zu Schritt 1: Habe Spybot-S&D deinstalliert
zu Schritt2: Hier der Inhalt der Textdatei Code:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{60C5A84E-1F35-4724-9C09-6478B09E06EC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60C5A84E-1F35-4724-9C09-6478B09E06EC}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "chr-greentree_ff&type=302398" removed from browser.search.param.yahoo-fr
Prefs.js: "hxxp://www.gmx.net/" removed from browser.startup.homepage
Prefs.js: DTToolbar@toolbarnet.com:1.1.2.0185 removed from extensions.enabledItems
Prefs.js: pdfforge@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: wtxpcom@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gru2ni4s.default\searchplugins\daemon-search.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\bing.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59c8477d-be45-11de-b554-001f1626bbb4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59c8477d-be45-11de-b554-001f1626bbb4}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59c8477d-be45-11de-b554-001f1626bbb4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59c8477d-be45-11de-b554-001f1626bbb4}\ not found.
File F:\AutoPlay.exe -c not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\Google Software Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
ADS C:\ProgramData\TEMP:A5B56640 deleted successfully.
========== FILES ========== < ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\****\Desktop\cmd.bat deleted successfully.
C:\Users\****\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: ****
->Temp folder emptied: 113533 bytes
->Temporary Internet Files folder emptied: 108099419 bytes
->Java cache emptied: 1 bytes
->FireFox cache emptied: 97685638 bytes
->Flash cache emptied: 816 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 36214324 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 231.00 mb
OTL by OldTimer - Version 3.2.43.1 log created on 05252012_190959
Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\TMP0000000243152B513414E9D0 not found!
Registry entries deleted on Reboot... Schritt 3: Habe Adobe Reader über ... ... "Nach Update suchen..." aktualisiert.
Schritt 5: CCleaner-aktion durchgeführt
Schritt 6: Die Menüführung bei "SUPERAntiSpyware FREE Edition" ist etwas anders als in deiner Beschreibung, hoffe aber, dass folgende Log-Datei richtig ist: Code:
Core Rules Database Version : 8647
Trace Rules Database Version: 6459
Scan type : Complete Scan
Total Scan Time : 01:48:28
Operating System Information
Windows 7 Enterprise 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 721
Memory threats detected : 0
Registry items scanned : 38737
Registry threats detected : 0
File items scanned : 77886
File threats detected : 29
Trojan.Dropper/Win-NV
C:\WINDOWS.OLD\PROGRAM FILES\MIKTEX 2.7\MIKTEX\BIN\NTS.EXE
Adware.Tracking Cookie
C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\****@ATDMT[2].TXT [ /ATDMT ]
C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\****@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\****@MSNPORTAL.112.2O7[1].TXT [ /MSNPORTAL.112.2O7 ]
.tradedoubler.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.answerstv.112.2o7.net [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ]
.247realmedia.com [ C:\WINDOWS.OLD\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VEMQE6LH.DEFAULT\COOKIES.SQLITE ] Super!:daumenhoc Es geht voran!
Führe jetzt Schritt 7 durch und dazu noch eine Frage: Gilt mein iPhone auch als externer Speicher, der gescannt werden muss?:confused: Würde das Handy im Nachhinein nochmal dranhängen.
zu Schritt 7: Wurde durchgeführt.
