Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Xp startet nicht mehr - cleansweep.exe

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 23.09.2010, 15:05   #1
nickel
 
Xp startet nicht mehr - cleansweep.exe - Standard

Xp startet nicht mehr - cleansweep.exe



Hallo zusammen,

erstmal hoffe ich, das richtige Forum gewäklt zu haben.
Ich habe folgendes Problem:
Gestern wollte ich meinen Pc wie üblich hochfahren und musste feststellen, dass meine internen Laptopmaus nicht mehr funktioniert. Ich habe dann die Synapticstreiber deinstalliert und dann neu aufgespielt, worauf dieses Problem behoben war.
Nun habe ich aber das Problem, dass immer wenn ich den Pc runterfahre kurz bevor er sich ausschaltet (habe Windows XP und es geschieht immer beim Punkt "Einstellungen speichern") die Numlock Taste aktiviert und ich beim nächsten Bootvorgang jedes Mal beim Windows XP Startbildschirm (mit den blauen Balken) hängen bleibe. Ich habe dann mal einen Virenscan durchgeführt und dabei neben einem Haufen anderer Viren und Würmer (ich war die letzte Woche gezwungenermaßen in vielen unsichern, weil nicht kennwortgeschützten W Lan Netzen unterwegs) auch "cleansweep.exe" gefunden. Ich habe dann bei google gesucht und bin auf dieses Forum gestoßen. Habe mir Malwarebytes runtergeladen und einen vollständigen Suchlauf gemacht und dasselbe mit meinem Antiviren Programm Antivir. Geändert hat sich dadurch leider nichts, der cleansweep Ordner ist zwar weg, allerdings hat es sich nun glaube ich in der Registry eingenistet (siehe Hijack Logfile). Komischerweise kann ich so jedes dritte Mal, wenn ich davor komplett die Stromzufuhr unterbreche (auch Akku aus dem Laptop) und im Batteriebetrieb starte, eigentlich ganz normal booten.
Ich hoffe auf eure Hilfe und dass ich das Problem ausreichend genau geschildert habe!
Merci schonmal im Voraus
der nickel
Angehängte Dateien
Dateityp: txt hijackthis 23.09.2010.txt (8,9 KB, 193x aufgerufen)

Alt 23.09.2010, 16:14   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Xp startet nicht mehr - cleansweep.exe - Standard

Xp startet nicht mehr - cleansweep.exe



Hallo und

Poste bitte alle Logfiles von Malwarebytes und AntiVir!
__________________

__________________

Alt 23.09.2010, 19:49   #3
nickel
 
Xp startet nicht mehr - cleansweep.exe - Standard

Xp startet nicht mehr - cleansweep.exe



Bitte sehr:
Das erste ist das Antivir Protokoll, weil ich das als erstes erstellt habe.
Das zweite ist das von Malwarebyte...
Hoffe es hilft weiter!
__________________
Angehängte Dateien
Dateityp: txt mbam-log-2010-09-23 (09-08-08).txt (13,2 KB, 195x aufgerufen)
Dateityp: txt Antivir Scan.txt (33,7 KB, 234x aufgerufen)

Alt 23.09.2010, 20:11   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Xp startet nicht mehr - cleansweep.exe - Standard

Xp startet nicht mehr - cleansweep.exe



Im Log steht, dass nichts gemacht wurde. hast Du alle Funde mit Malwarebytes entfernt?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 23.09.2010, 20:18   #5
nickel
 
Xp startet nicht mehr - cleansweep.exe - Standard

Xp startet nicht mehr - cleansweep.exe



Ja ich bin auf alle entfernen gegangen...


Alt 23.09.2010, 20:20   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Xp startet nicht mehr - cleansweep.exe - Standard

Xp startet nicht mehr - cleansweep.exe



Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________
--> Xp startet nicht mehr - cleansweep.exe

