| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC ist stundenlang vollkommen blockiertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
29.07.2013, 01:56
| #1 |
 |  PC ist stundenlang vollkommen blockiert Hallo zusammen! Ich fürchte, ich habe mir auf meinem Rechner irgendetwas eingefangen. Die Symptome äußern sich wie folgt: - PC ist erst todeslangsam (egal ob im Internet, bei allen Office-Programmen oder welche Programme auch immer genutzt werden) - ich erhalte inzwischen bei fast jedem Versuch online zu gehen die Meldung "OH NEIN"... Seite konnte nicht geöffnet werden. Wenn ich dann zig mal auf "neu laden" gehe, habe ich vereinzelt Glück und es klappt doch, meistens aber nicht - wenn das passiert ist, ist der Rechner oft stundenlang komplett blockiert Es sieht aus, als würde er arbeiten, aber auch nach Stunden hat sich absolut rein gar nichts verändert - ich kann dann nur noch den PC per Ausschalter runterfahren und neu starten, dann geht das Ganze meist einfach von vorne los Log-Files hab ich schon erstellt, mal sehen, wie ich die Log-Texte hier als "Archiv" einfügen kann... ich suche diese Möglichkeit noch. Es wäre spitze, wenn mir jemand helfen könnte, das Problem zu erkennen und zu beheben. Vielen lieben Dank schon mal vorab. Liebe Grüße Claudia Hier der erste Log-file: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:17 on 28/07/2013 (clk)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter OTL logfile created on: 28.07.2013 22:19:01 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\clk\Desktop\Trojaner-Files Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1023,42 Mb Total Physical Memory | 247,95 Mb Available Physical Memory | 24,23% Memory free 2,41 Gb Paging File | 1,67 Gb Available in Paging File | 69,56% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 74,33 Gb Total Space | 19,13 Gb Free Space | 25,74% Space Free | Partition Type: NTFS Computer Name: CK | User Name: clk | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found -- PRC - [2013.07.28 22:12:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\clk\Desktop\Trojaner-Files\OTL.exe PRC - [2013.07.12 20:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2013.04.27 00:24:42 | 000,423,144 | ---- | M] (BillP Studios) -- C:\Programme\BillP Studios\WinPatrol\WinPatrol.exe PRC - [2013.04.18 15:56:22 | 001,227,800 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe PRC - [2013.04.18 15:56:14 | 000,659,992 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe PRC - [2013.04.18 15:56:10 | 000,563,224 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psi_tray.exe PRC - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) -- C:\Programme\PDF Architect\HelperService.exe PRC - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2010.01.15 12:53:35 | 000,308,688 | ---- | M] () -- C:\Programme\Verbindungsassistent\WTGService.exe PRC - [2010.01.07 16:20:28 | 000,598,696 | ---- | M] ( ) -- C:\WINDOWS\system32\lxeecoms.exe PRC - [2009.07.24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft LifeCam\MSCamS32.exe PRC - [2009.05.25 11:18:04 | 000,040,960 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\DeviceHelper\DeviceManager.exe PRC - [2008.08.29 18:56:58 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe PRC - [2008.08.29 16:20:56 | 000,935,208 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005.07.05 16:08:48 | 000,034,816 | ---- | M] (TOSHIBA Corp.) -- C:\Programme\Toshiba\TOSHIBA Applet\TAPPSRV.exe PRC - [2005.01.18 01:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe PRC - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe ========== Modules (No Company Name) ========== MOD - [2013.07.28 20:07:59 | 002,089,472 | ---- | M] () -- C:\Programme\AVAST Software\Avast\defs\13072801\algo.dll MOD - [2013.07.12 20:49:44 | 000,396,240 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll MOD - [2013.07.12 20:49:42 | 004,052,944 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\28.0.1500.72\pdf.dll MOD - [2013.07.12 20:48:49 | 001,597,392 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll MOD - [2012.12.10 03:46:38 | 000,600,868 | ---- | M] () -- C:\Programme\BillP Studios\WinPatrol\sqlite3.dll MOD - [2012.03.11 14:55:40 | 000,088,656 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll MOD - [2011.10.05 04:52:30 | 000,756,048 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSPTLS.DLL MOD - [2011.06.22 12:46:12 | 000,434,016 | ---- | M] () -- C:\Programme\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll MOD - [2010.01.15 12:53:35 | 000,308,688 | ---- | M] () -- C:\Programme\Verbindungsassistent\WTGService.exe MOD - [2009.12.12 16:12:03 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2009.11.04 09:14:19 | 000,157,696 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxeedrpp.dll MOD - [2009.05.25 11:18:04 | 000,040,960 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\DeviceHelper\DeviceManager.exe MOD - [2009.02.26 14:46:56 | 000,064,344 | ---- | M] () -- C:\Programme\Microsoft Office\Office12\ADDINS\ColleagueImport.dll MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2004.07.20 17:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll ========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013.07.19 12:41:07 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2013.04.18 15:56:22 | 001,227,800 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent) SRV - [2013.04.18 15:56:14 | 000,659,992 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2013.01.09 18:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) [Auto | Stopped] -- C:\Programme\PDF Architect\ConversionService.exe -- (PDF Architect Service) SRV - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Programme\PDF Architect\HelperService.exe -- (PDF Architect Helper Service) SRV - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2010.01.15 12:53:35 | 000,308,688 | ---- | M] () [Auto | Running] -- C:\Programme\Verbindungsassistent\WTGService.exe -- (WTGService) SRV - [2010.01.07 16:20:28 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxeecoms.exe -- (lxee_device) SRV - [2010.01.07 16:20:23 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeeserv.exe -- (lxeeCATSCustConnectService) SRV - [2009.10.20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Programme\WinPcap\rpcapd.exe -- (rpcapd) SRV - [2009.07.24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc) SRV - [2009.05.25 11:18:04 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Programme\Gemeinsame Dateien\DeviceHelper\DeviceManager.exe -- (DeviceManager) SRV - [2008.08.29 18:56:58 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe -- (PLFlash DeviceIoControl Service) SRV - [2008.08.29 16:20:56 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2005.07.05 16:08:48 | 000,034,816 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Programme\Toshiba\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV) SRV - [2005.01.18 01:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2004.10.22 02:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013.06.28 12:45:08 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013.06.28 12:45:08 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2013.06.28 12:45:08 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013.05.09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013.05.09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013.05.09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013.05.09 10:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2013.05.09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2013.04.18 15:55:52 | 000,016,024 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf_x86.sys -- (PSI) DRV - [2012.09.20 06:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm) DRV - [2012.09.20 06:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus) DRV - [2012.06.27 10:37:56 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2012.06.27 10:37:56 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) DRV - [2012.06.27 10:37:56 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2011.08.01 15:57:30 | 000,045,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dc3d.sys -- (dc3d) DRV - [2010.11.22 14:25:54 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri) DRV - [2010.11.22 14:24:53 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc) DRV - [2010.11.22 14:24:53 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt) DRV - [2009.11.04 13:09:32 | 000,763,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\UDXTTM6010.sys -- (UDXTTM6010) DRV - [2009.11.04 13:09:32 | 000,023,104 | ---- | M] (DTV-DVB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Cinergy_Hybrid-Stick_HID.sys -- (TTHID) DRV - [2009.10.20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) DRV - [2009.07.24 16:05:24 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo) DRV - [2009.06.19 16:44:14 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2009.05.25 11:18:02 | 000,103,552 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qcusbser.sys -- (qcusbser) DRV - [2008.07.24 12:03:56 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2008.04.13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE) DRV - [2006.07.24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2005.07.04 15:54:08 | 000,098,176 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd) DRV - [2005.06.27 18:48:08 | 000,053,504 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid) DRV - [2005.05.30 18:28:38 | 000,008,576 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfec.sys -- (tosrfec) DRV - [2005.05.10 17:50:00 | 000,029,056 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs) DRV - [2005.04.15 07:14:58 | 001,130,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005.04.13 00:30:12 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005.03.31 02:18:40 | 000,230,400 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2005.03.30 12:42:54 | 000,047,230 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosporte.sys -- (tosporte) DRV - [2005.03.02 08:45:24 | 