JRT - Junkware Removal Tool Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.6 (07.17.2013:4)
OS: Microsoft Windows XP x86
Ran by Adminstrator on 18.07.2013 at 8:28:34,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [Service] cltmngsvc
Successfully deleted: [Service] cltmngsvc
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sweetim
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{79fb5fc8-44b9-4af5-badd-cce547f953e5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sim-packages
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbarbackup
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.bandobjectattribute
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.dockingpanel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbarbandobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbardisplaystate
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbarmenuform
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\app paths\sweetim.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3279453
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4494B66C-492A-4D27-A418-7B526EFA515C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
~~~ Files
Successfully deleted: [File] "C:\end"
~~~ Folders
Successfully deleted: [Folder] "C:\Programme\conduit"
Successfully deleted: [Folder] "C:\Programme\searchprotect"
Failed to delete: [Folder] "C:\Programme\sweetim"
Successfully deleted: [Folder] "C:\Programme\sweetpacks bundle uninstaller"
Successfully deleted: [Folder] "C:\WINDOWS\system32\ai_recyclebin"
~~~ FireFox
Successfully deleted: [File] C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\mozilla\firefox\profiles\mwfp4yx8.default\invalidprefs.js
Successfully deleted: [File] C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\mozilla\firefox\profiles\mwfp4yx8.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\mozilla\firefox\profiles\mwfp4yx8.default\searchplugins\web search.xml
Successfully deleted: [Folder] C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\mozilla\firefox\profiles\mwfp4yx8.default\smartbar
Successfully deleted the following from C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\mozilla\firefox\profiles\mwfp4yx8.default\prefs.js
user_pref("CT3279453.1000082.isPlayDisplay", "true");
user_pref("CT3279453.1000082.muteState", "off");
user_pref("CT3279453.1000082.shrinkState", "expanded");
user_pref("CT3279453.1000082.state", "{\"state\":\"stopped\",\"text\":\"Club 69 R...\",\"description\":\"Club 69 Radio Country Corner\",\"url\":\"hxxp://radio.club69radio.net:
user_pref("CT3279453.1000234.TWC_TMP_city", "BERLIN");
user_pref("CT3279453.1000234.TWC_TMP_country", "DE");
user_pref("CT3279453.1000234.TWC_country", "GERMANY");
user_pref("CT3279453.1000234.TWC_locId", "GMXX0007");
user_pref("CT3279453.1000234.TWC_location", "Berlin, Germany");
user_pref("CT3279453.1000234.TWC_region", "DE");
user_pref("CT3279453.1000234.TWC_temp_dis", "c");
user_pref("CT3279453.1000234.TWC_wind_dis", "kmh");
user_pref("CT3279453.1000234.weatherData", "{\"icon\":\"34.png\",\"temperature\":\"25°C\",\"temperatureClear\":\"25°C\",\"highTemperature\":\"25°C\",\"lowTemperature\":\"13
user_pref("CT3279453.3274282158.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"07\\\\/06\\\\/2013 18\\\"}\"}");
user_pref("CT3279453.3548259042.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"07\\\\/06\\\\/2013 18\\\"}\"}");
user_pref("CT3279453.41344108.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"06\\\\/12\\\\/2013 22\\\"}\"}");
user_pref("CT3279453.41344108isEnableThisAppDialog", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3279453.4619022403882070490.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"07\\\\/06\\\\/2013 18\\\"}\"}");
