berker 1v08
"Browser Defender_is1" = Browser Defender 2.0.6.15
"CCleaner" = CCleaner
"CentraClient" = Centra Client
"Clean Disk Security" = Clean Disk Security 7.81
"c-move" = c-move 3.9.0.43 
"ct008ETS3_is1" = ETS3 - InfoTerminal Touch Gira 1v01
"CtIp006ETS3_is1" = ETS3 - Master Control Berker 1v03
"CtIp008ETS3_is1" = ETS3 - InfoTerminal Touch 2072xx Gira 1v03
"D49FBD114E4911AD03D99ED034ADA88310A1915A" = Windows-Treiberpaket - Crestron Electronics Inc. (WinUSB) Crestron  (11/09/2010 3.0.0.0)
"DALIMonitor25" = DALI Monitor
"Design_6.0.1739.0" = Microsoft Expression Design 3
"DesignGenerator" = DesignGenerator v1.100721 RC
"DjVu" = LizardTech DjVu Control (autoinstall)
"ELKACOMM&135E&0145" = ELKA CP210x USB Device 0145 (Driver Removal)
"ElsterFormular 13.1.1.8531u" = ElsterFormular
"ETS2 V1.3" = ETS2 V1.3
"ETS3 Professional" = ETS3 Professional
"FileASSASSIN" = FileASSASSIN
"FileMaker Pro 4.0" = FileMaker Pro 4.0
"FileZilla" = FileZilla (remove only)
"FileZilla Server" = FileZilla Server (remove only)
"Foxit Reader_is1" = Foxit Reader
"FreePDF_XP" = FreePDF XP (Remove only)
"FRITZ! 2.0" = AVM FRITZ!fax für FRITZ!Box
"Gira HS+FS Experte v2.8" = Gira HS+FS Experte v2.8
"GNU Ghostscript 7.05" = GNU Ghostscript 7.05
"GNU Ghostscript Fonts" = GNU Ghostscript Fonts
"HS/FS QuadClient" = QuadClient 1.1 MultiLanguage
"HS_FS Experte 2.3_DE" = HS/FS Experte 2.3.2 MultiLanguage
"HS_FS Experte 2.4_DE" = HS/FS Experte 2.4 
"HS_FS Experte 2.5.100908_DE" = HS/FS Experte 2.5 
"HS_FS Experte 2.7.110928_DE" = HS/FS Experte 2.70
"HS_FS QuadClient 1.2" = QuadClient 1.2 
"HSMonitor" = HSMonitor v1.0.090305 RC
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"IP-Project" = IP-Project
"IREdit" = IREdit
"K1006ETS3_is1" = ETS3 - Tastsensor mit RTR und Display Berker 1v02
"KNX ETS4" = KNX ETS4
"lvdrivers_12.10" = Logitech Webcam Software-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"masterCONFIGURATOR" = masterCONFIGURATOR
"mediaControl 2.2.45" = mediaControl 2.2.45
"Medialon Manager 3" = Medialon Manager 3
"Mediaport" = Mediaport
"Mediencenter Software_is1" = Mediencenter Software Version 6.02.15 31.10.08
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"Mozilla Thunderbird 14.0 (x86 de)" = Mozilla Thunderbird 14.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MT012ETS3_is1" = ETS3 - MT701 Merten 1v11
"NetLinx Studio 2" = NetLinx Studio
"Nexia" = Nexia
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NPort Administration Suite_is1" = NPort Administration Suite Ver1.12
"NVIDIA Drivers" = NVIDIA Drivers
"OKI LPR Utility" = OKI LPR Utility
"OpenVPN" = OpenVPN 2.1.1
"Power-Project V4.5" = Power-Project V4.5
"Power-Tool" = Power-Tool
"RCD004ETS3_is1" = ETS3 - RCD Jung 3v05
"RealVNC_is1" = VNC Free Edition 4.1.2
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Soundweb" = Soundweb
"Spyware Doctor" = Spyware Doctor 7.0
"Symphony Cable Pro 5.2.3" = Adtec Digital Symphony Cable Pro 5.2.3
"Symphony Professional 5.2.3" = Adtec Digital Symphony Professional 5.2.3
"TeamViewer 5" = TeamViewer 5
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"Totalcmd" = Total Commander (Remove or Repair)
"TPDesign4" = TPDesign4
"Ts2B008ETS3_is1" = ETS3 - Tastsensor 2 plus Gira 2v10
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format Runtime
"Winmail Opener" = Winmail Opener 1.4
"WinRAR archiver" = WinRAR archiver
"WinSwitch3_is1" = WinSwitch
"winusb0200" = Microsoft WinUsb 2.0
"XConsole_v9_is1" = XConsole_v9
"YTdetect" = Yahoo! Detect
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-682003330-362288127-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"b44603a6177aa624" = Kramer RC Configuration
"Dropbox" = Dropbox
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 26.08.2012 08:56:41 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = This Service is only for GiraControl-Machines
 