000,004,864 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD) DRV - [2004.12.21 11:38:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2004.10.29 18:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) DRV - [2004.10.04 10:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2004.08.04 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2004.08.04 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2003.01.29 23:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{E649DC79-BD07-46CD-85E1-6D561DA45348}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_de IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: plugin%40getwebcake.com:1.00.01 FF - prefs.js..extensions.enabledAddons: lrcfan%40fansoft.br:1.114 FF - prefs.js..extensions.enabledAddons: FFPDFArchitectConverter%40pdfarchitect.com:1.0 FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489 FF - prefs.js..extensions.enabledAddons: %7B097d3191-e6fa-4728-9826-b533d755359d%7D:0.7.18 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.747 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: wrc@avast.com:8.0.1489 FF - prefs.js..extensions.enabledItems: lrcfan@fansoft.br:1.114 FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.13 FF - prefs.js..extensions.enabledItems: plugin@getwebcake.com:1.00.01 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Programme\PDF Architect\FFPDFArchitectExt [2013.02.05 01:26:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2013.06.02 22:01:33 | 000,000,000 | ---D | M] [2013.06.04 13:37:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Mozilla\Extensions [2012.05.28 21:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Mozilla\Extensions\ideskbrowser@haufe.de [2013.07.16 10:39:56 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Mozilla\Firefox\Profiles\apdoscfg.default-1370883116226\extensions [2013.06.10 19:18:00 | 000,000,000 | ---D | M] (Flashblock) -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Mozilla\Firefox\Profiles\apdoscfg.default-1370883116226\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013.06.10 18:58:45 | 000,000,000 | ---D | M] (Ghostery) -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Mozilla\Firefox\Profiles\apdoscfg.default-1370883116226\extensions\firefox@ghostery.com [2013.06.10 19:18:12 | 000,000,000 | ---D | M] (Print pages to PDF) -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Mozilla\Firefox\Profiles\apdoscfg.default-1370883116226\extensions\printPages2Pdf@reinhold.ripper [2013.07.16 10:39:57 | 000,000,000 | ---D | M] (Speed Analysis 2) -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Mozilla\Firefox\Profiles\apdoscfg.default-1370883116226\extensions\speedanalysis02@SpeedAnalysis.com [2013.06.10 18:56:15 | 000,455,379 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Mozilla\Firefox\Profiles\apdoscfg.default-1370883116226\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2013.06.10 18:54:13 | 000,870,680 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Mozilla\Firefox\Profiles\apdoscfg.default-1370883116226\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.06.08 00:33:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.01.15 10:36:52 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2011.02.18 21:59:45 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2010.10.14 20:01:57 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll [2009.03.24 12:10:44 | 000,114,688 | ---- | M] (Zylom) -- C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\28.0.1500.72\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Picasa (Enabled) = C:\Programme\Google\Picasa3\npPicasa3.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: WOT = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0\ CHR - Extension: Speed Analysis 2 = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.3\ CHR - Extension: DVDVideoSoft Browser Extension = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.2_0\ CHR - Extension: WOT = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0\ CHR - Extension: Speed Analysis 2 = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.3\ CHR - Extension: DVDVideoSoft Browser Extension = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.2_0\ O1 HOSTS File: ([2013.05.29 23:58:22 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O2 - BHO: (Speed Analysis 2) - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Programme\Speed Analysis 2\ScriptHost.dll (SpeedAnalysis.com) O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Programme\PDF Architect\PDFIEHelper.dll (pdfforge GbR) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll () O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (&TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\THCDeskBand.dll (TerraTec Electronic GmbH) O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKCU..\Run: [WinPatrol] C:\Programme\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk = C:\Programme\Secunia\PSI\psi_tray.exe (Secunia) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE8F664F-9C4B-483B-A8DB-622FC4AD8803}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\haufereader - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005.08.17 14:44:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.07.28 22:19:07 | 000,000,000 | ---D | C] -- C:\557ab8b84762801839c9077f34a5 [2013.07.28 22:17:29 | 000,000,000 | ---D | C] -- C:\aa70a937a159644a0b37c9 [2013.07.28 22:13:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\Desktop\Trojaner-Files [2013.07.28 22:12:17 | 000,000,000 | ---D | C] -- C:\0f92f21a9f6100ea0934f7f9b8891bfb [2013.07.28 22:09:53 | 000,000,000 | ---D | C] -- C:\aa845be1534bc5b9fd09b9 [2013.07.28 20:59:31 | 000,000,000 | ---D | C] -- C:\Programme\LyriXeeker [2013.07.28 20:59:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\DigitalSite [2013.07.26 16:12:17 | 000,000,000 | ---D | C] -- C:\3307fe90f4cc23c12e9e5876 [2013.07.16 10:39:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\SpeedAnalysis2 [2013.07.16 10:39:38 | 000,000,000 | ---D | C] -- C:\Programme\Speed Analysis 2 [2013.07.16 10:39:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\File Scout [2013.07.15 22:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT [2013.07.14 23:26:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Dropbox [2013.07.13 01:00:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\Eigene Dateien\My Received Files [2013.07.13 00:59:50 | 000,000,000 | ---D | C] -- C:\Programme\Lphant Applications [2013.07.13 00:44:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\vlc [2013.07.13 00:43:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN [2013.07.13 00:41:11 | 000,000,000 | ---D | C] -- C:\Programme\VideoLAN [2013.07.13 00:31:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\DSite [2013.07.13 00:31:20 | 000,000,000 | ---D | C] -- C:\Programme\VideoConverter [2013.06.28 23:47:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\CutePDF Writer [2013.06.28 23:45:56 | 000,000,000 | ---D | C] -- C:\Programme\GPLGS [2013.06.28 23:45:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CutePDF [2013.06.28 23:44:37 | 000,000,000 | ---D | C] -- C:\Programme\Acro Software [2013.06.28 23:44:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\APN [2012.06.15 22:11:23 | 000,894,448 | ---- | C] (Oracle Corporation) -- C:\Programme\chromeinstall-7u5.exe ========== Files - Modified Within 30 Days ========== [2013.07.28 22:20:10 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.07.28 22:11:53 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\defogger_reenable [2013.07.28 22:09:21 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.07.28 22:04:07 | 000,000,350 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013.07.28 22:01:14 | 000,001,202 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2044978897-1172690549-42215457-1007UA.job [2013.07.28 21:28:07 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.07.28 21:27:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.07.28 21:27:47 | 1073,201,152 | -HS- | M] () -- C:\hiberfil.sys [2013.07.28 20:59:29 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2013.07.28 20:33:00 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.07.28 00:23:34 | 000,001,150 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2044978897-1172690549-42215457-1007Core.job [2013.07.22 22:45:18 | 007,142,244 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Desktop\Jeder Hund kann gehorchen lernen - Schluss mit der Leckerchen-Lü.epub [2013.07.21 15:54:30 | 000,000,115 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Desktop\Facebook.url [2013.07.19 12:41:07 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013.07.19 12:41:06 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013.07.16 10:43:53 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\pdfperformer [2013.07.16 10:42:48 | 000,000,437 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Desktop\Dateien von CK.lnk [2013.07.16 10:27:22 | 004,041,561 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Desktop\Hundekekse selber backen - die 50 besten Rezepte.epub [2013.07.15 02:00:01 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-CK-clk.job [2013.07.14 20:17:50 | 000,131,996 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Desktop\IMG_0067.MOV [2013.07.14 20:17:24 | 000,008,704 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.07.12 10:01:15 | 003,622,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.07.12 09:40:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013.07.09 11:20:37 | 180,339,818 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Desktop\Merlin_Fly#FC18.mov ========== Files Created - No Company Name ========== [2013.07.28 22:11:53 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\defogger_reenable [2013.07.28 20:59:27 | 000,000,414 | ---- | C] () -- C:\WINDOWS\tasks\At1.job [2013.07.22 22:45:17 | 007,142,244 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Desktop\Jeder Hund kann gehorchen lernen - Schluss mit der Leckerchen-Lü.epub [2013.07.21 15:54:17 | 000,000,115 