user_pref("CT3279453.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3279453.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3279453.FF19Solved", "true");
user_pref("CT3279453.Facebook_Mode.enc", "Mg==");
user_pref("CT3279453.FirstTime", "true");
user_pref("CT3279453.FirstTimeFF3", "true");
user_pref("CT3279453.PG_ENABLE", "dHJ1ZQ==");
user_pref("CT3279453.PG_ENABLE.enc", "dHJ1ZQ==");
user_pref("CT3279453.SF_JUST_INSTALLED.enc", "RkFMU0U=");
user_pref("CT3279453.SF_STATUS.enc", "RU5BQkxFRA==");
user_pref("CT3279453.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279453&SearchSource=2&CUI=UN60877809339081931&UM=2&q=");
user_pref("CT3279453.UserID", "UN60877809339081931");
user_pref("CT3279453.YouTubeLang.enc", "REU=");
user_pref("CT3279453.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT3279453.autoDisableScopes", -1);
user_pref("CT3279453.browser.search.defaultthis.engineName", "true");
user_pref("CT3279453.countryCode", "DE");
user_pref("CT3279453.defaultSearch", "true");
user_pref("CT3279453.embeddedsData", "[{\"appId\":\"3274282158\",\"apiPermissions\":{\"crossDomainAjax\":false,\"jsInjection\":false,\"instantAlert\":true,\"sslGranted\":false
user_pref("CT3279453.enableAlerts", "false");
user_pref("CT3279453.enableFix404ByUser", "TRUE");
user_pref("CT3279453.enableSearchFromAddressBar", "true");
user_pref("CT3279453.extensions.alexa.lastShowPrivacy.enc", "MTM3MTE1MDg2MDAxNQ==");
user_pref("CT3279453.firstTimeDialogOpened", "true");
user_pref("CT3279453.fixPageNotFoundError", "true");
user_pref("CT3279453.fixPageNotFoundErrorByUser", "true");
user_pref("CT3279453.fixPageNotFoundErrorInHidden", "true");
user_pref("CT3279453.fixUrls", true);
user_pref("CT3279453.fullUserID", "UN60877809339081931.UP.20130623182012");
user_pref("CT3279453.homepageuserchanged", true);
user_pref("CT3279453.hxxp___facebook_conduitapps_com_v213.APP_WIN_FEATURES.enc", "aHNjcm9sbD0xLHZzY3JvbGw9MSxzYXZlcmVzaXplZHNpemU9MCxyZXNpemFibGU9eWVzLHRpdGxlYmFyPXllcyxjbG9zZ
user_pref("CT3279453.hxxp___s3_amazonaws_com_com_alexa_toolbar_cnd_1_0_toolbar.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPW5vLHRpdGxlYmFyPXllcyxjbG9zZWJ1dHRvbj15ZXMsc2F2ZWxvY2F0aW9u
user_pref("CT3279453.hxxp___s3_amazonaws_com_com_alexa_toolbar_cnd_1_0_toolbar.extensions.alexa.hxxpsDadList.enc", "aHR0cHM6Wy9dezJ9KHd3d1swLTldP3xlbmNyeXB0ZWQpWy5dKGwuKT9nb29
user_pref("CT3279453.hxxp___s3_amazonaws_com_com_alexa_toolbar_cnd_1_0_toolbar.extensions.alexa.ranks.enc", "dHJ1ZQ==");
user_pref("CT3279453.hxxp___s3_amazonaws_com_com_alexa_toolbar_cnd_1_0_toolbar.extensions.alexa.resultsjs.enc", "ICBpZiAodHlwZW9mIHdpbmRvdy5DT05EVUlUX05TX1BIID09ICJ1bmRlZmluZW
user_pref("CT3279453.hxxp___s3_amazonaws_com_com_alexa_toolbar_cnd_1_0_toolbar.extensions.alexa.reviews.enc", "dHJ1ZQ==");
user_pref("CT3279453.hxxp___s3_amazonaws_com_com_alexa_toolbar_cnd_1_0_toolbar.extensions.alexa.searchconf.enc", "ewogICJnb29nbGUiIDogewogICAgInVybGV4cCIgOiAiaHR0cChzKT86XFwvX
user_pref("CT3279453.hxxp___s3_amazonaws_com_com_alexa_toolbar_cnd_1_0_toolbar.extensions.alexa.searchranks.enc", "dHJ1ZQ==");
user_pref("CT3279453.hxxp___s3_amazonaws_com_com_alexa_toolbar_cnd_1_0_toolbar.extensions.alexa.session.enc", "QnhjS2gxbkZXNTAwd3U=");
user_pref("CT3279453.hxxp___s3_amazonaws_com_com_alexa_toolbar_cnd_1_0_toolbar.extensions.alexa.usage-stats.enc", "dHJ1ZQ==");
user_pref("CT3279453.installDate", "7/6/2013 22:24:19");
user_pref("CT3279453.installId", "conduitnsisintegration");
user_pref("CT3279453.installSessionId", "-1");
user_pref("CT3279453.installSp", "TRUE");
user_pref("CT3279453.installType", "conduitnsisintegration");
user_pref("CT3279453.installUsage", "2013-06-08T09:51:20.8873008+03:00");
user_pref("CT3279453.installUsageEarly", "2013-06-08T09:51:09.982761+03:00");