Schritt 8 ergab folgende Log-Datei: Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3bc0815f8aafb24c8db7129c7d3160a7
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-25 11:44:05
# local_time=2012-05-26 01:44:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 6240424 6240424 0 0
# compatibility_mode=5893 16776573 100 94 23425 89607330 0 0
# compatibility_mode=8192 67108863 100 0 134 134 0 0
# scanned=440975
# found=0
# cleaned=0
# scan_time=13306 Schritt 8: Brachte folgendes Ergebnis:
OTL-txt Code:
OTL logfile created on: 26.05.2012 01:52:31 - Run 2
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\****\Desktop
Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.97 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 54.42% Memory free
5.93 Gb Paging File | 4.63 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 433.53 Gb Total Space | 237.67 Gb Free Space | 54.82% Space Free | Partition Type: NTFS
Drive D: | 32.22 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: FAT32
Drive F: | 55.89 Gb Total Space | 15.68 Gb Free Space | 28.05% Space Free | Partition Type: NTFS
Drive G: | 991.22 Mb Total Space | 248.81 Mb Free Space | 25.10% Space Free | Partition Type: FAT
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.05.23 16:15:10 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe
PRC - [2012.05.08 19:54:24 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 19:54:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 19:54:24 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 19:54:24 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.02.10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.02.10 05:02:07 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe
PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.09.21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.07.29 02:35:56 | 000,450,660 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe
PRC - [2009.07.29 02:35:56 | 000,217,178 | ---- | M] (IDT, Inc.) -- c:\Programme\IDT\WDM\stacsv.exe
PRC - [2009.06.19 14:25:02 | 000,765,952 | ---- | M] (Sentelic Corporation) -- C:\Programme\FSP\FspUip.exe
PRC - [2009.02.11 18:38:40 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.02.11 18:38:38 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2001.11.12 15:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe
========== Modules (No Company Name) ==========
MOD - [2012.02.20 22:29:04 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 22:28:42 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009.06.18 16:03:34 | 000,053,248 | ---- | M] () -- C:\Programme\FSP\KbdHook.dll
MOD - [2009.06.17 17:17:58 | 000,073,728 | ---- | M] () -- C:\Programme\FSP\FspLib.dll
========== Win32 Services (SafeList) ==========
SRV - [2012.05.08 19:54:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 19:54:24 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.07 06:09:51 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.02.10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.02.09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.09.21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.09.04 16:37:20 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009.07.29 02:35:56 | 000,217,178 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Programme\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.02.11 18:38:40 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007.03.26 13:06:24 | 000,292,864 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2001.11.12 15:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2012.05.08 19:54:24 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 19:54:24 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.02.10 06:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.01.17 14:45:56 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011.09.16 17:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.12.02 10:36:42 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.03.01 12:14:37 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.07.29 02:35:56 | 000,407,040 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009.07.27 10:41:14 | 000,508,416 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009.07.14 00:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.06.17 17:17:28 | 000,041,984 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fspad_wlh32.sys -- (fspad_wlh32)
DRV - [2009.03.12 16:11:12 | 000,113,504 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008.10.28 16:48:24 | 000,027,160 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2007.02.22 10:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007.02.22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007.02.22 10:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007.02.22 10:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2006.11.17 12:31:02 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
DRV - [2004.08.01 08:09:24 | 000,055,936 | ---- | M] (OrangeWare Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ousb2hub.sys -- (ousb2hub)
DRV - [2004.08.01 08:09:24 | 000,044,928 | ---- | M] (OrangeWare Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\ousbehci.sys -- (ousbehci)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 F5 0D DA 4A 52 CA 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.gmx.net/"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1698.5652\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.07 06:09:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.05.25 19:24:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.10.19 05:24:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2011.06.26 21:19:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions
[2011.06.26 21:19:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.05.22 18:44:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\gru2ni4s.default\extensions
[2011.09.03 22:27:50 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\gru2ni4s.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.02.20 21:03:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.05.22 18:44:16 | 000,524,264 | ---- | M] () (No name found) -- C:\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GRU2NI4S.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012.01.06 01:32:28 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GRU2NI4S.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.05.07 06:09:51 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.09 20:50:57 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [fspuip] C:\Program Files\FSP\fspuip.exe (Sentelic Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = rz.uni-wuerzburg.de
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CE6203B-5EAE-442A-BFE0-1164246FDBDD}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4EDC1F5-810B-44E4-93E6-1A4C4FB5E97A}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.05.25 19:34:20 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\SUPERAntiSpyware.com
[2012.05.25 19:33:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.05.25 19:33:00 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.05.25 19:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.05.25 19:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012.05.25 19:23:48 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.05.25 19:09:59 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.05.24 16:44:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.05.23 16:15:54 | 003,654,896 | ---- | C] (Piriform Ltd) -- C:\Users\****\Desktop\ccsetup318.exe
[2012.05.23 16:15:08 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe
[2012.05.22 18:48:06 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\****\Desktop\dds.com
[2012.05.21 18:37:14 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Malwarebytes
[2012.05.21 18:37:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.21 18:37:06 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.05.21 18:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.05.21 18:37:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.05.17 11:48:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.05.17 11:48:25 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.05.17 11:47:58 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012.05.17 11:47:58 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.05.17 11:47:45 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.05.17 11:47:45 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.05.10 19:06:34 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.05.10 19:06:34 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.05.10 19:06:34 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.05.10 19:05:38 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.05.07 06:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.05.07 06:09:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
========== Files - Modified Within 30 Days ==========
[2012.05.25 21:52:02 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.05.25 21:52:02 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.05.25 21:52:02 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.05.25 21:52:02 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.25 21:37:57 | 000,019,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.25 21:37:57 | 000,019,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.25 21:30:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.25 21:30:16 | 2388,291,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.25 19:33:04 | 000,001,965 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.05.25 19:24:46 | 000,001,988 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012.05.24 16:44:08 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.05.23 16:16:02 | 003,654,896 | ---- | M] (Piriform Ltd) -- C:\Users\****\Desktop\ccsetup318.exe
[2012.05.23 16:15:10 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe
[2012.05.22 20:05:47 | 000,002,916 | ---- | M] () -- C:\Users\****\Desktop\Attach.zip
[2012.05.22 19:07:05 | 000,302,592 | ---- | M] () -- C:\Users\****\Desktop\ej5zbwvl.exe
[2012.05.22 18:48:09 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\****\Desktop\dds.com
[2012.05.22 18:42:28 | 000,000,020 | ---- | M] () -- C:\Users\****\defogger_reenable
[2012.05.22 18:37:26 | 000,050,477 | ---- | M] () -- C:\Users\****\Desktop\Defogger.exe
[2012.05.21 18:37:07 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.05.17 11:47:34 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.05.17 11:47:34 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.05.15 18:12:17 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2012.05.11 16:56:07 | 000,418,880 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.05.08 19:54:24 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.05.08 19:54:24 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.05.07 18:01:08 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.05.07 18:01:08 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.04.28 09:58:41 | 000,001,367 | ---- | M] () -- C:\Users\****\Desktop\Free Audio CD to MP3 Converter.lnk