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Desktop\Facebook.url [2013.07.16 10:46:27 | 004,041,561 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Desktop\Hundekekse selber backen - die 50 besten Rezepte.epub [2013.07.16 10:43:53 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\pdfperformer [2013.07.16 10:42:48 | 000,000,437 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Desktop\Dateien von CK.lnk [2013.07.15 14:54:33 | 180,339,818 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Desktop\Merlin_Fly#FC18.mov [2013.07.14 20:17:50 | 000,131,996 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Desktop\IMG_0067.MOV [2013.06.28 23:44:54 | 000,088,656 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll [2013.06.28 12:45:12 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum [2013.06.28 12:45:11 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum [2013.06.28 12:45:09 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum [2013.06.02 22:04:15 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys [2013.06.02 22:04:14 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys [2013.03.11 14:25:04 | 000,002,482 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin [2012.11.27 22:49:46 | 000,774,826 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2044978897-1172690549-42215457-1007-0.dat [2012.11.27 22:49:31 | 000,275,386 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2012.10.29 13:09:28 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2012.10.29 13:09:28 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2012.10.29 13:09:28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2012.10.29 13:09:28 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2012.10.29 13:09:28 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2012.02.15 14:43:40 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.08.28 22:05:55 | 000,001,474 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\CountdownProPrefs.cdp [2011.08.28 21:57:18 | 000,123,172 | ---- | C] () -- C:\Programme\countdown.sis [2010.12.31 14:38:46 | 000,036,072 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\mdbu.bin [2010.01.16 15:55:23 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt [2010.01.14 14:04:33 | 000,008,704 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.01.14 14:04:33 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat ========== ZeroAccess Check ========== [2005.08.17 14:51:55 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Files - Unicode (All) ========== (C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft ??) -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft 鼠标 ========== Alternate Data Streams ========== @Alternate Data Stream - 119 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:5C321E34 < End of report > Code:
ATTFilter OTL Extras logfile created on: 28.07.2013 22:19:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\clk\Desktop\Trojaner-Files
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1023,42 Mb Total Physical Memory | 247,95 Mb Available Physical Memory | 24,23% Memory free
2,41 Gb Paging File | 1,67 Gb Available in Paging File | 69,56% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,33 Gb Total Space | 19,13 Gb Free Space | 25,74% Space Free | Partition Type: NTFS
Computer Name: CK | User Name: clk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.hta [@ = htafile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Dokumente und Einstellungen\clk\Anwendungsdaten\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Lphant Applications\Lphant\Lphant.exe" = C:\Programme\Lphant Applications\Lphant\Lphant.exe:*:Enabled:Lphant
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE" = C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Microsoft LifeCam\LifeCam.exe" = C:\Programme\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Programme\Microsoft LifeCam\LifeEnC2.exe" = C:\Programme\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Programme\Microsoft LifeCam\LifeExp.exe" = C:\Programme\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Programme\Microsoft LifeCam\LifeTray.exe" = C:\Programme\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvr.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema Classic -- (TerraTec Electronic GmbH)
"C:\Programme\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe:*:Enabled:TerraTec Home Cinema Classic (tvtv Setup) -- (TerraTec Electronic GmbH)
"C:\Programme\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe:*:Enabled:TerraTec Home Cinema Classic (Auto Update) -- (TerraTec Electronic GmbH)
"C:\Programme\TerraTec\TerraTec Home Cinema\InstTool.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\InstTool.exe:*:Enabled:TerraTec Home Cinema Classic (Setup) -- (TerraTec Electronic GmbH)
"C:\Programme\TerraTec\TerraTec Home Cinema\TTDvrServer.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\TTDvrServer.exe:*:Enabled:NOXON Home Server -- (TerraTec Electronic GmbH)
"C:\WINDOWS\system32\lxeecoms.exe" = C:\WINDOWS\system32\lxeecoms.exe:*:Enabled:Pro700 Series Server -- ( )