user_pref("CT3279453.installerVersion", "1.4.2.3");
user_pref("CT3279453.isCheckedStartAsHidden", true);
user_pref("CT3279453.isCollapsed_3274282158", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3279453.isCollapsed_3548259042", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3279453.isCollapsed_41344108", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3279453.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3279453.isFirstTimeToolbarLoading", "false");
user_pref("CT3279453.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3279453.keyword", "true");
user_pref("CT3279453.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3279453&octid=CT3279453&SearchSource=15&CUI=UN6087780933908193
user_pref("CT3279453.lastVersion", "10.16.4.519");
user_pref("CT3279453.mam_gk_appStateReportTime.enc", "MTM3MzIwMTU3MzM1Mg==");
user_pref("CT3279453.mam_gk_appState_CouponBuddy.enc", "b2Zm");
user_pref("CT3279453.mam_gk_appState_Easytobook.enc", "b2Zm");
user_pref("CT3279453.mam_gk_appState_Easytobook_targeted.enc", "b2Zm");
user_pref("CT3279453.mam_gk_appState_PriceGong.enc", "b2Zm");
user_pref("CT3279453.mam_gk_appState_WindowShopper.enc", "b2Zm");
user_pref("CT3279453.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnN
user_pref("CT3279453.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
user_pref("CT3279453.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiIxOTM3ODZkMy1mMzFlLTRiMGYtOT
user_pref("CT3279453.mam_gk_currentBadgeValue.enc", "MQ==");
user_pref("CT3279453.mam_gk_currentVersion.enc", "MS44LjAuNA==");
user_pref("CT3279453.mam_gk_eventsCache.enc", "eyI3Y2Y2MWE1YS0yYWRjLTQzZTEtOTIyOC1mMzhlZjA1NmIwZTAiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlv
user_pref("CT3279453.mam_gk_first_time.enc", "MQ==");
user_pref("CT3279453.mam_gk_gadgetOpen.enc", "MA==");
user_pref("CT3279453.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
user_pref("CT3279453.mam_gk_lastLoginTime.enc", "MTM3MzIwMTU2OTU1MQ==");
user_pref("CT3279453.mam_gk_lastSettingsOpen.enc", "eyJzZXR0aW5nc1BhZ2VGdWxsVXJsIjoiaHR0cDovL2FwcC5tYW0uY29uZHVpdC5jb20vZ2V0YXBwL0NUMzI3OTQ1My9zZXR0aW5ncy5odG1sP2N0aWQ9Q1QzMjc
user_pref("CT3279453.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50LVJpY2h0bGluaWUifSwiZ2FkZ2V0RGVzY3JpcHRpb25QcmltYXJ5Ijp7IlRleHQiOiJWYWx1ZSB
user_pref("CT3279453.mam_gk_newApps.enc", "W10=");
user_pref("CT3279453.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
user_pref("CT3279453.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNDZfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoi
user_pref("CT3279453.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
user_pref("CT3279453.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
user_pref("CT3279453.mam_gk_userId.enc", "ZWMzODFiNmMtYTI1My00N2I0LWE4NjItOTQ3YzZmZDdkMGMz");
user_pref("CT3279453.mam_gk_user_approval_interacted.enc", "MQ==");
user_pref("CT3279453.migrateAppsAndComponents", true);
user_pref("CT3279453.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Ablank\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://
user_pref("CT3279453.openThankYouPage", "false");
user_pref("CT3279453.openUninstallPage", "true");
user_pref("CT3279453.originalHomepage", "about:home");
user_pref("CT3279453.originalSearchAddressUrl", "");
user_pref("CT3279453.originalSearchEngine", "");
user_pref("CT3279453.price-gong.isManagedApp", "true");
user_pref("CT3279453.qa1231CK_count.enc", 0);
user_pref("CT3279453.revertSettingsEnabled", "FALSE");
user_pref("CT3279453.search.searchAppId", "130029007934982115");
user_pref("CT3279453.search.searchCount", "2");
user_pref("CT3279453.searchFromAddressBarEnabledByUser", "true");
user_pref("CT3279453.searchInNewTabEnabledByUser", "true");
user_pref("CT3279453.searchInNewTabEnabledInHidden", "true");