========== Files Created - No Company Name ==========
[2012.05.25 19:33:04 | 000,001,965 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.05.25 19:24:09 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012.05.25 19:24:09 | 000,001,988 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012.05.24 16:44:08 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.05.22 20:05:47 | 000,002,916 | ---- | C] () -- C:\Users\****\Desktop\Attach.zip
[2012.05.22 19:07:04 | 000,302,592 | ---- | C] () -- C:\Users\****\Desktop\ej5zbwvl.exe
[2012.05.22 18:42:10 | 000,000,020 | ---- | C] () -- C:\Users\****\defogger_reenable
[2012.05.22 18:37:25 | 000,050,477 | ---- | C] () -- C:\Users\****\Desktop\Defogger.exe
[2012.05.21 18:37:07 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.28 09:58:41 | 000,001,367 | ---- | C] () -- C:\Users\****\Desktop\Free Audio CD to MP3 Converter.lnk
[2012.02.09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.06.19 20:15:46 | 000,000,000 | ---- | C] () -- C:\Users\****\AppData\Local\{27BDDA75-1464-4575-8A4B-836F33AEDBDF}
[2011.06.10 19:30:56 | 000,000,000 | ---- | C] () -- C:\Users\****\AppData\Local\{F6DF62EE-A406-4882-9FF0-59FD2E16332A}
[2011.06.10 07:31:34 | 000,000,000 | ---- | C] () -- C:\Users\****\AppData\Local\{A25FB589-6793-4C6B-B17A-F4F242325058}
[2011.05.24 18:58:46 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.05.24 18:57:16 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.05.19 07:56:00 | 000,000,000 | ---- | C] () -- C:\Users\****\AppData\Local\{7EE5EB8F-FA0F-4021-A4AA-E63ABB62951F}
[2011.03.08 17:20:33 | 000,065,536 | ---- | C] () -- C:\Windows\System32\ltserial.dll
[2010.11.28 22:57:40 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.08.17 18:43:14 | 000,007,168 | ---- | C] () -- C:\Users\****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== LOP Check ==========
[2012.04.28 09:53:06 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Audacity
[2012.05.25 19:27:08 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\DAEMON Tools Lite
[2012.04.28 09:58:49 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\DVDVideoSoft
[2011.04.12 23:41:01 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.05.15 18:15:48 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\elsterformular
[2010.03.18 17:47:50 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\fityk
[2011.11.09 19:58:15 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Geogrid
[2012.01.18 18:50:16 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\gtk-2.0
[2012.04.08 19:23:32 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\IrfanView
[2010.11.10 18:24:10 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\JabRef 2.6
[2010.10.17 16:27:07 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Jumping Bytes
[2011.03.30 15:42:02 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Nokia
[2011.06.22 07:52:10 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\OpenCandy
[2011.03.30 15:16:50 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\PC Suite
[2011.12.07 17:54:59 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Phase6
[2011.06.26 21:19:38 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Thunderbird
[2010.11.20 16:43:54 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\xm1
[2012.04.01 10:45:07 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
und letztlich die Extras-txt: Code:
OTL Extras logfile created on: 26.05.2012 01:52:31 - Run 2
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\****\Desktop
Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.97 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 54.42% Memory free
5.93 Gb Paging File | 4.63 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 433.53 Gb Total Space | 237.67 Gb Free Space | 54.82% Space Free | Partition Type: NTFS
Drive D: | 32.22 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: FAT32
Drive F: | 55.89 Gb Total Space | 15.68 Gb Free Space | 28.05% Space Free | Partition Type: NTFS
Drive G: | 991.22 Mb Total Space | 248.81 Mb Free Space | 25.10% Space Free | Partition Type: FAT
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{061DE4FA-5436-4C2A-AE09-76AB6B4E0331}" = rport=139 | protocol=6 | dir=out | app=system |
"{248DD032-8261-4F8F-81BF-2C58C099FE2D}" = lport=138 | protocol=17 | dir=in | app=system |
"{3BCE40B1-236A-4F91-BBE6-2DC41DC9D225}" = lport=139 | protocol=6 | dir=in | app=system |
"{48D58C5D-0E95-4840-B561-ED5592923BEF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{515BA8B1-52D1-4957-9290-60E4F2BE59C0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{632A7A44-BBA2-4F45-A9D7-093F3EFEC924}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6E6F03A7-C092-4157-ABAB-58BE3961B8B3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{73843B85-7733-4E7D-BE85-C3DCAB7E0202}" = rport=138 | protocol=17 | dir=out | app=system |
"{743E2E24-B860-44EF-9473-1EC5CCFD5EB3}" = lport=137 | protocol=17 | dir=in | app=system |
"{8DA310C7-BB3A-4A30-86D3-59A6261D9C92}" = rport=137 | protocol=17 | dir=out | app=system |
"{918A5781-9EE1-4265-8CA5-97010C47D574}" = lport=445 | protocol=6 | dir=in | app=system |
"{A21AF68E-72CB-4F76-B94D-C905758A1993}" = rport=445 | protocol=6 | dir=out | app=system |
