|
Log-Analyse und Auswertung: PC friert ein mit Piep, aber nur bei AnmeldungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
26.08.2012, 15:00 | #1 |
| PC friert ein mit Piep, aber nur bei Anmeldung Hallo, mein PC friert kurz nach dem Anmelden ein; zunächst nimmt Windows keine Tastatur/MAus mehr an, danach piept er kurz und der Mauszeiger bewegt sich nicht mehr. Im nicht angmeldeten Zustand gibt es kein problem. Ich habe einen Scan mit OTL vorbereitet, den ich aufgrund des Einfrierens leider nur im angesicherten Zustand ausführen konnte. P.S.: der letzte Scan mit Malwarebytes Pro (vor dem Einfrieren) hat mir FileZilla als Problem gemeldet, das verwende ich aber bereist seit Jahren, ohne daß es Stress gab, insofern vertraue ich dem Programm. Gruss Jens Hier der OTL Log:OTL Logfile: Code:
ATTFilter OTL logfile created on: 26.08.2012 15:52:55 - Run 4 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Dokumente und Einstellungen\JO\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 85,63% Memory free 5,34 Gb Paging File | 5,11 Gb Available in Paging File | 95,64% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 116,21 Gb Total Space | 78,65 Gb Free Space | 67,68% Space Free | Partition Type: NTFS Drive D: | 232,88 Gb Total Space | 81,46 Gb Free Space | 34,98% Space Free | Partition Type: NTFS Drive T: | 112,51 Gb Total Space | 14,97 Gb Free Space | 13,30% Space Free | Partition Type: NTFS Computer Name: JC-PC-02 | User Name: JO | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\JO\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\WINDOWS\system32\thomevnp.dll () MOD - C:\Programme\WinRAR\RarExt.dll () ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (domovea_Service) -- C:\Programme\hager\domovea\Bin\Server\domovea_Service.exe (Hager Controls S.A.S) SRV - (GiraControl) -- C:\Programme\GIRA\GiraControl\GC_Service.exe (Gira) SRV - (nwtsrv) -- C:\Programme\FRITZ!Fernzugang\nwtsrv.exe (AVM Berlin) SRV - (certsrv) -- C:\Programme\FRITZ!Fernzugang\certsrv.exe (AVM Berlin) SRV - (avmike) -- C:\Programme\FRITZ!Fernzugang\avmike.exe (AVM Berlin) SRV - (sdCoreService) -- C:\Programme\Spyware Doctor\pctsSvc.exe (PC Tools) SRV - (sdAuxService) -- C:\Programme\Spyware Doctor\pctsAuxs.exe (PC Tools) SRV - (ThreatFire) -- C:\Programme\Spyware Doctor\TFEngine\TFService.exe (PC Tools) SRV - (FileZilla Server) -- C:\Programme\FileZilla Server\FileZilla server.exe (FileZilla Project) SRV - (OpenVPNService) -- C:\Programme\OpenVPN\bin\openvpnserv.exe () SRV - (LVPrcSrv) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (SolidWorks Licensing Service) -- C:\Programme\Gemeinsame Dateien\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks) SRV - (SentinelProtectionServer) -- C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc) SRV - (SentinelKeysServer) -- C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc.) SRV - (AdobeActiveFileMonitor6.0) -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe () SRV - (WinVNC4) -- C:\Programme\RealVNC\VNC4\winvnc4.exe (RealVNC Ltd.) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (Miramar AppleTalk Print Server) -- C:\Programme\Miramar\PC MACLAN\ATSPOOL.EXE (Miramar Systems Inc.) SRV - (Miramar AppleTalk File Server) -- C:\Programme\Miramar\PC MACLAN\ATSERVER.EXE (Miramar Systems Inc.) SRV - (ATMsg) -- C:\Programme\Miramar\PC MACLAN\ATMSG.EXE (Miramar Systems Inc.) SRV - (RetroLauncher) -- C:\Programme\Dantz\Retrospect\launcher.exe (Dantz Development Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (catchme) -- C:\DOKUME~1\JO\LOKALE~1\Temp\catchme.sys File not found DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (Netaapl) -- C:\WINDOWS\system32\drivers\netaapl.sys (Apple Inc.) DRV - (CtrnWinUsbLowerFilter) -- C:\WINDOWS\system32\drivers\CtrnWinUsbLowerFilter.sys (Crestron Electronics Inc.) DRV - (pctplsg) -- C:\WINDOWS\system32\drivers\pctplsg.sys (PC Tools) DRV - (RsFx0150) -- C:\WINDOWS\system32\drivers\RsFx0150.sys (Microsoft Corporation) DRV - (NWIM) -- C:\WINDOWS\system32\drivers\avmnwim.sys (AVM Berlin) DRV - (PCTCore) -- C:\WINDOWS\system32\drivers\PCTCore.sys (PC Tools) DRV - (pctgntdi) -- C:\WINDOWS\system32\drivers\pctgntdi.sys (PC Tools) DRV - (TfSysMon) -- C:\WINDOWS\system32\drivers\TfSysMon.sys (PC Tools) DRV - (TfFsMon) -- C:\WINDOWS\system32\drivers\TfFsMon.sys (PC Tools) DRV - (TfNetMon) -- C:\WINDOWS\system32\drivers\TfNetMon.sys (PC Tools) DRV - (tap0901) -- C:\WINDOWS\system32\drivers\tap0901.sys (The OpenVPN Project) DRV - (WIBUKEY) -- C:\WINDOWS\system32\drivers\WibuKey.sys (WIBU-SYSTEMS AG) DRV - (eusk3usb) -- C:\WINDOWS\system32\drivers\eusk3usb.sys (Eutron) DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys () DRV - (npdrv) -- C:\WINDOWS\system32\drivers\npdrv.sys (Moxa Inc. ) DRV - (Wibukey2) -- C:\WINDOWS\system32\drivers\Wibukey2.sys (WIBU-SYSTEMS AG) DRV - (Haspnt) -- C:\WINDOWS\system32\drivers\Haspnt.sys (Aladdin Knowledge Systems) DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation) DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.) DRV - (PID_PEPI) -- C:\WINDOWS\system32\drivers\LV302V32.SYS (Logitech Inc.) DRV - (pepifilter) -- C:\WINDOWS\system32\drivers\lv302af.sys (Logitech Inc.) DRV - (skeyusb) -- C:\WINDOWS\system32\drivers\skeyusb.sys (Aladdin Knowledge Systems Ltd.) DRV - (eusk2par) -- C:\WINDOWS\system32\drivers\eusk2par.sys (Aladdin Knowledge Systems Ltd.) DRV - (thomedav) -- C:\WINDOWS\system32\drivers\thomedav.sys () DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation ) DRV - (VIAHdAudAddService) -- C:\WINDOWS\system32\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV - (Sentinel) -- C:\WINDOWS\system32\drivers\sentinel.sys (SafeNet, Inc.) DRV - (monfilt) -- C:\WINDOWS\system32\drivers\monfilt.sys (Creative Technology Ltd.) DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.) DRV - (SNTNLUSB) -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS (SafeNet, Inc.) DRV - (NHCIMONO_L) -- C:\WINDOWS\system32\drivers\nhcimonoL.sys (Lantronix) DRV - (Hardlock) -- C:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.) DRV - (aksusb) -- C:\WINDOWS\system32\drivers\aksusb.sys (Aladdin Knowledge Systems Ltd.) DRV - (akshasp) -- C:\WINDOWS\system32\drivers\akshasp.sys (Aladdin Knowledge Systems Ltd.) DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys () DRV - (atfsd) -- C:\WINDOWS\system32\drivers\ATFSD.SYS (Miramar Systems Inc.) DRV - (atalk) -- C:\WINDOWS\system32\drivers\ATALK.SYS (Miramar Systems Inc.) DRV - (Pei16Wdm) -- C:\WINDOWS\system32\drivers\Pei16Wdm.sys (EIBA s.c.) DRV - (Pei10Wdm) -- C:\WINDOWS\system32\drivers\Pei10Wdm.sys (EIBA s.c.) DRV - (ElgTaDrv) -- C:\WINDOWS\system32\drivers\ElgTaDrv.sys (elmeg Kommunikationstechnik) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-682003330-362288127-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-682003330-362288127-1801674531-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-682003330-362288127-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-682003330-362288127-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-682003330-362288127-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Programme\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.07.23 13:46:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.05.30 15:18:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012.06.18 08:14:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2012.05.30 15:18:51 | 000,000,000 | ---D | M] [2010.01.05 12:08:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Mozilla\Extensions [2010.01.05 12:08:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012.05.03 17:49:17 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Mozilla\Firefox\Profiles\ilqxafgf.default\extensions [2010.05.03 15:02:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Mozilla\Firefox\Profiles\ilqxafgf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.11.11 04:17:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.03.07 16:20:51 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.07.23 13:46:41 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2008.01.16 02:28:50 | 000,155,648 | ---- | M] (Solidworks Corporation) -- C:\Programme\mozilla firefox\plugins\npEModelPlugin.dll [2009.07.09 09:00:33 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Programme\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2012.06.07 10:38:47 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.06.07 10:38:47 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.06.07 10:38:47 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.06.07 10:38:47 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.07 10:38:47 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.07 10:38:47 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.10.19 08:32:15 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Programme\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Programme\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\..\Toolbar\ShellBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Programme\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Programme\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [FileZilla Server Interface] C:\Programme\FileZilla Server\FileZilla Server Interface.exe (FileZilla Project) O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\Logitech WebCam Software\LWS.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Miramar Systems, Inc.] C:\Programme\Miramar\PC MACLAN\ATMSG.EXE (Miramar Systems Inc.) O4 - HKLM..\Run: [Nokia Tray Application] C:\Programme\Gemeinsame Dateien\Nokia\NCLTools\NclTray.exe (Nokia Mobile Phones) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Lantronix UBox USB Device Server Task.lnk = C:\Programme\Lantronix\UBox\nhciTaskL.exe (Lantronix) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\OKI LPR Utility.lnk = C:\Programme\Okidata\OKI LPR Utility\okilpr.exe (Oki Data Corporation) O4 - Startup: C:\Dokumente und Einstellungen\JO\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\JO\Startmenü\Programme\Autostart\OpenOffice.org 3.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Dokumente und Einstellungen\JO\Startmenü\Programme\Autostart\STRATO HiDrive.lnk = C:\Programme\STRATO AG\STRATO HiDrive\STRATO HiDrive.exe (STRATO) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0 O7 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Programme\Gemeinsame Dateien\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O15 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\..Trusted Ranges: Range1 ([*] in Trusted sites) O15 - HKU\S-1-5-21-682003330-362288127-1801674531-1003\..Trusted Ranges: Range1 ([http] in Trusted sites) O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} hxxp://eic.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab (DjVuCtl Class) O16 - DPF: {15A7CF10-CB3E-4265-8779-9FD22619E8ED} hxxp://192.168.0.101/XPanel.cab (XPanel Class) O16 - DPF: {673204A0-F8B3-4090-8506-80658C5D02C6} hxxp://192.168.0.101/nwcv3setup.exe (WebVideoCtrl Class) O16 - DPF: {6F83F815-49D0-46BB-A81C-A9D18C33A0E7} hxxp://192.168.0.201/cab/Dibos80.CAB (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {F184A6DA-2B5A-4507-8555-C05C5C5C9A9B} https://knapp-wfer.dyndns.org:7777/itcclient.cab (ITCClient Control) O16 - DPF: {F74959B0-1779-472E-BE6E-3023E1DBEC73} hxxp://192.168.0.101/XInit.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50A9C4EB-F707-4899-8AE5-E053B5600E5D}: DhcpNameServer = 192.168.0.