user_pref("CT3279453.searchRevert", "FALSE");
user_pref("CT3279453.searchSuggestEnabledByUser", "true");
user_pref("CT3279453.searchUserMode", "2");
user_pref("CT3279453.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3279453.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3279453.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT3279453.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3279453\"}");
user_pref("CT3279453.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://DVDvideoSoft20.OurToolbar.com//xpi\"}");
user_pref("CT3279453.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"DVDvideoSoft 2.0\"}");
user_pref("CT3279453.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3279453.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
user_pref("CT3279453.serviceLayer_services_Configuration_lastUpdate", "1373183677696");
user_pref("CT3279453.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1372584012814");
user_pref("CT3279453.serviceLayer_services_appsMetadata_lastUpdate", "1373125180402");
user_pref("CT3279453.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1373108013502");
user_pref("CT3279453.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1370674284888");
user_pref("CT3279453.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1370674295187");
user_pref("CT3279453.serviceLayer_services_location_lastUpdate", "1372002485760");
user_pref("CT3279453.serviceLayer_services_login_10.14.65.43_lastUpdate", "1372002487791");
user_pref("CT3279453.serviceLayer_services_login_10.16.1.21_lastUpdate", "1370711589623");
user_pref("CT3279453.serviceLayer_services_login_10.16.4.519_lastUpdate", "1373202586511");
user_pref("CT3279453.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1373108014784");
user_pref("CT3279453.serviceLayer_services_searchAPI_lastUpdate", "1373183677561");
user_pref("CT3279453.serviceLayer_services_serviceMap_lastUpdate", "1373183677039");
user_pref("CT3279453.serviceLayer_services_setupAPI_lastUpdate", "1372002486619");
user_pref("CT3279453.serviceLayer_services_toolbarContextMenu_lastUpdate", "1373108013325");
user_pref("CT3279453.serviceLayer_services_toolbarSettings_lastUpdate", "1373202587066");
user_pref("CT3279453.serviceLayer_services_translation_lastUpdate", "1373183678235");
user_pref("CT3279453.serviceLayer_services_userApps1ec55dac-8dca-406b-9697-5d68893c1c0c_lastUpdate", "1373125181046");
user_pref("CT3279453.serviceLayer_services_userApps6a696dac-7e05-4e71-b65b-c839e7a89006_lastUpdate", "1373125180944");
user_pref("CT3279453.serviceLayer_services_userApps_lastUpdate", "1373125791163");
user_pref("CT3279453.serviceLayer_services_userAppsb3e5f413-cc68-4e96-8cf0-6bbbb6287e74_lastUpdate", "1373125791088");
user_pref("CT3279453.serviceLayer_services_userAppsc9b72ac0-73cb-4352-b0f7-3ae64f215eda_lastUpdate", "1373125777181");
user_pref("CT3279453.serviceLayer_services_userAppse537cebf-1a67-4a90-9e10-850090f20776_lastUpdate", "1373125786344");
user_pref("CT3279453.settingsINI", true);
user_pref("CT3279453.shouldFirstTimeDialog", "false");
user_pref("CT3279453.showToolbarPermission", "false");
user_pref("CT3279453.smartbar.CTID", "CT3279453");
user_pref("CT3279453.smartbar.Uninstall", "0");
user_pref("CT3279453.smartbar.homepage", "true");
user_pref("CT3279453.smartbar.toolbarName", "DVDvideoSoft 2.0 ");
user_pref("CT3279453.startPage", "true");
user_pref("CT3279453.toolbarBornServerTime", "8-6-2013");
user_pref("CT3279453.toolbarCurrentServerTime", "7-7-2013");
user_pref("CT3279453.toolbarDisabled", "true");
user_pref("CT3279453.toolbarLoginClientTime", "Sat Jun 08 2013 08:51:33 GMT+0200");
user_pref("CT3279453.versionFromInstaller", "10.16.1.21");