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Smilebox\sbtb_install.exe" = C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Smilebox\sbtb_install.exe:*:Enabled:Smilebox Installer -- ()
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Programme\Lphant Applications\Lphant\Lphant.exe" = C:\Programme\Lphant Applications\Lphant\Lphant.exe:*:Enabled:Lphant
"C:\Dokumente und Einstellungen\clk\Eigene Dateien\Downloads\UPDFSetup.exe" = C:\Dokumente und Einstellungen\clk\Eigene Dateien\Downloads\UPDFSetup.exe:*:Enabled:UPDFSetup.exe (in) -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Symbolleiste
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{122879BD-2614-4AAB-9988-13C0719843D4}" = QuickSteuer 2012 COMPUTERBILD Edition
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{26d7e6f7-ec35-414f-9a3f-110a055af0dc}" = Nero BackItUp 4
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36C97B5B-5593-45B8-B50E-DAD87036BD9D}" = Microsoft LifeCam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EB6332B-AF02-457C-A31C-835458C5B48B}" = TOSHIBA Benutzerhandbücher
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD-Speicherkarten-Formatierung
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BB7A109-FDB5-45E3-9DB9-ECB2EA7B80EE}" = WinPatrol
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5D96E2B1-D9AC-46E0-9073-425C5F63E338}" = Touch and Launch
"{63218538-4A69-497F-8455-904261B0E9E4}" = CorelDRAW Graphics Suite X3
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zoom-Dienstprogramm
"{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility
"{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7ED0C3C2-6A3B-4FD1-97C8-20613D7D9ACF}" = TIxx21/x515
"{80A07844-CA64-4DE4-AB61-D37DDBE8074F}" = PDF Architect
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{995A7F95-907E-4C25-8A2A-39CDCB7EC69C}" = Nero BackItUp
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{a3f81d11-fb74-4433-8df4-143df715746d}" = Nero 9
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AB5C4115-57A5-4B30-B103-3DDF65FB5034}" = Nero BackItUp
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{C61B2B59-75D2-4203-B589-E0102C3A6F32}" = QuickSteuer Wissens-Center 2012
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{C9FB6FFC-B3D2-4AA0-AC05-73DB7796B638}" = DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{DEE03A90-C723-4E3D-A661-86651D6F0668}" = QuickSteuer Deluxe 2010
"{E3CDAAD3-F806-4F2A-BACF-487AD2E5B3EB}" = QuickSteuer 2011
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}" = Lexware Info Service
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"0D1EC8C098410CAFE85D1071184DB179AA0C5B30" = Windows-Treiberpaket - Intel USB (10/05/2012 9.1.9.1002)
"2DA959FE3D6F0F5BC313481E72071D510DD786FB" = Windows-Treiberpaket - Intel (w29n51) net (12/19/2007 9.0.4.39)
"43BC439F70814058C8C4D8445214560BA562954E" = Windows-Treiberpaket - Intel System (10/05/2012 9.1.9.1002)
"5394CDFA2BDA136A47E0AD3B0649491E4BF0775C" = Windows-Treiberpaket - Intel System (10/05/2012 9.1.9.1002)
"64A4C14F7BE3030FF4E9D0D18265D36EA120B146" = Windows-Treiberpaket - Intel hdc (10/05/2012 9.1.9.1002)
"7B31B8054391F9C7EF590728F991F590BB07F0D7" = Windows-Treiberpaket - Texas Instruments Inc (tifm21) MTD (05/25/2009 2.0.0.10)
"99384DC7A73D4A1912DFD6CEF0D996D685137527" = Windows-Treiberpaket - Intel hdc (10/05/2012 9.1.9.1002)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"Cinergy Hybrid Stick" = Cinergy Hybrid Stick V1.00.08.06a
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"CutePDF Writer Installation" = CutePDF Writer 3.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128
"HSPA USB MODEM ALCATEL_is1" = HSPA USB MODEM
"ie8" = Windows Internet Explorer 8
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{7ED0C3C2-6A3B-4FD1-97C8-20613D7D9ACF}" = Texas Instruments PCIxx21/x515 drivers.
"IrfanView" = IrfanView (remove only)
"Lexmark Pro700 Series" = Lexmark Pro700 Series
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"Secunia PSI" = Secunia PSI (3.0.0.7009)
"Speed Analysis 2" = Speed Analysis 2
"SpywareBlaster_is1" = SpywareBlaster 5.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Verbindungsassistent" = Verbindungsassistent
"VLC media player" = VLC media player 2.0.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DigitalSite" = Update for Zip Opener
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 28.07.2013 16:02:48 | Computer Name = CK | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb2832411,
P2 1031, P3 1601, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10
0.
Error - 28.07.2013 16:03:45 | Computer Name = CK | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2844285,
P2 1031, P3 1601, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10
0.
Error - 28.07.2013 16:09:41 | Computer Name = CK | Source = VSSetup | ID = 5000
Description = EventType vssetup, P1 kb2840628, P2 10.0.30319, P3 10.0.30319.1009,
P4 1, P5 ndp40-kb2840628.msp, P6 install_i_silent_error, P7 1601, P8 0, P9 , P10
NIL.