Alt 23.09.2010, 20:32   #7
nickel
 
Xp startet nicht mehr - cleansweep.exe - Standard

Xp startet nicht mehr - cleansweep.exe



Bitte sehr...OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 23.09.2010 21:27:51 - Run 2
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Dokumente und Einstellungen\Hammann\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.023,00 Mb Total Physical Memory | 459,00 Mb Available Physical Memory | 45,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 30,21 Gb Total Space | 4,50 Gb Free Space | 14,89% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 108,83 Gb Total Space | 2,25 Gb Free Space | 2,07% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: NOTEBOOK_CH
Current User Name: Hammann
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"9420:TCP" = 9420:TCP:*:Enabled:RSP
"38679:TCP" = 38679:TCP:*:Enabled:TCP
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\concept design\onlineTV 3\onlineTV.exe" = C:\Programme\concept design\onlineTV 3\onlineTV.exe:*:Enabled:onlineTV -- File not found
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe" = C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:PowerCinema -- File not found
"C:\Programme\CyberLink\PowerCinema\PowerCinema.exe" = C:\Programme\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:PowerCinema -- (CyberLink Corp.)
"E:\Programme\Age of Empire II\age2_x1 k.exe" = E:\Programme\Age of Empire II\age2_x1 k.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Programme\Emule\emule.exe" = C:\Programme\Emule\emule.exe:*:Enabled:eMule -- File not found
"C:\Programme\LimeWire 4.2.6 Pro\LimeWire.exe" = C:\Programme\LimeWire 4.2.6 Pro\LimeWire.exe:*:Enabled:LimeWire -- (LimeWire, LLC)
"C:\Programme\Azureus\Azureus.exe" = C:\Programme\Azureus\Azureus.exe:*:Enabled:Azureus -- File not found
"C:\Programme\CuteSoft\NetSkat\Netskat.exe" = C:\Programme\CuteSoft\NetSkat\Netskat.exe:*:Enabled:NetSkat. Exe-Datei -- (CuteSoft, Gerlinde und Michael Fischer)
"C:\Programme\RSSoft\RSEDNClient.exe" = C:\Programme\RSSoft\RSEDNClient.exe:*:Enabled:RSEDNClient -- File not found
"E:\Programme\Commandos 3 - Destination Berlin\Commandos3.exe" = E:\Programme\Commandos 3 - Destination Berlin\Commandos3.exe:*:Enabled:Commandos3 -- ()
"C:\Programme\Mozilla Firefox\plugins\alhlp.exe" = C:\Programme\Mozilla Firefox\plugins\alhlp.exe:*:Enabled:Anti-Leech plugin helper program -- File not found
"C:\Programme\NetPumper\NetPumper.exe" = C:\Programme\NetPumper\NetPumper.exe:*:Enabled:NetPumper download manager -- File not found
"C:\Programme\SFT Loader\leecher.exe" = C:\Programme\SFT Loader\leecher.exe:*:Enabled:SFT Loader -- File not found
"C:\Downloads\3D Luder\3D Luder\iWeb\iws.exe" = C:\Downloads\3D Luder\3D Luder\iWeb\iws.exe:*:Enabled:.Web -- File not found
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\FIFA 2005\fifa2005.exe" = C:\Programme\FIFA 2005\fifa2005.exe:*:Enabled:fifa2005 -- File not found
"E:\Programme\Nights of the old Republic 2\swupdate.exe" = E:\Programme\Nights of the old Republic 2\swupdate.exe:*:Enabled:Star Wars: Knights of the Old Republic II: The Sith Lords Update Program -- File not found
"C:\Programme\concept design\onlineTV 3\onlineTV.exe" = C:\Programme\concept design\onlineTV 3\onlineTV.exe:*:Enabled:onlineTV -- File not found
"E:\Programme\Command and Conquer Generäle\game.dat" = E:\Programme\Command and Conquer Generäle\game.dat:*:Enabled:game -- ()
"E:\Programme\Jedi Night- Jedi Academy\GameData\jamp.exe" = E:\Programme\Jedi Night- Jedi Academy\GameData\jamp.exe:*:Enabled:Jedi Academy MultiPlayer -- (Activision Inc)
"C:\Programme\PPLive\PPLive.exe" = C:\Programme\PPLive\PPLive.exe:*:Enabled:PPLive -- ()
"C:\Programme\TVAnts\Tvants.exe" = C:\Programme\TVAnts\Tvants.exe:*:Enabled:TVAnts -- (Zhejiang University)
"E:\Programme\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe" = E:\Programme\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI) -- File not found
"E:\Programme\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe" = E:\Programme\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV) -- ()
"C:\Programme\PPStream\PPStream.exe" = C:\Programme\PPStream\PPStream.exe:*:Enabled:PPSÍøÂçµçÊÓ -- (PPStream Inc.)
"C:\Programme\ICQLite\ICQLite.exe" = C:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite -- File not found
"C:\Programme\Yahoo!\Messenger\YahooMessenger.exe" = C:\Programme\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Programme\Yahoo!\Messenger\YServer.exe" = C:\Programme\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Programme\SopCast\SopCast.exe" = C:\Programme\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Programme\PPMate\ppmate.exe" = C:\Programme\PPMate\ppmate.exe:*:Enabled:PPMate -- ()
"C:\Programme\PPMate\ppmnet.exe" = C:\Programme\PPMate\ppmnet.exe:*:Enabled:PPMate -- File not found
"C:\Dokumente und Einstellungen\Hammann\Eigene Dateien\Abischnitt_2007\PPStream.exe" = C:\Dokumente und Einstellungen\Hammann\Eigene Dateien\Abischnitt_2007\PPStream.exe:*:Enabled:PPStream media stream player -- (PPStream.com)
"C:\Programme\LeechFTP\Leechftp.exe" = C:\Programme\LeechFTP\Leechftp.exe:*:Enabled:LeechFTP -- (jan debis)
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process  -- (Nokia Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"E:\Programme\FIFA 2001\FIFA2001.ICD" = E:\Programme\FIFA 2001\FIFA2001.ICD:*:Enabled:FIFA2001 -- ()
"C:\Programme\ICQ6\ICQ.exe" = C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Dokumente und Einstellungen\Hammann\Anwendungsdaten\SopCast\adv\SopAdver.exe" = C:\Dokumente und Einstellungen\Hammann\Anwendungsdaten\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- File not found
"C:\server.exe" = C:\server.exe:*:Disabled:server -- File not found
"C:\Programme\TVUPlayer\TVUPlayer.exe" = C:\Programme\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component -- (TVU networks)
"C:\Programme\PPStream\PPSAP.exe" = C:\Programme\PPStream\PPSAP.exe:*:Enabled:PPS ÍøÂç¼ÓËÙÆ÷ -- (PPStream Inc)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE" = C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Programme\Messenger\msmsgs.exe" = C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- File not found
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:enable -- (Microsoft Corporation)