user_pref("CT3279453_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1373956082887,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3279453&octid=CT3279453&SearchSource=61&CUI=UN60877809339081931&UM=2&UP=SP986D0DF6-489B-409E-B636
user_pref("Smartbar.ConduitSearchEngineList", "");
user_pref("Smartbar.ConduitSearchUrlList", "");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3279453");
user_pref("browser.search.defaultthis.engineName", "DVDvideoSoft 2.0 Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279453&CUI=UN60877809339081931&UM=2&SearchSource=3&q={searchTerms}");
user_pref("extensions.helperbar.SmartbarDisabled", false);
user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?octid=CT3279453&ctid=CT3279453&SearchSource=2&CUI=UN60877809339081931&UM=2&q=");
user_pref("smartBar.searchInNewTabOwner", "CT3279453");
user_pref("smartbar.addressBarOwnerCTID", "CT3279453");
user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3279453&CUI=UN60877809339081931&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3279453&oct
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279453&SearchSource=2&CUI=UN60877809339081931&UM=2&q=,hxxp://search.condui
user_pref("smartbar.defaultSearchOwnerCTID", "CT3279453");
user_pref("smartbar.homePageOwnerCTID", "CT3279453");
user_pref("smartbar.machineId", "LWFCBFKVMLQ2N0Q1CAXZ9FQQVMCB+NBDA4RPNKHJP/BDRY2HQNDYTYTYRIDP0UQLM9FFKOZ1HSTKTTZVEG9X/Q");
user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3279453&CUI=UN60877809339081931&UM=2&SearchSource=13");
user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279453&SearchSource=2&CUI=UN60877809339081931&UM=2&q=");
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.07.2013 at 8:31:48,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen > AdwCleaner[R1].txt Code:
# AdwCleaner v2.305 - Datei am 18/07/2013 um 08:34:19 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Adminstrator - ********-5C7CAA
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Adminstrator\Eigene Dateien\Downloads\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gefunden : C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\Mozilla\Firefox\Profiles\mwfp4yx8.default\CT3279453
Ordner Gefunden : C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\Mozilla\Firefox\Profiles\mwfp4yx8.default\extensions\{04a8dd1a-4754-48fe-a703-99846646ef04}
Ordner Gefunden : C:\Dokumente und Einstellungen\Adminstrator\Lokale Einstellungen\Anwendungsdaten\Conduit
Ordner Gefunden : C:\Dokumente und Einstellungen\Adminstrator\Lokale Einstellungen\Anwendungsdaten\DVDvideoSoft_2.0
Ordner Gefunden : C:\Dokumente und Einstellungen\Adminstrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Ordner Gefunden : C:\Dokumente und Einstellungen\Adminstrator\Lokale Einstellungen\Anwendungsdaten\Smartbar
Ordner Gefunden : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SweetIM
Ordner Gefunden : C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\DVDvideoSoft_2.0
Ordner Gefunden : C:\Programme\DVDvideoSoft_2.0
Ordner Gefunden : C:\Programme\Gemeinsame Dateien\DVDVideoSoft\TB
Ordner Gefunden : C:\Programme\SweetIM
Ordner Gefunden : C:\WINDOWS\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\DVDvideoSoft_2.0
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17667902-A1A2-4DC4-8C42-CB1B60BF2202}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKCU\Software\SearchProtect
Schlüssel Gefunden : HKCU\Software\SmartbarLog
Schlüssel Gefunden : HKCU\Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{17667902-A1A2-4DC4-8C42-CB1B60BF2202}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Schlüssel Gefunden : HKLM\Software\DVDvideoSoft_2.0