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50A9C4EB-F707-4899-8AE5-E053B5600E5D}: NameServer = 192.168.0.3,192.168.178.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.08.26 15:36:34 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\JO\Desktop\OTL.exe [2011.03.05 19:58:55 | 000,540,672 | ---- | C] (www.hsinfoman.de) -- C:\Programme\c-move.exe ========== Files - Modified Within 30 Days ========== [2012.08.26 15:55:31 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.08.26 15:52:17 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\JO\Desktop\OTL.exe [2012.08.26 15:42:44 | 047,519,955 | ---- | M] ( ) -- C:\Dokumente und Einstellungen\JO\Desktop\setup_9.0.0.722_26.08.2012_12-35.exe [2012.08.26 15:38:57 | 000,640,204 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.08.26 15:38:57 | 000,605,538 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.08.26 15:38:57 | 000,151,514 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.08.26 15:38:57 | 000,128,720 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.08.26 15:36:16 | 000,001,333 | ---- | M] () -- C:\Dokumente und Einstellungen\JO\Desktop\T.lnk [2012.08.26 15:35:44 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.08.26 15:34:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.08.26 15:28:57 | 000,186,500 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012.08.26 15:28:53 | 000,001,078 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.08.26 14:54:01 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.08.24 18:24:16 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.08.24 17:38:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012.08.24 15:34:46 | 000,004,174 | ---- | M] () -- C:\Dokumente und Einstellungen\JO\Desktop\Berker Stückliste.pdf [2012.08.24 15:34:41 | 000,005,520 | ---- | M] () -- C:\Dokumente und Einstellungen\JO\Desktop\Berker partslist.bsl [2012.08.24 11:26:20 | 000,004,161 | ---- | M] () -- C:\WINDOWS\wincmd.ini [2012.08.24 09:55:26 | 000,001,630 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini [2012.08.18 08:05:03 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012.08.15 18:38:17 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012.08.15 18:38:16 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.08.15 18:38:15 | 009,826,504 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2012.08.13 15:21:11 | 000,707,418 | ---- | M] () -- C:\WINDOWS\unins000.exe [2012.08.13 15:21:11 | 000,004,606 | ---- | M] () -- C:\WINDOWS\unins000.dat [2012.08.09 11:40:50 | 000,019,901 | ---- | M] () -- C:\Dokumente und Einstellungen\JO\Desktop\Paketschein.pdf ========== Files Created - No Company Name ========== [2012.08.26 15:37:58 | 047,519,955 | ---- | C] ( ) -- C:\Dokumente und Einstellungen\JO\Desktop\setup_9.0.0.722_26.08.2012_12-35.exe [2012.08.24 15:26:26 | 000,004,174 | ---- | C] () -- C:\Dokumente und Einstellungen\JO\Desktop\Berker Stückliste.pdf [2012.08.24 15:09:29 | 000,005,520 | ---- | C] () -- C:\Dokumente und Einstellungen\JO\Desktop\Berker partslist.bsl [2012.07.11 18:10:51 | 000,142,016 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2012.07.09 17:50:57 | 000,000,210 | ---- | C] () -- C:\WINDOWS\{D9C15833-DBC0-418C-B27E-921E2534F834}_WiseFW.ini [2012.06.04 09:52:41 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini [2012.03.12 19:20:21 | 000,000,128 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft.SqlServer.Compact.351.32.bc [2012.02.16 03:58:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.02.13 18:17:45 | 000,000,092 | ---- | C] () -- C:\WINDOWS\BJE_RC20PlugIn.INI [2012.02.13 15:21:26 | 000,000,024 | ---- | C] () -- C:\Dokumente und Einstellungen\JO\Mediaport.conf [2011.06.28 11:15:43 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat [2011.06.28 11:13:12 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2011.03.16 09:24:43 | 000,707,418 | ---- | C] () -- C:\WINDOWS\unins001.exe [2011.03.16 09:24:43 | 000,002,960 | ---- | C] () -- C:\WINDOWS\unins001.dat [2011.03.05 19:58:56 | 000,374,857 | ---- | C] () -- C:\Programme\c-move_F.chm [2011.03.05 19:58:55 | 000,416,473 | ---- | C] () -- C:\Programme\c-move.chm [2011.02.23 16:07:48 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2011.02.08 14:23:42 | 000,659,824 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-682003330-362288127-1801674531-1003-0.dat [2011.02.08 14:23:41 | 000,140,446 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2010.10.19 08:28:11 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010.10.19 08:28:11 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010.10.19 08:28:11 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010.10.19 08:28:11 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010.10.19 08:28:11 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010.09.30 10:40:46 | 000,707,418 | ---- | C] () -- C:\WINDOWS\unins000.exe [2010.09.30 10:40:46 | 000,004,606 | ---- | C] () -- C:\WINDOWS\unins000.dat [2010.09.21 10:28:07 | 000,040,544 | ---- | C] () -- C:\WINDOWS\System32\CtrnDCls2.dll [2010.09.09 11:57:18 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\ADAMTCP.dll [2010.09.09 11:57:17 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\adv5ktcp.dll [2010.03.05 12:14:13 | 000,000,135 | ---- | C] () -- C:\Dokumente und Einstellungen\JO\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2009.12.02 15:19:26 | 000,014,848 | ---- | C] () -- C:\Dokumente und Einstellungen\JO\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== LOP Check ========== [2010.06.04 11:13:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\3rd Eye Solutions [2010.11.01 14:01:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVM [2011.09.23 10:31:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Crestron [2009.08.12 07:38:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Elka Shared [2012.04.10 10:49:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular [2010.06.24 09:26:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GAEB-Viewer [2012.06.21 10:06:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Gira [2009.11.24 13:58:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GKsrv [2012.01.24 13:47:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ISDNWatch [2012.06.15 08:26:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KNX [2010.03.08 13:42:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Medialon [2009.11.30 10:32:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MediaMatrix [2012.07.09 17:51:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Power-Tool [2012.08.26 15:27:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2011.09.23 13:19:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2011.04.28 11:25:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Centra [2012.07.11 13:59:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Crestron [2012.08.26 15:29:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Dropbox [2009.11.20 12:34:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\EIBA sc [2012.04.10 10:50:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\elsterformular [2009.06.16 10:56:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Foxit [2012.08.24 10:10:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Foxit Software [2012.01.24 13:49:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\FRITZ! [2012.01.24 13:47:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\FRITZ!fax für FRITZ!Box [2009.11.24 13:58:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\GAEB-Viewer [2012.06.21 10:06:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Gira [2009.11.24 13:58:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\GKsrv [2012.03.12 19:14:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\hager [2012.02.07 18:34:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\HS+FS Experte 2.7 [2012.06.25 15:56:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\IPP2 [2011.08.18 11:39:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Leadertech [2012.06.07 08:39:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Mobotix [2009.06.18 08:46:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\OpenOffice.org [2012.03.20 09:13:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Saba [2011.04.20 18:10:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\STRATO [2012.04.13 13:35:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\TeamViewer [2010.01.05 12:08:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Thunderbird [2010.01.21 15:01:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\JO\Anwendungsdaten\TPDesign4 ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 164 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 @Alternate Data Stream - 109 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A8ADE5D8 < End of report > Hier die OTL-Extras.txt:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 26.08.2012 15:52:55 - Run 4 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Dokumente und Einstellungen\JO\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 85,63% Memory free 5,34 Gb Paging File | 5,11 Gb Available in Paging File | 95,64% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 116,21 Gb Total Space | 78,65 Gb Free Space | 67,68% Space Free | Partition Type: NTFS Drive D: | 232,88 Gb Total Space | 81,46 Gb Free Space | 34,98% Space Free | Partition Type: NTFS Drive T: | 112,51 Gb Total Space | 14,97 Gb Free Space | 13,30% Space Free | Partition Type: NTFS Computer Name: JC-PC-02 | User Name: JO | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-682003330-362288127-1801674531-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "548:TCP" = 548:TCP:*:Disabled:Apple Share IP "548:UDP" = 548:UDP:*:Disabled:Apple Share IP "5800:TCP" = 5800:TCP:*:Enabled:VNC "5900:TCP" = 5900:TCP:*:Enabled:VNC "10010:TCP" = 10010:TCP:*:Enabled:UBOX "10010:UDP" = 10010:UDP:*:Enabled:UBOX "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "5031:TCP" = 5031:TCP:*:Enabled:FritzFax "5031:UDP" = 5031:UDP:*:Enabled:FritzFax "4504:TCP" = 4504:TCP:*:Enabled:domovea for VPN "4505:TCP" = 4505:TCP:*:Enabled:domovea for ICE "2899:TCP" = 2899:TCP:*:Enabled:domovea for webserver "2900:TCP" = 2900:TCP:*:Enabled:domovea for UPnP discovery ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Programme\NPortAdminSuite\bin\npadmer.exe" = C:\Programme\NPortAdminSuite\bin\npadmer.exe:*:Enabled:npadmer -- () "C:\Programme\Claris Corp\FileMaker Pro 4.0\FileMaker Pro.exe" = C:\Programme\Claris Corp\FileMaker Pro 4.0\FileMaker Pro.exe:*:Enabled:FileMaker Pro -- (Claris Corporation) "C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe" = C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe:*:Enabled:Sentinel Protection Server -- (SafeNet, Inc) "C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe" = C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe:*:Enabled:Sentinel Keys Server -- (SafeNet, Inc.) "C:\Programme\Aston\WinSwitch3\WSEDITOR.exe" = C:\Programme\Aston\WinSwitch3\WSEDITOR.exe:*:Enabled:WinSwitch Editor -- (ASTON GmbH) "C:\Programme\Aston\WinSwitch3\WSKERNEL.exe" = C:\Programme\Aston\WinSwitch3\WSKERNEL.exe:*:Enabled:Classic Runtime / Professional Server -- (ASTON GmbH) "C:\Programme\EIB-Programme\Power-Tool\ToolBApp.exe" = C:\Programme\EIB-Programme\Power-Tool\ToolBApp.exe:*:Enabled:ToolBApp.exe -- (Busch-Jaeger Elektro