"C:\Programme\VideoLAN\VLC\vlc.exe" = C:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Programme\Java\jre1.5.0_06\bin\javaw.exe" = C:\Programme\Java\jre1.5.0_06\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre1.5.0_06\bin\java.exe" = C:\Programme\Java\jre1.5.0_06\bin\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\TeamViewer\Version4\TeamViewer.exe" = C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"E:\Programme\iTunes\iTunes.exe" = E:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\Air Mouse\Air Mouse\Air Mouse.exe" = C:\Programme\Air Mouse\Air Mouse\Air Mouse.exe:*:Enabled:AirMouse -- ()
"C:\Programme\Vuze\Azureus.exe" = C:\Programme\Vuze\Azureus.exe:*:Enabled:Azureus -- File not found
"C:\Programme\SparVoip.de\SparVoip\SparVoip.exe" = C:\Programme\SparVoip.de\SparVoip\SparVoip.exe:*:Enabled:SparVoip -- (SparVoip)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle
"{0819E89D-6214-4B6F-A18D-4633CB4E0E4A}" = Softwareupdate für Webordner
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Systemsteuerung
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{17BD85F9-3B88-4C85-BB47-4AB8DD68F8BB}" = Nokia Software Updater
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = PowerCinema
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2A0A6470-FD0F-4F45-9B11-85F3167DB943}" = Nokia Flashing Cable Driver
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3DB5FD00-BB93-4AF3-B925-77DAA0E4E2F4}" = eBay Toolbar
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{449801F1-65B0-46F5-B4C5-1EF464EF7214}" = Mobile Mouse Server
"{4727EB39-BB6F-4571-A0B6-AB6331D57665}" = LimeWire
"{4F928B83-3D8E-402B-8480-5C5C3BCE8040}" = OKI B410 Druckermenü-Einrichtungstool
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5791B7D3-8B34-4218-9750-6A8E45D0AD32}" = pdfforge Toolbar v1.1.2
"{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}" = Nokia PC Suite
"{5E4EF02B-4C5F-4B35-AB77-41284456165A}" = Skispringen 2002
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6E5BC38E-F22B-4197-00A2-CD8E58EF139C}" = Fussball Manager 2004
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89B287F1-3E3B-4E13-BB9B-DE7AD9D635E5}" = DaViDeo 3
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A71000000002}" = Adobe Reader 7.1.0 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B3EC8F2C-B71B-4030-BB37-1A04BE8516FC}" = OpenOffice.org 2.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BF4778F9-09D0-416C-8B8F-EF65BF169D52}" = NetSkat
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C640CAE0-8024-11D4-0090-B700902724B3}" = FIFA 2001
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}" = Cisco Systems VPN Client 5.0.00.0340
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC0FCEDB-11AE-4D88-8633-537292C3E705}" = Commandos 3 - Destination Berlin
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Windows-Treiberpaket - Nokia Modem  (11/03/2006 6.82.0.1)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem  (02/15/2007 3.1)
"24h-Bildexpress" = 24h-Bildexpress 
"³¬¼¶²¥°Ô" = ³¬¼¶²¥°Ô
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All Patches inkl" = All Patches inkl
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bink and Smacker" = Bink and Smacker
"bwin Poker_is1" = bwin Poker
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Catan" = Catan - Die erste Insel
"CCleaner" = CCleaner (remove only)
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"CSCLIB" = Canon Camera Support Core Library
"Digitale Bibliothek 3" = Digitale Bibliothek 3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"Exifer_is1" = Exifer
"F064B256B4A20996EA9E333B5E0F14B61AB3333D" = Windows Driver Package - Nokia (WUDFRd) WPD  (03/19/2007 6.83.31.1)
"FLVPlayer" = FLV Player 1.3.3
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Guitar Pro 5_is1" = Guitar Pro 5.0
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle
"InstallShield_{4727EB39-BB6F-4571-A0B6-AB6331D57665}" = LimeWire
"IrfanView" = IrfanView (remove only)
"Java Media Framework 2.1.1e" = Java Media Framework 2.1.1e
"JDownloader" = JDownloader
"LeechFTP" = LeechFTP 
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MP3 Butcher 1.1.99_is1" = MP3 Butcher 1.1.99
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NeroVision!UninstallKey" = Nero Digital
"NetSkat" = NetSkat
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"Notebook Hardware Control" = Notebook Hardware Control 1.10 Beta 03
"NVEContent!UninstallKey" = NeroVision Express Content
"Pacific Poker" = Pacific Poker
"PDF Image Extraction Wizard 3.1_is1" = PDF Image Extraction Wizard 3.1
"PerformanceTest_is1" = PerformanceTest v6.0
"PhotoStitch" = Canon Utilities PhotoStitch
"PPLive" = PPLive 1.3.20
"ppmate" = PPMate Network TV 2.0.0.39
"PPStream" = PPStream
"QuicktimeAlt_is1" = QuickTime Alternative 1.75
"ratDVD" = ratDVD 0.78.1444
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 6.0" = RealPlayer
"Red Alert 2" = Command & Conquer Alarmstufe Rot 2
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"SimpleScreenshot" = SimpleScreenshot 1.40
"Skispringen 2007_0001" = Skispringen 2007
"Some PDF to Word Converter_is1" = Some PDF to Word Converter 1.5
"SopCast" = SopCast 1.1.2
"SparVoip_is1" = SparVoip
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 4" = TeamViewer 4
"The KMPlayer" = The KMPlayer (remove only)
"TV Player" = Veetle TV Player 0.9.11
"TVAnts 1.0" = TVAnts 1.0
"TVUPlayer" = TVUPlayer 2.4.7.2
"Tweak UI 2.10" = Tweak UI
"TweakUI" = Tweak UI 1.33 deutsch
"UltraStar Deluxe" = UltraStar Deluxe
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV Player" = Veetle TV Player 0.9.11
"Verbindungsassistent" = Verbindungsassistent
"VIA Vinyl Audio Codecs Driver Setup Program" = VIA Vinyl Audio Codecs Driver Setup Program
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.0.2
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"Yahoo! Messenger" = Yahoo! Messenger
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"Zwei-Stein_is1" = Zwei-Stein Video Compositor 3.01 (Beta 2).
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"InstallShield_{89B287F1-3E3B-4E13-BB9B-DE7AD9D635E5}" = DaViDeo 3
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 21.09.2010 15:05:58 | Computer Name = NOTEBOOK_CH | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung msimn.exe, Version 6.0.2900.5512, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 21.09.2010 15:06:21 | Computer Name = NOTEBOOK_CH | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung msimn.exe, Version 6.0.2900.5512, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 22.09.2010 21:03:06 | Computer Name = NOTEBOOK_CH | Source = Google Update | ID = 20
Description = 
 