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88010AC8-CD52-4BF2-8094-0B993BFA4C85}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE8C3B07-E7A6-4ABD-A233-DA9BFD3F67B5}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDvideoSoft_2.0 Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{17667902-A1A2-4DC4-8C42-CB1B60BF2202}
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDvideoSoft_2.0 Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gefunden : HKLM\Software\SearchProtect
Schlüssel Gefunden : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\Mozilla\Firefox\Profiles\mwfp4yx8.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v28.0.1500.72
Datei : C:\Dokumente und Einstellungen\Adminstrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Preferences
Gefunden [l.25] : keyword = "search.snap.do",
Gefunden [l.29] : search_url = "hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=7bbe6294-1fcd-4bad-b713-9162ff4990f6&searchtype=ds&q={searchTerms}&installDate=01/01/1970",
*************************
AdwCleaner[R1].txt - [12306 octets] - [18/07/2013 08:34:19]
########## EOF - C:\AdwCleaner[R1].txt - [12367 octets] ########## und > AdwCleaner[R1].txt Code:
# AdwCleaner v2.305 - Datei am 18/07/2013 um 08:37:27 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Adminstrator - *******-5C7CAA
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Adminstrator\Eigene Dateien\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Gelöscht mit Neustart : C:\Dokumente und Einstellungen\Adminstrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Ordner Gelöscht : C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\Mozilla\Firefox\Profiles\mwfp4yx8.default\CT3279453
Ordner Gelöscht : C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\Mozilla\Firefox\Profiles\mwfp4yx8.default\extensions\{04a8dd1a-4754-48fe-a703-99846646ef04}
Ordner Gelöscht : C:\Dokumente und Einstellungen\Adminstrator\Lokale Einstellungen\Anwendungsdaten\Conduit
Ordner Gelöscht : C:\Dokumente und Einstellungen\Adminstrator\Lokale Einstellungen\Anwendungsdaten\DVDvideoSoft_2.0
Ordner Gelöscht : C:\Dokumente und Einstellungen\Adminstrator\Lokale Einstellungen\Anwendungsdaten\Smartbar
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SweetIM
Ordner Gelöscht : C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\DVDvideoSoft_2.0
Ordner Gelöscht : C:\Programme\DVDvideoSoft_2.0
Ordner Gelöscht : C:\Programme\Gemeinsame Dateien\DVDVideoSoft\TB
Ordner Gelöscht : C:\Programme\SweetIM
Ordner Gelöscht : C:\WINDOWS\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\DVDvideoSoft_2.0
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17667902-A1A2-4DC4-8C42-CB1B60BF2202}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\SearchProtect
Schlüssel Gelöscht : HKCU\Software\SmartbarLog
Schlüssel Gelöscht : HKCU\Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{17667902-A1A2-4DC4-8C42-CB1B60BF2202}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Schlüssel Gelöscht : HKLM\Software\DVDvideoSoft_2.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88010AC8-CD52-4BF2-8094-0B993BFA4C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE8C3B07-E7A6-4ABD-A233-DA9BFD3F67B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDvideoSoft_2.0 Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{17667902-A1A2-4DC4-8C42-CB1B60BF2202}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDvideoSoft_2.0 Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\Software\SearchProtect
Schlüssel Gelöscht : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\Mozilla\Firefox\Profiles\mwfp4yx8.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v28.0.1500.72
Datei : C:\Dokumente und Einstellungen\Adminstrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.25] : keyword = "search.snap.do",
Gelöscht [l.29] : search_url = "hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=7bbe6294-1fcd-[...]