GmbH) "C:\Programme\IPP\ipp.bin" = C:\Programme\IPP\ipp.bin:*:Enabled:ipp -- () "C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Programme\Ets\EtsNg.exe" = C:\Programme\Ets\EtsNg.exe:*:Enabled:ETS3 Professional -- (KNX Association) "C:\Programme\Gemeinsame Dateien\EIBA sc\Falcon\Falcon.exe" = C:\Programme\Gemeinsame Dateien\EIBA sc\Falcon\Falcon.exe:*:Enabled:Falcon -- (KNX Association) "C:\Programme\MediaMatrix\NWare 1.5.0\pandad.exe" = C:\Programme\MediaMatrix\NWare 1.5.0\pandad.exe:*:Enabled:pandad -- () "C:\Programme\MediaMatrix\NWare 1.5.0\NWare.exe" = C:\Programme\MediaMatrix\NWare 1.5.0\NWare.exe:*:Enabled:NWare Application -- (Peavey Electronics) "C:\Programme\MediaMatrix\NWare 1.5.0\pion_emulator.exe" = C:\Programme\MediaMatrix\NWare 1.5.0\pion_emulator.exe:*:Disabled:pion_emulator -- () "C:\Programme\GIRA\HS+FS\exp232\DE\hilfe.exe" = C:\Programme\GIRA\HS+FS\exp232\DE\hilfe.exe:*:Enabled:hilfe -- () "C:\Programme\Nexia\Nexia.exe" = C:\Programme\Nexia\Nexia.exe:*:Enabled:Nexia System Software Executable -- (Biamp Systems) "C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.) "C:\Programme\GIRA\HS+FS\exp232\DE\experte.exe" = C:\Programme\GIRA\HS+FS\exp232\DE\experte.exe:*:Enabled:experte -- () "C:\Programme\Medialon Manager 3\MedialonManager.exe" = C:\Programme\Medialon Manager 3\MedialonManager.exe:*:Enabled:Show & Media Control Software -- (Medialon) "C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Programme\OpenVPN\bin\openvpn.exe" = C:\Programme\OpenVPN\bin\openvpn.exe:*:Enabled:openvpn -- () "C:\Programme\GIRA\HS+FS\exp240\DE\hilfe.exe" = C:\Programme\GIRA\HS+FS\exp240\DE\hilfe.exe:*:Enabled:hilfe -- () "C:\Programme\Dataton\WATCHOUT 4\WATCHMAKER.exe" = C:\Programme\Dataton\WATCHOUT 4\WATCHMAKER.exe:*:Enabled:WATCHOUT Production Software -- (Dataton AB) "C:\Programme\Medialon\Medialon Manager 5\MXM\AppRemote.exe" = C:\Programme\Medialon\Medialon Manager 5\MXM\AppRemote.exe:*:Enabled:Medialon XObject Module -- (Medialon) "C:\Programme\Dataton\WATCHOUT 4\WATCHPOINT.EXE" = C:\Programme\Dataton\WATCHOUT 4\WATCHPOINT.EXE:*:Enabled:WATCHOUT Display Software -- (Dataton AB) "C:\Programme\Medialon\Medialon Manager 5\MedialonManager.exe" = C:\Programme\Medialon\Medialon Manager 5\MedialonManager.exe:*:Enabled:Medialon Manager 5.5.2 -- (Medialon) "C:\Programme\TeamViewer\Version5\TeamViewer.exe" = C:\Programme\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "D:\Installer\EIB\Hersteller\Gira\Homeserver\c-move.exe" = D:\Installer\EIB\Hersteller\Gira\Homeserver\c-move.exe:*:Enabled:c-move "C:\Programme\ETS4\ETS4.exe" = C:\Programme\ETS4\ETS4.exe:*:Enabled:ETS4 -- (KNX Association cvba) "C:\Programme\GIRA\HS+FS\exp250\DE\hilfe.exe" = C:\Programme\GIRA\HS+FS\exp250\DE\hilfe.exe:*:Enabled:hilfe -- () "C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Programme\STRATO AG\STRATO HiDrive\openVPN\openvpn.exe" = C:\Programme\STRATO AG\STRATO HiDrive\openVPN\openvpn.exe:*:Enabled:openvpn -- () "C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation) "C:\Programme\Gemeinsame Dateien\EIBA sc\Eagle\SybaseRT8\Win32\rteng8.exe" = C:\Programme\Gemeinsame Dateien\EIBA sc\Eagle\SybaseRT8\Win32\rteng8.exe:*:Disabled:Adaptive Server Anywhere Network Server -- (iAnywhere Solutions, Inc.) "D:\11-200 CN HAW Finkenau\CRESTRON Projekt\CN\TPMC-8X_01_XPanel.xexe\bin\Xpanel.exe" = D:\11-200 CN HAW Finkenau\CRESTRON Projekt\CN\TPMC-8X_01_XPanel.xexe\bin\Xpanel.exe:*:Enabled:e-control 2 Module "C:\Programme\GIRA\c-move.exe" = C:\Programme\GIRA\c-move.exe:*:Enabled:c-move -- (www.hsinfoman.de) "C:\Programme\Harman Pro\London Architect\Main.exe" = C:\Programme\Harman Pro\London Architect\Main.exe:*:Enabled:HiQnet London Architect -- (BSS Audio) "C:\Programme\TeamViewer\Version6\TeamViewer.exe" = C:\Programme\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH) "C:\Programme\c-move.exe" = C:\Programme\c-move.exe:*:Enabled:c-move -- (www.hsinfoman.de) "C:\Programme\Crestron\VMK-WIN\VmkWinTray.exe" = C:\Programme\Crestron\VMK-WIN\VmkWinTray.exe:*:Enabled:Crestron VMK-WIN Tray "C:\Programme\Crestron\VMK-WIN\VmkWinHelper.exe" = C:\Programme\Crestron\VMK-WIN\VmkWinHelper.exe:*:Enabled:Crestron VMK-WIN Helper "C:\Programme\Crestron\VMK-WIN\VmkWinAppHelper.exe" = C:\Programme\Crestron\VMK-WIN\VmkWinAppHelper.exe:*:Enabled:Crestron VMK-WIN Application Helper "C:\Programme\Crestron\VMK-WIN\VmkWinApp.exe" = C:\Programme\Crestron\VMK-WIN\VmkWinApp.exe:*:Enabled:Crestron VMK-WIN Application "C:\Programme\Bose\ControlSpace 2.200\bin\CSDesigner.exe" = C:\Programme\Bose\ControlSpace 2.200\bin\CSDesigner.exe:*:Enabled:ControlSpace Designer ver2.200 -- (Bose Corporation) "C:\Programme\Bose\ControlSpace 2.200\bin\CSupdate.exe" = C:\Programme\Bose\ControlSpace 2.200\bin\CSupdate.exe:*:Enabled:ControlSpace Designer Firmware Update v2.200 -- (AuBit, Ltd. (JAPAN)) "C:\Programme\TeamViewer\Version7\TeamViewer.exe" = C:\Programme\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH) "C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\JO\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.) "C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00000000-0000-0000-0000-000000000000}" = KNX eteC Falcon Runtime v1.7 "{00060000-0000-1004-8002-0000C06B5161}" = WibuKey Setup (WibuKey Remove) "{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009 "{0573BDB1-CD8C-4591-BA90-DFCAD8F8C5AE}_is1" = Crestron Engraver v5.04.020.01 "{08A7C6C5-394F-4335-B32F-28C938704D2F}" = Lantronix UBox USB Device Server "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{15D6691B-73D3-41C7-87AF-CF685FE84D99}_is1" = MxEasy 1.5.1 "{1B52BC01-2F6E-4FAE-BB09-1F28D2BF1D63}_is1" = Crestron Toolbox 2.33.051.55 "{1B90A851-50F3-4040-B28B-07FAC963D50D}" = IT