Error - 22.09.2010 22:03:05 | Computer Name = NOTEBOOK_CH | Source = Google Update | ID = 20
Description = 
 
Error - 22.09.2010 23:03:05 | Computer Name = NOTEBOOK_CH | Source = Google Update | ID = 20
Description = 
 
Error - 23.09.2010 00:03:05 | Computer Name = NOTEBOOK_CH | Source = Google Update | ID = 20
Description = 
 
Error - 23.09.2010 01:03:05 | Computer Name = NOTEBOOK_CH | Source = Google Update | ID = 20
Description = 
 
Error - 23.09.2010 02:03:05 | Computer Name = NOTEBOOK_CH | Source = Google Update | ID = 20
Description = 
 
Error - 23.09.2010 03:03:06 | Computer Name = NOTEBOOK_CH | Source = Google Update | ID = 20
Description = 
 
Error - 23.09.2010 07:25:49 | Computer Name = NOTEBOOK_CH | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: The server name or address could not be resolved
.
 
[ System Events ]
Error - 19.09.2010 07:19:21 | Computer Name = NOTEBOOK_CH | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort1 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 19.09.2010 07:19:21 | Computer Name = NOTEBOOK_CH | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort1 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 19.09.2010 08:13:31 | Computer Name = NOTEBOOK_CH | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.0.26 für die Netzwerkkarte mit der Netzwerkadresse
 0014A50CF3D1 wurde durch  den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat 
eine DHCPNACK-Meldung gesendet).
 
Error - 19.09.2010 08:19:20 | Computer Name = NOTEBOOK_CH | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
 für die  Netzwerkkarte mit der Netzwerkadresse 0014A50CF3D1 zugeteilt werden. Der
 folgende Fehler  ist aufgetreten:   %%1223.  Es wird weiterhin im Hintergrund versucht,
 eine Adresse vom  Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
 
Error - 20.09.2010 08:14:28 | Computer Name = NOTEBOOK_CH | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
 für die  Netzwerkkarte mit der Netzwerkadresse 0014A50CF3D1 zugeteilt werden. Der
 folgende Fehler  ist aufgetreten:   %%1223.  Es wird weiterhin im Hintergrund versucht,
 eine Adresse vom  Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
 
Error - 23.09.2010 07:25:04 | Computer Name = NOTEBOOK_CH | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
 von Dienst WZCSVC.
 
Error - 23.09.2010 07:25:34 | Computer Name = NOTEBOOK_CH | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
 von Dienst ShellHWDetection.
 
Error - 23.09.2010 07:26:04 | Computer Name = NOTEBOOK_CH | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
 von Dienst ShellHWDetection.
 
Error - 23.09.2010 07:26:04 | Computer Name = NOTEBOOK_CH | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NLA (Network Location Awareness)" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%231
 
Error - 23.09.2010 07:26:04 | Computer Name = NOTEBOOK_CH | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NLA (Network Location Awareness)" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%231
 