Error - 28.07.2013 16:12:12 | Computer Name = CK | Source = VSSetup | ID = 5000
Description = EventType vssetup, P1 kb2656351, P2 10.0.30319, P3 10.0.30319.272,
P4 1, P5 ndp40-kb2656351.msp, P6 install_i_silent_error, P7 1601, P8 0, P9 , P10
NIL.
Error - 28.07.2013 16:14:43 | Computer Name = CK | Source = VSSetup | ID = 5000
Description = EventType vssetup, P1 kb2832407, P2 10.0.30319, P3 10.0.30319.1005,
P4 1, P5 ndp40-kb2832407.msp, P6 install_i_silent_error, P7 1601, P8 0, P9 , P10
NIL.
Error - 28.07.2013 16:16:26 | Computer Name = CK | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2833940,
P2 1031, P3 1601, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10
0.
Error - 28.07.2013 16:17:21 | Computer Name = CK | Source = VSSetup | ID = 5000
Description = EventType vssetup, P1 kb2487367, P2 10.0.30319, P3 10.0.30319.236,
P4 1, P5 ndp40-kb2487367.msp, P6 install_i_silent_error, P7 1601, P8 0, P9 , P10
NIL.
Error - 28.07.2013 16:17:55 | Computer Name = CK | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 3.5-kb2840629,
P2 1031, P3 1601, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10
0.
Error - 28.07.2013 16:18:42 | Computer Name = CK | Source = NativeWrapper | ID = 5000
Description =
Error - 28.07.2013 16:22:15 | Computer Name = CK | Source = VSSetup | ID = 5000
Description = EventType vssetup, P1 kb2835393, P2 10.0.30319, P3 10.0.30319.1008,
P4 1, P5 ndp40-kb2835393.msp, P6 install_i_silent_error, P7 1601, P8 0, P9 , P10
NIL.
[ OSession Events ]
Error - 27.05.2013 15:57:22 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 38895
seconds with 1560 seconds of active time. This session ended with a crash.
Error - 06.06.2013 14:27:48 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1421
seconds with 180 seconds of active time. This session ended with a crash.
Error - 13.06.2013 17:52:47 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 130
seconds with 0 seconds of active time. This session ended with a crash.
Error - 17.06.2013 15:44:24 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1961
seconds with 300 seconds of active time. This session ended with a crash.
Error - 19.06.2013 04:54:58 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 535
seconds with 0 seconds of active time. This session ended with a crash.
Error - 19.06.2013 17:58:09 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 495
seconds with 60 seconds of active time. This session ended with a crash.
Error - 21.06.2013 06:44:40 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 173
seconds with 120 seconds of active time. This session ended with a crash.
Error - 03.07.2013 17:03:10 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 24975
seconds with 420 seconds of active time. This session ended with a crash.
Error - 06.07.2013 17:07:56 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4440
seconds with 60 seconds of active time. This session ended with a crash.
Error - 16.07.2013 15:14:20 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 24555
seconds with 600 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 28.07.2013 16:52:41 | Computer Name = CK | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
Error - 28.07.2013 16:53:59 | Computer Name = CK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 28.07.2013 16:55:12 | Computer Name = CK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 28.07.2013 16:55:57 | Computer Name = CK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 28.07.2013 16:56:49 | Computer Name = CK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 28.07.2013 16:57:03 | Computer Name = CK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 28.07.2013 16:57:06 | Computer Name = CK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 28.07.2013 16:57:13 | Computer Name = CK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 28.07.2013 16:57:17 | Computer Name = CK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 28.07.2013 16:58:02 | Computer Name = CK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
[ TuneUp Events ]
Error - 02.10.2011 12:44:17 | Computer Name = CK | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
< End of report >
|
| Themen zu PC ist stundenlang vollkommen blockiert |
| adobe reader xi, alcatel, arbeiten, archiv, blockiert, einfügen, erkennen, erstellt, filescout.exe, hallo zusammen, install.exe, internet, komplett, meldung, msiexec.exe, neu, office-programme, online, plug-in, problem, pup.optional.solimba, pup.optional.sweetim, pup.optional.tarma.a, pup.optional.webcake.a, pup.webcake, pup.webcake.a, rootkit.boot.sinowal.b, runterfahren, secunia psi, starten, suche, zusammen |
Baum-Darstellung