Tools For ETS3 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{20E9498A-B525-479B-8668-CCB91AB7F9C6}" = domovea Server "{262D707F-6978-476D-8EFE-6A72AF32236C}" = PC MACLAN "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 26 "{28B38A2B-05F0-45C9-BB93-3A419492D43C}" = Raum- / Controlpanel Software V1.3 "{291B3A3B-F808-45B8-8113-DF232FCB6C82}" = Microsoft .NET Compact Framework 3.5 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2C303EE0-A595-3543-A71A-931C7AC40EDE}" = Microsoft Primary Interoperability Assemblies 2005 "{2CD48761-FFED-4D34-8087-222CA36C5575}" = EIBA OPC Export v1.2 "{2DD388FF-6422-43C9-86A1-C7A99C83E946}" = ASUS nVidia Driver "{2FF43F5D-5729-4E02-A548-310E30A5F29B}" = Microsoft CAPICOM 2.1.0.2 SDK "{335424A2-2C4E-49F3-A066-58635269DB83}" = Sentinel Protection Installer 7.4.2 "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35695AD9-F477-478E-948F-1BAD4C986F21}" = IP-Project Macros für ETS "{38ADB9A6-798C-11D6-A855-00105A80791C}" = OKI Network Extension "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E00C574-B650-401D-A898-4581AAD6CC74}" = STRATO HiDrive "{4151A975-4546-45E5-92AD-F9AF3F68D24A}" = BJE Logic Time Plugin "{4448ABF6-786D-4C3D-A49D-7BB237E6DD17}" = Foxit PDF IFilter "{4509D9E5-57F8-45B0-9091-4676D709FD7A}" = Microsoft SQL Server Native Client "{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}" = Microsoft SQL Server VSS Writer "{48B30FAA-0262-4F96-9C4F-0B8C2E781C91}" = EIBA ETS PEI Driver Update v1.4 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AB6A079-178B-4144-B21F-4D1AE71666A2}" = Microsoft SQL Server 2008 R2 Native Client "{4C223826-2448-425F-9746-02395DD8450D}" = NWare 1.5.0 "{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared "{4E021ED8-0141-40AC-88B7-99B92FB5FCE3}" = ShredIt for Windows "{53585E8B-4E7F-4135-B3C2-EF06337E8448}" = Medialon Manager 5 "{5448C223-8C56-41C2-A292-65DE01556B6B}" = WATCHOUT 4 "{55C28EF3-2EA3-46AB-B1E7-54B96C5A6921}" = Viewport v3.110 "{572880F8-A845-48E1-97B8-3800E9155B18}" = ETS3 Professional "{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = SQL Server 2008 R2 Database Engine Services "{5A3343F2-006E-4524-9654-CD4136F9A3C4}" = b+b EIBTools / FIAVis "{5DC36978-AB9A-4A23-9C12-D90D2BB781B7}" = AVM FRITZ!Fernzugang "{60570530-B40D-40EC-8472-E13DA9050135}" = D-Nav Controls "{6686F38D-1A32-4A8C-94D7-A2AA9C5F3C9B}_is1" = Crestron Device Database44.06.001.00 "{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{7005C601-B415-4D77-B2ED-FF40E3DACDED}" = DEAL for Windows "{71B06E52-A152-43DE-B414-C2DD22D81A25}" = Crestron MasterInstaller "{7273A166-3420-4372-AE91-A450216823DB}" = Developer Tools for UPnP Technologies "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}" = Microsoft SQL Server 2008 R2 Setup (English) "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{79555FF3-33D2-4DE2-89D3-5AA98D387070}" = London Architect "{795A5DA8-D442-42B4-887F-8DCBC7D4AFA7}" = TP-Visu "{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}" = Microsoft SQL Server 2008 R2 RsFx Driver "{82E6FC8A-535B-4852-A0EE-38AA7E0E8573}" = ControlSpace Designer ver2.200 "{857DA860-472D-483E-AC6E-B9D7DDCDB0BA}" = Microsoft Expression Design 3 "{85E064EA-4092-4E0C-871F-61594123E06F}" = EIBA iETS Client v1.3 "{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2 "{892AAFA1-CBEE-419C-905D-BA2B728BB32A}" = GIRA TS3plus Plugin 1.0.0.0 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A5F34E2-37CF-4AD4-808C-2D413786E31A}" = Microsoft Visual C Runtime "{8B508184-4E86-41C9-BCFF-EF8B1C7EF2BF}_is1" = Crestron SIMPL Window 3.11.15.00 "{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support "{91853E08-7EF3-4C87-8D49-C6F9DBC4FE5A}" = GiraControl "{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9543BDC2-B910-4ED8-AD92-B8B92040245D}" = KNX eteC Falcon Runtime v2.1 "{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B42A6A6-035B-43FC-A7AC-C99F1D084384}" = SIMPL Windows v2.12 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8 "{9E52ACC4-ABB4-41A1-9D99-1229F0E3C0C2}_is1" = Crestron Database 33.01.004.01 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9F2E6BA-6756-4D8D-808E-671F4862EF2B}" = KNX ETS4 "{AA3983BF-9B72-484E-972A-E47BBAFA9CCA}" = VisionTools Pro-e v4.0 "{AE7D0D42-842F-11D4-B1F0-0050DA8095DF}" = Retrospect 5.15 "{b17ff919-2d84-4f2a-94d1-4c5254d8924f}" = KNX eteC Falcon Runtime v2.0 "{B4FD7198-3B0D-4A2B-AF76-DA4BA70E9D8B}" = EIBA iETS Telegram Recorder Client v1.3 "{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 Database Engine Services "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B88DD411-AD46-4F89-A54F-575B0AA667C3}" = GAEB-Viewer "{B9681EB8-76E5-4022-AE84-F6B7CE464554}" = KNX ETS4 Additional Runtime "{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software "{C885A1B2-184E-4C57-8C2B-78B250E1EFCA}" = Touchpanel Graphics v1.00 "{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CD23CF22-1DA2-4351-B6C4-B1A2859C68AC}" = eDrawings 2008 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005 "{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files "{D9C15833-DBC0-418C-B27E-921E2534F834}" = Power-Tool "{DE3F165D-D00A-ws-008-ETS3}_is1" = ETS3 - Wetterstation 2v06 Gira "{DE3F165D-D00A-ws-012-ETS3}_is1" = ETS3 - Wetterstation 2v03 Merten "{E11AC1A7-2F59-4911-90ED-E0B55D2101D6}" = Berker TS RTR Plugin 0.0.1.0 "{E304E05B-A86B-4B3C-BB57-9D0197442B09}" = Nokia PC Suite 4.81 "{E74BC26C-A114-4AE0-990E-BBFBB9F592A4}_is1" = Crestron VisionTools Pro-e 5.0.38.02 "{EA6DF39D-500E-4C3B-8B38-8675A798DB13}" = Text Overlay 2.0 "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 Database Engine Shared "{F074C96B-CBD0-4614-B4DA-E7A5B81CB721}" = Power-Project V4.5 