 
< End of report >
         
--- --- ---

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNetisabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNetisabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"9420:TCP" = 9420:TCP:*:Enabled:RSP
"38679:TCP" = 38679:TCP:*:Enabled:TCP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\concept design\onlineTV 3\onlineTV.exe" = C:\Programme\concept design\onlineTV 3\onlineTV.exe:*:EnablednlineTV -- File not found
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe" = C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:PowerCinema -- File not found
"C:\Programme\CyberLink\PowerCinema\PowerCinema.exe" = C:\Programme\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:PowerCinema -- (CyberLink Corp.)
"E:\Programme\Age of Empire II\age2_x1 k.exe" = E:\Programme\Age of Empire II\age2_x1 k.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*isabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Programme\Emule\emule.exe" = C:\Programme\Emule\emule.exe:*:Enabled:eMule -- File not found
"C:\Programme\LimeWire 4.2.6 Pro\LimeWire.exe" = C:\Programme\LimeWire 4.2.6 Pro\LimeWire.exe:*:Enabled:LimeWire -- (LimeWire, LLC)
"C:\Programme\Azureus\Azureus.exe" = C:\Programme\Azureus\Azureus.exe:*:Enabled:Azureus -- File not found
"C:\Programme\CuteSoft\NetSkat\Netskat.exe" = C:\Programme\CuteSoft\NetSkat\Netskat.exe:*:Enabled:NetSkat. Exe-Datei -- (CuteSoft, Gerlinde und Michael Fischer)
"C:\Programme\RSSoft\RSEDNClient.exe" = C:\Programme\RSSoft\RSEDNClient.exe:*:Enabled:RSEDNClient -- File not found
"E:\Programme\Commandos 3 - Destination Berlin\Commandos3.exe" = E:\Programme\Commandos 3 - Destination Berlin\Commandos3.exe:*:Enabled:Commandos3 -- ()
"C:\Programme\Mozilla Firefox\plugins\alhlp.exe" = C:\Programme\Mozilla Firefox\plugins\alhlp.exe:*:Enabled:Anti-Leech plugin helper program -- File not found
"C:\Programme\NetPumper\NetPumper.exe" = C:\Programme\NetPumper\NetPumper.exe:*:Enabled:NetPumper download manager -- File not found
"C:\Programme\SFT Loader\leecher.exe" = C:\Programme\SFT Loader\leecher.exe:*:Enabled:SFT Loader -- File not found
"C:\Downloads\3D Luder\3D Luder\iWeb\iws.exe" = C:\Downloads\3D Luder\3D Luder\iWeb\iws.exe:*:Enabled:.Web -- File not found
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\FIFA 2005\fifa2005.exe" = C:\Programme\FIFA 2005\fifa2005.exe:*:Enabled:fifa2005 -- File not found
"E:\Programme\Nights of the old Republic 2\swupdate.exe" = E:\Programme\Nights of the old Republic 2\swupdate.exe:*:Enabled:Star Wars: Knights of the Old Republic II: The Sith Lords Update Program -- File not found
"C:\Programme\concept design\onlineTV 3\onlineTV.exe" = C:\Programme\concept design\onlineTV 3\onlineTV.exe:*:EnablednlineTV -- File not found
"E:\Programme\Command and Conquer Generäle\game.dat" = E:\Programme\Command and Conquer Generäle\game.dat:*:Enabled:game -- ()
"E:\Programme\Jedi Night- Jedi Academy\GameData\jamp.exe" = E:\Programme\Jedi Night- Jedi Academy\GameData\jamp.exe:*:Enabled:Jedi Academy MultiPlayer -- (Activision Inc)
"C:\Programme\PPLive\PPLive.exe" = C:\Programme\PPLive\PPLive.exe:*:Enabled:PPLive -- ()
"C:\Programme\TVAnts\Tvants.exe" = C:\Programme\TVAnts\Tvants.exe:*:Enabled:TVAnts -- (Zhejiang University)
"E:\Programme\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe" = E:\Programme\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI) -- File not found
"E:\Programme\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe" = E:\Programme\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV) -- ()
"C:\Programme\PPStream\PPStream.exe" = C:\Programme\PPStream\PPStream.exe:*:Enabled:PPSÍøÂçµçÊÓ -- (PPStream Inc.)
"C:\Programme\ICQLite\ICQLite.exe" = C:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite -- File not found
"C:\Programme\Yahoo!\Messenger\YahooMessenger.exe" = C:\Programme\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Programme\Yahoo!\Messenger\YServer.exe" = C:\Programme\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"C:\Programme\SopCast\SopCast.exe" = C:\Programme\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Programme\PPMate\ppmate.exe" = C:\Programme\PPMate\ppmate.exe:*:Enabled:PPMate -- ()
"C:\Programme\PPMate\ppmnet.exe" = C:\Programme\PPMate\ppmnet.exe:*:Enabled:PPMate -- File not found
"C:\Dokumente und Einstellungen\Hammann\Eigene Dateien\Abischnitt_2007\PPStream.exe" = C:\Dokumente und Einstellungen\Hammann\Eigene Dateien\Abischnitt_2007\PPStream.exe:*:Enabled:PPStream media stream player -- (PPStream.com)
"C:\Programme\LeechFTP\Leechftp.exe" = C:\Programme\LeechFTP\Leechftp.exe:*:Enabled:LeechFTP -- (jan debis)
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"E:\Programme\FIFA 2001\FIFA2001.ICD" = E:\Programme\FIFA 2001\FIFA2001.ICD:*:Enabled:FIFA2001 -- ()
"C:\Programme\ICQ6\ICQ.exe" = C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Dokumente und Einstellungen\Hammann\Anwendungsdaten\SopCast\adv\SopAdver.exe" = C:\Dokumente und Einstellungen\Hammann\Anwendungsdaten\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- File not found
"C:\server.exe" = C:\server.exe:*isabled:server -- File not found
"C:\Programme\TVUPlayer\TVUPlayer.exe" = C:\Programme\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component -- (TVU networks)
"C:\Programme\PPStream\PPSAP.exe" = C:\Programme\PPStream\PPSAP.exe:*:Enabled:PPS ÍøÂç¼ÓËÙÆ÷ -- (PPStream Inc)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE" = C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Programme\Messenger\msmsgs.exe" = C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- File not found
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:enable -- (Microsoft Corporation)
"C:\Programme\VideoLAN\VLC\vlc.exe" = C:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Programme\Java\jre1.5.0_06\bin\javaw.exe" = C:\Programme\Java\jre1.5.0_06\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre1.5.0_06\bin\java.exe" = C:\Programme\Java\jre1.5.0_06\bin\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\TeamViewer\Version4\TeamViewer.exe" = C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"E:\Programme\iTunes\iTunes.exe" = E:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\Air Mouse\Air Mouse\Air Mouse.exe" = C:\Programme\Air Mouse\Air Mouse\Air Mouse.exe:*:Enabled:AirMouse -- ()
"C:\Programme\Vuze\Azureus.exe" = C:\Programme\Vuze\Azureus.exe:*:Enabled:Azureus -- File not found
"C:\Programme\SparVoip.de\SparVoip\SparVoip.exe" = C:\Programme\SparVoip.de\SparVoip\SparVoip.exe:*:Enabled:SparVoip -- (SparVoip)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle
"{0819E89D-6214-4B6F-A18D-4633CB4E0E4A}" = Softwareupdate für Webordner
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Systemsteuerung
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{17BD85F9-3B88-4C85-BB47-4AB8DD68F8BB}" = Nokia Software Updater
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = PowerCinema
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2A0A6470-FD0F-4F45-9B11-85F3167DB943}" = Nokia Flashing Cable Driver
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3DB5FD00-BB93-4AF3-B925-77DAA0E4E2F4}" = eBay Toolbar
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{449801F1-65B0-46F5-B4C5-1EF464EF7214}" = Mobile Mouse Server
"{4727EB39-BB6F-4571-A0B6-AB6331D57665}" = LimeWire
"{4F928B83-3D8E-402B-8480-5C5C3BCE8040}" = OKI B410 Druckermenü-Einrichtungstool
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5791B7D3-8B34-4218-9750-6A8E45D0AD32}" = pdfforge Toolbar v1.1.2
"{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}" = Nokia PC Suite
"{5E4EF02B-4C5F-4B35-AB77-41284456165A}" = Skispringen 2002
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6E5BC38E-F22B-4197-00A2-CD8E58EF139C}" = Fussball Manager 2004
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89B287F1-3E3B-4E13-BB9B-DE7AD9D635E5}" = DaViDeo 3
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A71000000002}" = Adobe Reader 7.1.0 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B3EC8F2C-B71B-4030-BB37-1A04BE8516FC}" = OpenOffice.org 2.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BF4778F9-09D0-416C-8B8F-EF65BF169D52}" = NetSkat
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C640CAE0-8024-11D4-0090-B700902724B3}" = FIFA 2001
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}" = Cisco Systems VPN Client 5.0.00.0340
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC0FCEDB-11AE-4D88-8633-537292C3E705}" = Commandos 3 - Destination Berlin
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Windows-Treiberpaket - Nokia Modem (11/03/2006 6.82.0.1)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"24h-Bildexpress" = 24h-Bildexpress
"³¬¼¶²¥°Ô" = ³¬¼¶²¥°Ô
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All Patches inkl" = All Patches inkl
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bink and Smacker" = Bink and Smacker
"bwin Poker_is1" = bwin Poker
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Catan" = Catan - Die erste Insel
"CCleaner" = CCleaner (remove only)
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"CSCLIB" = Canon Camera Support Core Library
"Digitale Bibliothek 3" = Digitale Bibliothek 3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"Exifer_is1" = Exifer
"F064B256B4A20996EA9E333B5E0F14B61AB3333D" = Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
"FLVPlayer" = FLV Player 1.3.3
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Guitar Pro 5_is1" = Guitar Pro 5.0
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer(TM) Generäle
"InstallShield_{4727EB39-BB6F-4571-A0B6-AB6331D57665}" = LimeWire
"IrfanView" = IrfanView (remove only)
"Java Media Framework 2.1.1e" = Java Media Framework 2.1.1e
"JDownloader" = JDownloader
"LeechFTP" = LeechFTP
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MP3 Butcher 1.1.99_is1" = MP3 Butcher 1.1.99
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Nero BurnRights!UninstallKey" = Nero BurnRights
"NeroVision!UninstallKey" = Nero Digital
"NetSkat" = NetSkat
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"Notebook Hardware Control" = Notebook Hardware Control 1.10 Beta 03
"NVEContent!UninstallKey" = NeroVision Express Content
"Pacific Poker" = Pacific Poker
"PDF Image Extraction Wizard 3.1_is1" = PDF Image Extraction Wizard 3.1
"PerformanceTest_is1" = PerformanceTest v6.0
"PhotoStitch" = Canon Utilities PhotoStitch
"PPLive" = PPLive 1.3.20
"ppmate" = PPMate Network TV 2.0.0.39
"PPStream" = PPStream
"QuicktimeAlt_is1" = QuickTime Alternative 1.75
"ratDVD" = ratDVD 0.78.1444
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 6.0" = RealPlayer
"Red Alert 2" = Command & Conquer Alarmstufe Rot 2
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"SimpleScreenshot" = SimpleScreenshot 1.40
"Skispringen 2007_0001" = Skispringen 2007
"Some PDF to Word Converter_is1" = Some PDF to Word Converter 1.5
"SopCast" = SopCast 1.1.2
"SparVoip_is1" = SparVoip
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 4" = TeamViewer 4
"The KMPlayer" = The KMPlayer (remove only)
"TV Player" = Veetle TV Player 0.9.11
"TVAnts 1.0" = TVAnts 1.0
"TVUPlayer" = TVUPlayer 2.4.7.2
"Tweak UI 2.10" = Tweak UI
"TweakUI" = Tweak UI 1.33 deutsch
"UltraStar Deluxe" = UltraStar Deluxe
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV Player" = Veetle TV Player 0.9.11
"Verbindungsassistent" = Verbindungsassistent
"VIA Vinyl Audio Codecs Driver Setup Program" = VIA Vinyl Audio Codecs Driver Setup Program
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.0.2
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"Yahoo! Messenger" = Yahoo! Messenger
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"Zwei-Stein_is1" = Zwei-Stein Video Compositor 3.01 (Beta 2).