"{DBA31F36-384C-4522-9CFD-66BD62379E35}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FF2863A2-9504-4CC5-AE17-8C211EC26207}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{FFA0311B-C6A5-4AE6-829C-882E16B6FB7B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0408C3A8-8686-492D-B3A0-75C94C267715}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{13091101-3096-4DDC-A652-EAE3E6429AD8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{27779B18-1715-4FB5-9A7C-8C19D10125FE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{27A13A31-0DB7-437F-BB63-15EE28660E7C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4B63C3DC-1021-4FFD-A2D8-2A219FDA0EA9}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{660B8450-6C72-4E13-9B1E-0ABDD304DDB6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8580379B-0ED4-4B04-A217-124D61E10FA6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D323F8EE-7C62-4EEE-A3F2-1C1B19D6754E}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{E1008F58-5061-437D-AD7B-15F248F93299}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F0D3BAD7-AF02-4227-B28E-7F6B9EAD4828}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"TCP Query User{09ABE119-D7DD-4CA7-8B3B-BEB9CBB2CD7B}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{54B6A4BC-8E5D-41C0-840C-441DCC86E546}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{5652A3C6-04BD-4551-A249-5F235AB79AAB}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{66E0EA4D-CED5-4F35-9746-F78AA7BE9348}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{FE4C50C0-71B5-4CAE-B8A2-6DF3CAB319D9}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{08906544-A367-48A8-B14B-1D6663149B1F}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{2E6AF29B-BC17-4E58-9147-C31D0B955BD1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{46E6BB50-2A75-4595-9A96-9DE32DB62E35}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{DC0D73C5-9D8E-4503-9196-71A679E27DFD}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{E1F6A676-A6C8-407D-A062-428BA2C36534}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5200" = Canon iP5200
"{1DF91E52-9A42-4BC1-80DC-059ECF9F4DAA}" = Origin8
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FFBEF6F-98F3-4EEA-8103-7A85C1017D20}" = Geogrid®-Viewer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}" = Nokia PC Suite
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D5883E-76EA-45A6-AE0C-674CB34BCC21}" = PureSync
"{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}" = SSH Secure Shell
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A912021A-FEDD-4DA3-8DB4-245EBDA84778}" = OriginPro 8G
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.1 - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 295.73
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BF98AA39-4BC4-4C11-A3AC-9DC88080074E}" = Top50 V5 Viewer
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}" = Finger-sensing Pad Driver
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"0852D05415AB9A4F1EF451E342267F76C776ED2F" = Windows-Treiberpaket - Nokia Modem (11/03/2006 6.82.0.1)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.9 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"ElsterFormular für Privatanwender 12.2.1.6570p" = ElsterFormular für Privatanwender
"fityk_is1" = Fityk 0.8.9
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Audio CD to MP3 Converter_is1" = Free Audio CD to MP3 Converter version 1.3.12.1228
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.8.815
"Google Updater" = Google Updater
"GPL Ghostscript 9.01" = GPL Ghostscript 9.01
"Gtk+ Runtime Environment" = Gtk+ Runtime Environment 2.12.9-2
"Gwyddion_is1" = Gwyddion 2.19
"IrfanView" = IrfanView (remove only)
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LaTable_is1" = LaTable 0.7.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"Mozilla Thunderbird 12.0.1 (x86 de)" = Mozilla Thunderbird 12.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"phase-6" = phase-6 2.1.2.4a
"PROPLUS" = Microsoft Office Professional Plus 2007
"PureSync" = PureSync 2.6.8
"Texmaker" = Texmaker
"TeXnicCenter_is1" = TeXnicCenter Version 1 Beta 7.01 (Greengrass)
"VLC media player" = VLC media player 1.1.7
"WinLiveSuite" = Windows Live Essentials
"X10Hardware" = X10 Hardware(TM)
"XMind" = XMind
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 17.06.2011 04:06:10 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 17.06.2011 06:07:08 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 17.06.2011 06:07:08 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 17.06.2011 09:39:47 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 17.06.2011 09:39:47 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 17.06.2011 13:34:24 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 17.06.2011 13:34:24 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 17.06.2011 16:45:23 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Nokia\Nokia
PC Suite 6\VistaPIM.dll". Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 18.06.2011 01:57:34 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 18.06.2011 01:57:34 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
[ Media Center Events ]
Error - 30.03.2010 16:33:01 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = MCUpdate | ID = 0
Description = 22:33:00 - Fehler beim Herstellen der Internetverbindung. 22:33:00
- Serververbindung konnte nicht hergestellt werden..
Error - 14.04.2010 12:07:07 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = MCUpdate | ID = 0
Description = 18:07:07 - Fehler beim Herstellen der Internetverbindung. 18:07:07
- Serververbindung konnte nicht hergestellt werden..
Error - 14.04.2010 12:07:19 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = MCUpdate | ID = 0
Description = 18:07:12 - Fehler beim Herstellen der Internetverbindung. 18:07:12
- Serververbindung konnte nicht hergestellt werden..