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F1028A20-AE8B-44CE-BBAA-155F66952FE7}" = Network Camera View3 "{F109A292-33BA-4A96-9C9F-1739AE72EB62}" = WIN-Tools - elmeg WIN-Tools V5.44 "{F15D925E-9E7E-4F8D-8F5F-803B6EF23A58}" = KNX eteC Falcon Runtime v1.7 "{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0 "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{FB97A745-D1E6-435D-B942-264E94F89938}" = SIMPL+ Cross Compiler "{FB99852D-8340-4B3E-8051-3229879586C5}" = KNXTP1-IEC61131Controller-IpRouter "{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 Common Files "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "ADAM-5000TCP-6000 Utility Ver 2.36" = ADAM-5000TCP-6000 Utility Ver 2.36 "ADAM-5000TCP-6000 Utility Ver 2.37" = ADAM-5000TCP-6000 Utility Ver 2.37 "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0 "AFPL Ghostscript 8.53" = AFPL Ghostscript 8.53 "AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts "AjaxVisu (Gira)" = AjaxVisu v2.2.090902 "Ask Toolbar_is1" = Foxit Toolbar "Audia" = Audia "Az008ETS3_is1" = ETS3 - Alarmzentrale Gira 1v06 "Biq006ETS3_is1" = ETS3 - B.IQ-Display Berker 1v08 "Browser Defender_is1" = Browser Defender 2.0.6.15 "CCleaner" = CCleaner "CentraClient" = Centra Client "Clean Disk Security" = Clean Disk Security 7.81 "c-move" = c-move 3.9.0.43 "ct008ETS3_is1" = ETS3 - InfoTerminal Touch Gira 1v01 "CtIp006ETS3_is1" = ETS3 - Master Control Berker 1v03 "CtIp008ETS3_is1" = ETS3 - InfoTerminal Touch 2072xx Gira 1v03 "D49FBD114E4911AD03D99ED034ADA88310A1915A" = Windows-Treiberpaket - Crestron Electronics Inc. (WinUSB) Crestron (11/09/2010 3.0.0.0) "DALIMonitor25" = DALI Monitor "Design_6.0.1739.0" = Microsoft Expression Design 3 "DesignGenerator" = DesignGenerator v1.100721 RC "DjVu" = LizardTech DjVu Control (autoinstall) "ELKACOMM&135E&0145" = ELKA CP210x USB Device 0145 (Driver Removal) "ElsterFormular 13.1.1.8531u" = ElsterFormular "ETS2 V1.3" = ETS2 V1.3 "ETS3 Professional" = ETS3 Professional "FileASSASSIN" = FileASSASSIN "FileMaker Pro 4.0" = FileMaker Pro 4.0 "FileZilla" = FileZilla (remove only) "FileZilla Server" = FileZilla Server (remove only) "Foxit Reader_is1" = Foxit Reader "FreePDF_XP" = FreePDF XP (Remove only) "FRITZ! 2.0" = AVM FRITZ!fax für FRITZ!Box "Gira HS+FS Experte v2.8" = Gira HS+FS Experte v2.8 "GNU Ghostscript 7.05" = GNU Ghostscript 7.05 "GNU Ghostscript Fonts" = GNU Ghostscript Fonts "HS/FS QuadClient" = QuadClient 1.1 MultiLanguage "HS_FS Experte 2.3_DE" = HS/FS Experte 2.3.2 MultiLanguage "HS_FS Experte 2.4_DE" = HS/FS Experte 2.4 "HS_FS Experte 2.5.100908_DE" = HS/FS Experte 2.5 "HS_FS Experte 2.7.110928_DE" = HS/FS Experte 2.70 "HS_FS QuadClient 1.2" = QuadClient 1.2 "HSMonitor" = HSMonitor v1.0.090305 RC "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager "IP-Project" = IP-Project "IREdit" = IREdit "K1006ETS3_is1" = ETS3 - Tastsensor mit RTR und Display Berker 1v02 "KNX ETS4" = KNX ETS4 "lvdrivers_12.10" = Logitech Webcam Software-Treiberpaket "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300 "masterCONFIGURATOR" = masterCONFIGURATOR "mediaControl 2.2.45" = mediaControl 2.2.45 "Medialon Manager 3" = Medialon Manager 3 "Mediaport" = Mediaport "Mediencenter Software_is1" = Mediencenter Software Version 6.02.15 31.10.08 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 "Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 "Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de) "Mozilla Thunderbird 14.0 (x86 de)" = Mozilla Thunderbird 14.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MT012ETS3_is1" = ETS3 - MT701 Merten 1v11 "NetLinx Studio 2" = NetLinx Studio "Nexia" = Nexia "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NPort Administration Suite_is1" = NPort Administration Suite Ver1.12 "NVIDIA Drivers" = NVIDIA Drivers "OKI LPR Utility" = OKI LPR Utility "OpenVPN" = OpenVPN 2.1.1 "Power-Project V4.5" = Power-Project V4.5 "Power-Tool" = Power-Tool "RCD004ETS3_is1" = ETS3 - RCD Jung 3v05 "RealVNC_is1" = VNC Free Edition 4.1.2 "Redirection Port Monitor" = RedMon - Redirection Port Monitor "Soundweb" = Soundweb "Spyware Doctor" = Spyware Doctor 7.0 "Symphony Cable Pro 5.2.3" = Adtec Digital Symphony Cable Pro 5.2.3 "Symphony Professional 5.2.3" = Adtec Digital Symphony Professional 5.2.3 "TeamViewer 5" = TeamViewer 5 "TeamViewer 6" = TeamViewer 6 "TeamViewer 7" = TeamViewer 7 "Totalcmd" = Total Commander (Remove or Repair) "TPDesign4" = TPDesign4 "Ts2B008ETS3_is1" = ETS3 - Tastsensor 2 plus Gira 2v10 "VLC media player" = VideoLAN VLC media player 0.8.6c "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Windows Media Format Runtime" = Windows Media Format Runtime "Winmail Opener" = Winmail Opener 1.4 "WinRAR archiver" = WinRAR archiver "WinSwitch3_is1" = WinSwitch "winusb0200" = Microsoft WinUsb 2.0 "XConsole_v9_is1" = XConsole_v9 "YTdetect" = Yahoo! Detect ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-682003330-362288127-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "b44603a6177aa624" = Kramer RC Configuration "Dropbox" = Dropbox ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 26.08.2012 08:56:41 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = This Service is only for GiraControl-Machines Error - 26.08.2012 08:56:41 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = Service cannot be started. Das Handle ist ungültig Error - 26.08.2012 09:01:59 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = This Service is only for GiraControl-Machines Error - 26.08.2012 09:01:59 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = Service cannot be started. Das Handle ist ungültig Error - 26.08.2012 09:08:41 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = Service cannot be started. System.ArgumentOutOfRangeException: Index and length must refer to a location within the string. Parameter name: length at System.String.InternalSubStringWithChecks(Int32 startIndex, Int32 length, Boolean fAlwaysCopy) at GC_Service.serviceGiraControl.CheckValidSystem() at GC_Service.serviceGiraControl.