Error - 26.08.2012 08:56:41 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = Service cannot be started. Das Handle ist ungültig
 
Error - 26.08.2012 09:01:59 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = This Service is only for GiraControl-Machines
 
Error - 26.08.2012 09:01:59 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = Service cannot be started. Das Handle ist ungültig
 
Error - 26.08.2012 09:08:41 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = Service cannot be started. System.ArgumentOutOfRangeException: Index
 and length must refer to a location within the string.  Parameter name: length     
at System.String.InternalSubStringWithChecks(Int32 startIndex, Int32 length, Boolean
 fAlwaysCopy)     at GC_Service.serviceGiraControl.CheckValidSystem()     at GC_Service.serviceGiraControl.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 26.08.2012 09:12:21 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = Service cannot be started. System.ArgumentOutOfRangeException: Index
 and length must refer to a location within the string.  Parameter name: length     
at System.String.InternalSubStringWithChecks(Int32 startIndex, Int32 length, Boolean
 fAlwaysCopy)     at GC_Service.serviceGiraControl.CheckValidSystem()     at GC_Service.serviceGiraControl.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 26.08.2012 09:16:26 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = This Service is only for GiraControl-Machines
 
Error - 26.08.2012 09:16:26 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = Service cannot be started. Das Handle ist ungültig
 
Error - 26.08.2012 09:27:33 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = This Service is only for GiraControl-Machines
 
Error - 26.08.2012 09:27:33 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = Service cannot be started. Das Handle ist ungültig
 
[ Application Events ]
Error - 26.08.2012 08:56:41 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = This Service is only for GiraControl-Machines
 
Error - 26.08.2012 08:56:41 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = Service cannot be started. Das Handle ist ungültig
 
Error - 26.08.2012 09:01:59 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = This Service is only for GiraControl-Machines
 
Error - 26.08.2012 09:01:59 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = Service cannot be started. Das Handle ist ungültig
 
Error - 26.08.2012 09:08:41 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = Service cannot be started. System.ArgumentOutOfRangeException: Index
 and length must refer to a location within the string.  Parameter name: length     
at System.String.InternalSubStringWithChecks(Int32 startIndex, Int32 length, Boolean
 fAlwaysCopy)     at GC_Service.serviceGiraControl.CheckValidSystem()     at GC_Service.serviceGiraControl.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 26.08.2012 09:12:21 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = Service cannot be started. System.ArgumentOutOfRangeException: Index
 and length must refer to a location within the string.  Parameter name: length     
at System.String.InternalSubStringWithChecks(Int32 startIndex, Int32 length, Boolean
 fAlwaysCopy)     at GC_Service.serviceGiraControl.CheckValidSystem()     at GC_Service.serviceGiraControl.OnStart(String[]
 args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error - 26.08.2012 09:16:26 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = This Service is only for GiraControl-Machines
 
Error - 26.08.2012 09:16:26 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = Service cannot be started. Das Handle ist ungültig
 
Error - 26.08.2012 09:27:33 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = This Service is only for GiraControl-Machines
 
Error - 26.08.2012 09:27:33 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0
Description = Service cannot be started. Das Handle ist ungültig
 
[ System Events ]
Error - 26.08.2012 08:56:47 | Computer Name = JC-PC-02 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet:   %%10048
 
Error - 26.08.2012 09:02:05 | Computer Name = JC-PC-02 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet:   %%10048
 
Error - 26.08.2012 09:08:43 | Computer Name = JC-PC-02 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet:   %%10048
 
Error - 26.08.2012 09:12:24 | Computer Name = JC-PC-02 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet:   %%10048
 
Error - 26.08.2012 09:16:32 | Computer Name = JC-PC-02 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet:   %%10048
 
Error - 26.08.2012 09:27:39 | Computer Name = JC-PC-02 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet:   %%10048
 
Error - 26.08.2012 09:36:02 | Computer Name = JC-PC-02 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 26.08.2012 09:36:36 | Computer Name = JC-PC-02 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   eusk2par  Fips  intelppm  TfFsMon  TfSysMon
 
Error - 26.08.2012 09:52:16 | Computer Name = JC-PC-02 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 26.08.2012 09:55:29 | Computer Name = JC-PC-02 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "SkypeUpdate"
 mit den Argumenten "/ComService"  gestartet wurde, um den folgenden Server zu verwenden:
{CC957078-B838-47C4-A7CF-626E7A82FC58}
 
 
< End of report >
         
--- --- ---

Geändert von oelli (26.08.2012 um 15:03 Uhr) Grund: Habe OTL.txt/Extras.txt vergessen.