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"InstallShield_{89B287F1-3E3B-4E13-BB9B-DE7AD9D635E5}" = DaViDeo 3

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 21.09.2010 15:05:58 | Computer Name = NOTEBOOK_CH | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung msimn.exe, Version 6.0.2900.5512, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 21.09.2010 15:06:21 | Computer Name = NOTEBOOK_CH | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung msimn.exe, Version 6.0.2900.5512, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 22.09.2010 21:03:06 | Computer Name = NOTEBOOK_CH | Source = Google Update | ID = 20
Description =

Error - 22.09.2010 22:03:05 | Computer Name = NOTEBOOK_CH | Source = Google Update | ID = 20
Description =

Error - 22.09.2010 23:03:05 | Computer Name = NOTEBOOK_CH | Source = Google Update | ID = 20
Description =

Error - 23.09.2010 00:03:05 | Computer Name = NOTEBOOK_CH | Source = Google Update | ID = 20
Description =

Error - 23.09.2010 01:03:05 | Computer Name = NOTEBOOK_CH | Source = Google Update | ID = 20
Description =

Error - 23.09.2010 02:03:05 | Computer Name = NOTEBOOK_CH | Source = Google Update | ID = 20
Description =

Error - 23.09.2010 03:03:06 | Computer Name = NOTEBOOK_CH | Source = Google Update | ID = 20
Description =

Error - 23.09.2010 07:25:49 | Computer Name = NOTEBOOK_CH | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: The server name or address could not be resolved
.

[ System Events ]
Error - 19.09.2010 07:19:21 | Computer Name = NOTEBOOK_CH | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort1 hat innerhalb der Fehlerwartezeit nicht
geantwortet.

Error - 19.09.2010 07:19:21 | Computer Name = NOTEBOOK_CH | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort1 hat innerhalb der Fehlerwartezeit nicht
geantwortet.

Error - 19.09.2010 08:13:31 | Computer Name = NOTEBOOK_CH | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.0.26 für die Netzwerkkarte mit der Netzwerkadresse
0014A50CF3D1 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).

Error - 19.09.2010 08:19:20 | Computer Name = NOTEBOOK_CH | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0014A50CF3D1 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.