*************************
AdwCleaner[R1].txt - [12437 octets] - [18/07/2013 08:34:19]
AdwCleaner[S1].txt - [12303 octets] - [18/07/2013 08:37:27]
########## EOF - C:\AdwCleaner[S1].txt - [12364 octets] ##########
Kontrolle mit OTL > OTL.txt Code:
OTL logfile created on: 18.07.2013 08:55:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Adminstrator\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
894,17 Mb Total Physical Memory | 344,25 Mb Available Physical Memory | 38,50% Memory free
2,12 Gb Paging File | 1,50 Gb Available in Paging File | 71,08% Paging File free
Paging file location(s): c:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 97,53 Gb Free Space | 65,44% Space Free | Partition Type: NTFS
Computer Name: **********-5C7CAA | User Name: Adminstrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Adminstrator\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
PRC - C:\Mouse driver\mouse_driver.exe ()
PRC - C:\Programme\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\Power Manager\PM.exe ()
PRC - C:\WINDOWS\system32\UMonit.exe ()
PRC - C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
MOD - C:\Mouse driver\mouse_driver.exe ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\wfvie12.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\wgui12.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\wauff12.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\rsodbc47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\rsdcom47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\wcore12.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\wreli12.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\wsteu12.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\rsguiwinapi47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\rscorewinapi47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtcluceners47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\phononrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtwebkitrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qttestrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtscriptrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtsqlrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtsvgrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtguirs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qt3supportrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtnetworkrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtxmlrs47.dll ()
MOD - C:\Programme\Buhl finance\tax Steuersoftware 2012\qtcorers47.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Programme\Power Manager\PM.exe ()
MOD - C:\WINDOWS\system32\ustor.dll ()
MOD - C:\WINDOWS\system32\UMonit.exe ()
MOD - C:\WINDOWS\sm56spn.dll ()
MOD - C:\WINDOWS\sm56itl.dll ()
MOD - C:\WINDOWS\sm56eng.dll ()
MOD - C:\WINDOWS\sm56brz.dll ()
MOD - C:\WINDOWS\sm56ger.dll ()
MOD - C:\WINDOWS\sm56fra.dll ()
MOD - C:\WINDOWS\sm56jpn.dll ()
MOD - C:\WINDOWS\sm56cht.dll ()
MOD - C:\WINDOWS\sm56chs.dll ()
========== Services (SafeList) ==========
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Programme\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (rtl8139) -- system32\DRIVERS\RTL8139.SYS File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (tbhsd) -- C:\WINDOWS\system32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (RRNetCapMP) -- C:\WINDOWS\system32\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV - (RRNetCap) -- C:\WINDOWS\system32\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV - (acedrv11) -- C:\WINDOWS\system32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (whfltr2k) -- C:\WINDOWS\system32\drivers\whfltr2k.sys ()
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (WINIO) -- C:\WINDOWS\system32\WinIo.sys (hxxp://www.internals.com)
DRV - (fixustor) -- C:\WINDOWS\system32\drivers\fixustor.sys (Genesys Logic)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (smserial) -- C:\WINDOWS\system32\drivers\smserial.sys (Motorola Inc.)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (EKBfltr) -- C:\WINDOWS\system32\drivers\EKBfltr.sys (EnE Technology Inc.)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows (R) Server 2003 DDK provider)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=7bbe6294-1fcd-4bad-b713-9162ff4990f6&searchtype=ds&q={searchTerms}&installDate=01/01/1970
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=QuickOB&dpid=QuickOB&co=DE&userid=7bbe6294-1fcd-4bad-b713-9162ff4990f6&searchtype=ds&q={searchTerms}&installDate=01/01/1970
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1801674531-261478967-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1801674531-261478967-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1801674531-261478967-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F6 37 EC 4D 34 26 CD 01 [binary data]
IE - HKU\S-1-5-21-1801674531-261478967-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-21-1801674531-261478967-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-1801674531-261478967-682003330-1004\..\SearchScopes,DefaultScope = {A050F13A-8482-434F-BF23-E39439B1DFC9}