Alt 30.08.2012, 20:34   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC friert ein mit Piep, aber nur bei Anmeldung - Standard

PC friert ein mit Piep, aber nur bei Anmeldung



Bitte alle Logs von Malwarebytes posten
__________________

__________________

Antwort

Themen zu PC friert ein mit Piep, aber nur bei Anmeldung
32 bit, anmelde, anmelden, anmeldung, application/pdf:, aufgrund, ausführen, bewegt, filezilla, fontcache, friert, friert ein, gemeldet, google earth, helper.exe, jahre, lws.exe, malwarebytes, mauszeiger, melde, melden, meldung, nodrives, pc friert ein, piept, plug-in, remote control, scan, stress, windows, windows internet, zunächst



Ähnliche Themen: PC friert ein mit Piep, aber nur bei Anmeldung


  1. Blackscreen -> Piep-Ton -> BIOS , starke verlangsamung des PC's und ruckeln bei Spielen
    Mülltonne - 29.03.2015 (0)
  2. Windows 7 - nur Schwarzer Bildschirm, Anmeldung blind möglich aber keine Desktop Symbole oder Taskleiste
    Log-Analyse und Auswertung - 06.11.2014 (15)
  3. PC friert nach dem Start ein aber die Maus ist lässt sich noch bewegen
    Alles rund um Windows - 20.10.2014 (21)
  4. PC friert nach Start ein aber die Maus ist lässt sich noch bewegen
    Plagegeister aller Art und deren Bekämpfung - 17.10.2014 (25)
  5. PC friert nach Start ein aber die Maus ist lässt sich noch bewegen
    Alles rund um Windows - 13.10.2014 (1)
  6. Windows 8: Schwarzer Bildschirm bei Anmeldung, aber Cursor sichtbar und Anmeldemaske sichtbar
    Log-Analyse und Auswertung - 17.07.2014 (23)
  7. weißer Bildschirm nach Anmeldung, im abges. Modus sofortiger Neustart nach Anmeldung
    Plagegeister aller Art und deren Bekämpfung - 22.11.2013 (12)
  8. Bildschirm friert ein aber Mauscursor bewegt sich, alles nach Inkassomail-Anhang
    Log-Analyse und Auswertung - 14.08.2013 (17)
  9. PC friert ein - am liebsten beim Firefox, aber auch sonst ganz gern...
    Log-Analyse und Auswertung - 30.07.2013 (5)
  10. Windows hat sich kurz aufgehangen und danach kam ein Piep Ton
    Alles rund um Windows - 02.02.2013 (7)
  11. XP friert manchmal nach der Anmeldung ein
    Alles rund um Windows - 04.06.2012 (8)
  12. Laptop fährt hoch, Bildschirm bleibt schwarz!2 mal piep Ton
    Alles rund um Windows - 29.12.2011 (5)
  13. Beim Starten von Windows XP passiert folgendes --- Anmeldung-Abmeldung-Anmeldung
    Alles rund um Windows - 13.08.2010 (1)
  14. pc piep und geht nicht an!
    Alles rund um Windows - 21.11.2008 (16)
  15. boxen machen immer ein piep geräusch
    Plagegeister aller Art und deren Bekämpfung - 08.08.2008 (16)
  16. Piep Beim Start Von Windows Xp
    Alles rund um Windows - 01.01.2008 (7)
  17. 8 mal piep es !
    Alles rund um Windows - 21.12.2005 (5)

Zum Thema PC friert ein mit Piep, aber nur bei Anmeldung - Hallo, mein PC friert kurz nach dem Anmelden ein; zunächst nimmt Windows keine Tastatur/MAus mehr an, danach piept er kurz und der Mauszeiger bewegt sich nicht mehr. Im nicht angmeldeten - PC friert ein mit Piep, aber nur bei Anmeldung...
Archiv
Du betrachtest: PC friert ein mit Piep, aber nur bei Anmeldung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.