Error - 20.09.2010 08:14:28 | Computer Name = NOTEBOOK_CH | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 0014A50CF3D1 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.

Error - 23.09.2010 07:25:04 | Computer Name = NOTEBOOK_CH | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst WZCSVC.

Error - 23.09.2010 07:25:34 | Computer Name = NOTEBOOK_CH | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection.

Error - 23.09.2010 07:26:04 | Computer Name = NOTEBOOK_CH | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection.

Error - 23.09.2010 07:26:04 | Computer Name = NOTEBOOK_CH | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NLA (Network Location Awareness)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%231

Error - 23.09.2010 07:26:04 | Computer Name = NOTEBOOK_CH | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NLA (Network Location Awareness)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%231


< End of report >
Angehängte Dateien
Dateityp: txt OTL.Txt (79,6 KB, 180x aufgerufen)

Alt 23.09.2010, 20:46   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Xp startet nicht mehr - cleansweep.exe - Standard

Xp startet nicht mehr - cleansweep.exe



Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
O33 - MountPoints2\{00200d28-8da5-11df-8660-0014a50cf3d1}\Shell\AutoRun\command - "" = I:\Menu.exe -- File not found
O33 - MountPoints2\{23db83f6-0d85-11de-8353-0014a50cf3d1}\Shell - "" = AutoRun
O33 - MountPoints2\{23db83f6-0d85-11de-8353-0014a50cf3d1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6f6daca4-a7cb-11df-868c-0014a50cf3d1}\Shell\AutoRun\command - "" = dhrhyje.bat
O33 - MountPoints2\{6f6daca4-a7cb-11df-868c-0014a50cf3d1}\Shell\open\Command - "" = dhrhyje.bat
O33 - MountPoints2\{87b12e7c-f889-11de-853a-0014a50cf3d1}\Shell - "" = AutoRun
O33 - MountPoints2\{87b12e7c-f889-11de-853a-0014a50cf3d1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{87b12e7c-f889-11de-853a-0014a50cf3d1}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found
O33 - MountPoints2\{87b12e7f-f889-11de-853a-0014a50cf3d1}\Shell - "" = AutoRun
O33 - MountPoints2\{87b12e7f-f889-11de-853a-0014a50cf3d1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{87b12e7f-f889-11de-853a-0014a50cf3d1}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found
O33 - MountPoints2\{87b12e82-f889-11de-853a-0014a50cf3d1}\Shell - "" = AutoRun
O33 - MountPoints2\{87b12e82-f889-11de-853a-0014a50cf3d1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{87b12e82-f889-11de-853a-0014a50cf3d1}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found
O33 - MountPoints2\{c68093a2-a697-11de-8476-0014a50cf3d1}\Shell\AutoRun\command - "" = I:\menu.exe -- File not found
O33 - MountPoints2\{f78a7e98-927b-11de-844b-0014a50cf3d1}\Shell - "" = AutoRun
O33 - MountPoints2\{f78a7e98-927b-11de-844b-0014a50cf3d1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f78a7e98-927b-11de-844b-0014a50cf3d1}\Shell\AutoRun\command - "" = I:\pushinst.exe -- File not found
[2010.09.23 21:25:07 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\ehqap.sys
:Commands
[purity]
[resethosts]
[emptytemp]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 23.09.2010, 20:54   #9
nickel
 
Xp startet nicht mehr - cleansweep.exe - Standard

Xp startet nicht mehr - cleansweep.exe



Wenn ich auf Fix gehe kommt:

Es wurde kein Fix vorgesehen... was soll ich machen?

Alt 23.09.2010, 21:08   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Xp startet nicht mehr - cleansweep.exe - Standard

Xp startet nicht mehr - cleansweep.exe



Hast Du den kompletten Text unten in die Texbox bei OTL eingetragen?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 23.09.2010, 21:37   #11
nickel
 
Xp startet nicht mehr - cleansweep.exe - Standard

Xp startet nicht mehr - cleansweep.exe



Was muss ich denn da eintragen? Einfach das Otl. txt File einfügen oder das Extras.txt File?

Alt 23.09.2010, 21:53   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Xp startet nicht mehr - cleansweep.exe - Standard

Xp startet nicht mehr - cleansweep.exe



Liest Du meine Postings nicht??
Ich hab doch in einer Codebox gepostet was Du da eintragen sollst!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 23.09.2010, 22:47   #13
nickel
 
Xp startet nicht mehr - cleansweep.exe - Standard

Xp startet nicht mehr - cleansweep.exe



Ohhh sry hatte ich überlesen...
Hier bitte:

========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{00200d28-8da5-11df-8660-0014a50cf3d1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00200d28-8da5-11df-8660-0014a50cf3d1}\ not found.
File I:\Menu.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23db83f6-0d85-11de-8353-0014a50cf3d1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23db83f6-0d85-11de-8353-0014a50cf3d1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{23db83f6-0d85-11de-8353-0014a50cf3d1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23db83f6-0d85-11de-8353-0014a50cf3d1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f6daca4-a7cb-11df-868c-0014a50cf3d1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6f6daca4-a7cb-11df-868c-0014a50cf3d1}\ not found.
File dhrhyje.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f6daca4-a7cb-11df-868c-0014a50cf3d1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6f6daca4-a7cb-11df-868c-0014a50cf3d1}\ not found.
File dhrhyje.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87b12e7c-f889-11de-853a-0014a50cf3d1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87b12e7c-f889-11de-853a-0014a50cf3d1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87b12e7c-f889-11de-853a-0014a50cf3d1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87b12e7c-f889-11de-853a-0014a50cf3d1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87b12e7c-f889-11de-853a-0014a50cf3d1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87b12e7c-f889-11de-853a-0014a50cf3d1}\ not found.
File I:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87b12e7f-f889-11de-853a-0014a50cf3d1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87b12e7f-f889-11de-853a-0014a50cf3d1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87b12e7f-f889-11de-853a-0014a50cf3d1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87b12e7f-f889-11de-853a-0014a50cf3d1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87b12e7f-f889-11de-853a-0014a50cf3d1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87b12e7f-f889-11de-853a-0014a50cf3d1}\ not found.
File I:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87b12e82-f889-11de-853a-0014a50cf3d1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87b12e82-f889-11de-853a-0014a50cf3d1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87b12e82-f889-11de-853a-0014a50cf3d1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87b12e82-f889-11de-853a-0014a50cf3d1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{87b12e82-f889-11de-853a-0014a50cf3d1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87b12e82-f889-11de-853a-0014a50cf3d1}\ not found.
File I:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c68093a2-a697-11de-8476-0014a50cf3d1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c68093a2-a697-11de-8476-0014a50cf3d1}\ not found.
File I:\menu.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f78a7e98-927b-11de-844b-0014a50cf3d1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f78a7e98-927b-11de-844b-0014a50cf3d1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f78a7e98-927b-11de-844b-0014a50cf3d1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f78a7e98-927b-11de-844b-0014a50cf3d1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f78a7e98-927b-11de-844b-0014a50cf3d1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f78a7e98-927b-11de-844b-0014a50cf3d1}\ not found.
File I:\pushinst.exe not found.
C:\WINDOWS\system32\drivers\ehqap.sys moved successfully.

OTL by OldTimer - Version 3.2.14.1 log created on 09232010_234628

Alt 24.09.2010, 08:28   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Xp startet nicht mehr - cleansweep.exe - Standard

Xp startet nicht mehr - cleansweep.exe



Ich brauch den Quarantäneordner von OTL. Bitte folgendes machen:

1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf da nicht rummurksen!
2.) Ordner C:\_OTL in eine Datei zippen
3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html
4.) Wenns erfolgreich war Bescheid sagen
5.) Erst dann wieder den Virenscanner einschalten
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 28.09.2010, 22:57   #15
nickel
 
Xp startet nicht mehr - cleansweep.exe - Standard

Xp startet nicht mehr - cleansweep.exe



Hey Arne,

sry ich war die letzten Tage unterwegs und konnte somit leider nicht antworten...
Hab den Ordner gezippt und hochgeladen und es kam, dass der Vorgang erfolgreich war.
Ich hoffe es war alles ok, Virenscanner war ausgeschaltet.
Vielen Dank für deine bisherige Hilfe, die Probleme sind bisher allerdings noch unverändert.
MFG
der nickel

Antwort

Themen zu Xp startet nicht mehr - cleansweep.exe
bat, bildschirm, einstellungen, folge, forum, google, hijack, hijack logfile, hängen, ics, lan, logfile, malwarebytes, neu, nicht mehr, ordner, problem, programm, registry, scan, startbildschirm, startet, stromzufuhr, w lan, windows, windows xp



Ähnliche Themen: Xp startet nicht mehr - cleansweep.exe


  1. AVIRA professional startet nicht mehr, AVAST setup geht auch nicht Win7 64
    Log-Analyse und Auswertung - 09.12.2014 (23)
  2. Windows7 64Bit: Computer startet nicht mehr, hängt sich bei "Windows wird gestartet" auf und startet neu.
    Log-Analyse und Auswertung - 17.08.2014 (3)
  3. Windows XP startet nicht mehr, Tastatur reagiert nicht
    Alles rund um Windows - 22.07.2012 (13)
  4. nach UKASH Trojaner startet windows nicht mehr, kaspersky rescue disc funktioniert nicht
    Log-Analyse und Auswertung - 26.03.2012 (3)
  5. Computer startet nicht mehr, dwlgina3.dll wurde nicht gefunden
    Log-Analyse und Auswertung - 23.02.2012 (29)
  6. Windows startet nicht mehr, Tastatur reagiert nicht
    Alles rund um Windows - 27.07.2011 (15)
  7. System Tool (doch nicht?) entfernt - Google Chrome startet nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 15.03.2011 (16)
  8. Virus cleansweep.exe nicht komplett entfernt?
    Log-Analyse und Auswertung - 13.12.2010 (24)
  9. Avira Antivir startet nicht mehr - Download von Dateien nicht mehr möglich
    Log-Analyse und Auswertung - 06.10.2010 (34)
  10. Windows 7 Task Manager startet nicht mehr - Regedit nicht möglich!
    Log-Analyse und Auswertung - 18.09.2010 (4)
  11. Nod32 zeigt virus an (C:cleansweep.exe/cleansweep.exe) was ist das und wie bekomme ich es weg?
    Plagegeister aller Art und deren Bekämpfung - 20.06.2010 (25)
  12. explorer.exe startet nicht mehr, Windows-Firewall lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 12.02.2010 (7)
  13. IE startet nicht mehr
    Alles rund um Windows - 15.10.2009 (5)
  14. PS 3 Startet nicht mehr!
    Netzwerk und Hardware - 21.09.2009 (1)
  15. win32.keylogger.aa, PC startet nicht mehr, abgesicherter Modus geh nicht...
    Plagegeister aller Art und deren Bekämpfung - 28.08.2008 (1)
  16. PC startet nicht mehr
    Alles rund um Windows - 22.05.2008 (3)
  17. Norton startet nicht mehr und kein Zugriff mehr auf Antiviren-Internetseiten!
    Plagegeister aller Art und deren Bekämpfung - 16.10.2004 (5)

Zum Thema Xp startet nicht mehr - cleansweep.exe - Hallo zusammen, erstmal hoffe ich, das richtige Forum gewäklt zu haben. Ich habe folgendes Problem: Gestern wollte ich meinen Pc wie üblich hochfahren und musste feststellen, dass meine internen Laptopmaus - Xp startet nicht mehr - cleansweep.exe...
Archiv
Du betrachtest: Xp startet nicht mehr - cleansweep.exe auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.