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 26.08.2012 09:12:21 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = Service cannot be started. System.ArgumentOutOfRangeException: Index and length must refer to a location within the string. Parameter name: length at System.String.InternalSubStringWithChecks(Int32 startIndex, Int32 length, Boolean fAlwaysCopy) at GC_Service.serviceGiraControl.CheckValidSystem() at GC_Service.serviceGiraControl.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 26.08.2012 09:16:26 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = This Service is only for GiraControl-Machines Error - 26.08.2012 09:16:26 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = Service cannot be started. Das Handle ist ungültig Error - 26.08.2012 09:27:33 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = This Service is only for GiraControl-Machines Error - 26.08.2012 09:27:33 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = Service cannot be started. Das Handle ist ungültig [ Application Events ] Error - 26.08.2012 08:56:41 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = This Service is only for GiraControl-Machines Error - 26.08.2012 08:56:41 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = Service cannot be started. Das Handle ist ungültig Error - 26.08.2012 09:01:59 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = This Service is only for GiraControl-Machines Error - 26.08.2012 09:01:59 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = Service cannot be started. Das Handle ist ungültig Error - 26.08.2012 09:08:41 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = Service cannot be started. System.ArgumentOutOfRangeException: Index and length must refer to a location within the string. Parameter name: length at System.String.InternalSubStringWithChecks(Int32 startIndex, Int32 length, Boolean fAlwaysCopy) at GC_Service.serviceGiraControl.CheckValidSystem() at GC_Service.serviceGiraControl.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 26.08.2012 09:12:21 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = Service cannot be started. System.ArgumentOutOfRangeException: Index and length must refer to a location within the string. Parameter name: length at System.String.InternalSubStringWithChecks(Int32 startIndex, Int32 length, Boolean fAlwaysCopy) at GC_Service.serviceGiraControl.CheckValidSystem() at GC_Service.serviceGiraControl.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error - 26.08.2012 09:16:26 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = This Service is only for GiraControl-Machines Error - 26.08.2012 09:16:26 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = Service cannot be started. Das Handle ist ungültig Error - 26.08.2012 09:27:33 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = This Service is only for GiraControl-Machines Error - 26.08.2012 09:27:33 | Computer Name = JC-PC-02 | Source = Service1 | ID = 0 Description = Service cannot be started. Das Handle ist ungültig [ System Events ] Error - 26.08.2012 08:56:47 | Computer Name = JC-PC-02 | Source = Service Control Manager | ID = 7023 Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet: %%10048 Error - 26.08.2012 09:02:05 | Computer Name = JC-PC-02 | Source = Service Control Manager | ID = 7023 Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet: %%10048 Error - 26.08.2012 09:08:43 | Computer Name = JC-PC-02 | Source = Service Control Manager | ID = 7023 Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet: %%10048 Error - 26.08.2012 09:12:24 | Computer Name = JC-PC-02 | Source = Service Control Manager | ID = 7023 Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet: %%10048 Error - 26.08.2012 09:16:32 | Computer Name = JC-PC-02 | Source = Service Control Manager | ID = 7023 Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet: %%10048 Error - 26.08.2012 09:27:39 | Computer Name = JC-PC-02 | Source = Service Control Manager | ID = 7023 Description = Der Dienst "IPSEC-Dienste" wurde mit folgendem Fehler beendet: %%10048 Error - 26.08.2012 09:36:02 | Computer Name = JC-PC-02 | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 26.08.2012 09:36:36 | Computer Name = JC-PC-02 | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: eusk2par Fips intelppm TfFsMon TfSysMon Error - 26.08.2012 09:52:16 | Computer Name = JC-PC-02 | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 26.08.2012 09:55:29 | Computer Name = JC-PC-02 | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "SkypeUpdate" mit den Argumenten "/ComService" gestartet wurde, um den folgenden Server zu verwenden: {CC957078-B838-47C4-A7CF-626E7A82FC58} < End of report > Geändert von oelli (26.08.2012 um 15:03 Uhr) Grund: Habe OTL.txt/Extras.txt vergessen. |
30.08.2012, 20:34 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC friert ein mit Piep, aber nur bei Anmeldung Bitte alle Logs von Malwarebytes posten
__________________
__________________ |
Themen zu PC friert ein mit Piep, aber nur bei Anmeldung |
32 bit, anmelde, anmelden, anmeldung, application/pdf:, aufgrund, ausführen, bewegt, filezilla, fontcache, friert, friert ein, gemeldet, google earth, helper.exe, jahre, lws.exe, malwarebytes, mauszeiger, melde, melden, meldung, nodrives, pc friert ein, piept, plug-in, remote control, scan, stress, total commander, windows, windows internet, zunächst |