Error - 14.04.2010 13:36:07 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = MCUpdate | ID = 0
Description = 19:36:07 - Fehler beim Herstellen der Internetverbindung. 19:36:07
- Serververbindung konnte nicht hergestellt werden..
Error - 14.04.2010 13:36:15 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = MCUpdate | ID = 0
Description = 19:36:13 - Fehler beim Herstellen der Internetverbindung. 19:36:13
- Serververbindung konnte nicht hergestellt werden..
Error - 14.04.2010 15:47:43 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = MCUpdate | ID = 0
Description = 21:47:43 - Fehler beim Herstellen der Internetverbindung. 21:47:43
- Serververbindung konnte nicht hergestellt werden..
Error - 14.04.2010 15:47:48 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = MCUpdate | ID = 0
Description = 21:47:48 - Fehler beim Herstellen der Internetverbindung. 21:47:48
- Serververbindung konnte nicht hergestellt werden..
Error - 14.04.2010 16:47:53 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = MCUpdate | ID = 0
Description = 22:47:53 - Fehler beim Herstellen der Internetverbindung. 22:47:53
- Serververbindung konnte nicht hergestellt werden..
Error - 14.04.2010 16:47:59 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = MCUpdate | ID = 0
Description = 22:47:58 - Fehler beim Herstellen der Internetverbindung. 22:47:58
- Serververbindung konnte nicht hergestellt werden..
Error - 27.04.2010 12:16:45 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = MCUpdate | ID = 0
Description = 18:16:41 - Fehler beim Herstellen der Internetverbindung. 18:16:41
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 22.05.2012 14:02:33 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Service Control Manager | ID = 7000
Description = Der Dienst "OrangeWare USB Enhanced Host Controller Service" wurde
aufgrund folgenden Fehlers nicht gestartet: %%1058
Error - 23.05.2012 09:57:48 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Service Control Manager | ID = 7000
Description = Der Dienst "OrangeWare USB Enhanced Host Controller Service" wurde
aufgrund folgenden Fehlers nicht gestartet: %%1058
Error - 25.05.2012 09:25:43 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Service Control Manager | ID = 7000
Description = Der Dienst "OrangeWare USB Enhanced Host Controller Service" wurde
aufgrund folgenden Fehlers nicht gestartet: %%1058
Error - 25.05.2012 12:48:05 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Service Control Manager | ID = 7000
Description = Der Dienst "OrangeWare USB Enhanced Host Controller Service" wurde
aufgrund folgenden Fehlers nicht gestartet: %%1058
Error - 25.05.2012 13:07:15 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Service Control Manager | ID = 7000
Description = Der Dienst "OrangeWare USB Enhanced Host Controller Service" wurde
aufgrund folgenden Fehlers nicht gestartet: %%1058
Error - 25.05.2012 13:09:59 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Service Control Manager | ID = 7034
Description = Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 25.05.2012 13:12:57 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Service Control Manager | ID = 7000
Description = Der Dienst "OrangeWare USB Enhanced Host Controller Service" wurde
aufgrund folgenden Fehlers nicht gestartet: %%1058
Error - 25.05.2012 13:31:17 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Service Control Manager | ID = 7000
Description = Der Dienst "OrangeWare USB Enhanced Host Controller Service" wurde
aufgrund folgenden Fehlers nicht gestartet: %%1058
Error - 25.05.2012 15:30:28 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Service Control Manager | ID = 7000
Description = Der Dienst "OrangeWare USB Enhanced Host Controller Service" wurde
aufgrund folgenden Fehlers nicht gestartet: %%1058
Error - 25.05.2012 15:50:53 | Computer Name = ****-PC.rz.uni-wuerzburg.de | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
< End of report > In Bezug auf Probleme, hatte ich bis jetzt keine, wobei ich nach dem ersten Fund relativ zeitnah hier auf Trojaner-Board zugekommen bin und während unserer Zusammenarbeit so gut wie keine Internetaktivität auf diesem PC unternommen habe. Somit haben sich keine Probleme derzeit gezeigt.
Wie sieht's denn aus, was war ... und ist's denn jetzt vorbei?
Vg u Gute Nacht!
luap |