IE - HKU\S-1-5-21-1801674531-261478967-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1801674531-261478967-682003330-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1801674531-261478967-682003330-1004\..\SearchScopes\{A050F13A-8482-434F-BF23-E39439B1DFC9}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deDE482
IE - HKU\S-1-5-21-1801674531-261478967-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1801674531-261478967-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.1: C:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Programme\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.07.17 08:57:07 | 000,000,000 | ---D | M]
[2010.08.24 19:13:54 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\Mozilla\Extensions
[2013.07.18 08:38:10 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\Mozilla\Firefox\Profiles\mwfp4yx8.default\extensions
[2013.04.11 07:27:21 | 000,000,000 | ---D | M] ("QuickShare Widget") -- C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\Mozilla\Firefox\Profiles\mwfp4yx8.default\extensions\{7bbe6294-1fcd-4bad-b713-9162ff4990f6}
[2011.12.26 22:47:26 | 000,001,819 | ---- | M] () -- C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\Mozilla\Firefox\Profiles\mwfp4yx8.default\searchplugins\bing.xml
[2013.07.02 21:04:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.07.02 21:05:20 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.08.25 06:49:39 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
========== Chrome ==========
CHR - default_search_provider: Web (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Programme\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Programme\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
O1 HOSTS File: ([2013.07.16 09:05:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCSSync] C:\Programme\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PowerManager] C:\Programme\Power Manager\PM.exe ()
O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UMonit] C:\WINDOWS\system32\UMonit.exe ()
O4 - HKLM..\Run: [uni mouse driver] C:\Mouse driver\mouse_driver.exe ()
O4 - HKLM..\Run: [uni mouse driver tilt] C:\Mouse driver\wh_exec.exe ()
O4 - HKU\S-1-5-21-1801674531-261478967-682003330-1004..\Run: [OfficeSyncProcess] C:\Programme\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\Adminstrator\Startmenü\Programme\Autostart\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\t@x aktuell.lnk = C:\Programme\Buhl finance\tax Steuersoftware 2012\taxaktuell.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1801674531-261478967-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1801674531-261478967-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-1801674531-261478967-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1801674531-261478967-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1801674531-261478967-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1374058177109 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C669EF8D-9003-4F96-90E2-4A70D73BE08F}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Adminstrator\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Adminstrator\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.08.24 18:39:55 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sprestrt)
O34 - HKLM BootExecute: (sprestrt)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.07.18 08:28:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.07.17 13:21:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes
[2013.07.17 13:20:34 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2013.07.17 13:20:21 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2013.07.17 13:20:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.07.17 12:59:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013.07.17 12:58:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.07.17 12:55:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage
[2013.07.17 07:59:31 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013.07.17 07:59:31 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2013.07.16 21:28:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)
[2013.07.16 21:24:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Adminstrator\Desktop\mbar
[2013.07.16 20:01:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.07.16 19:35:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\Avira
[2013.07.16 19:26:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2013.07.16 19:24:11 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2013.07.16 19:24:00 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.07.16 19:24:00 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.07.16 19:24:00 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2013.07.16 19:21:51 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2013.07.16 19:21:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2013.07.16 09:06:05 | 000,006,144 | ---- | C] (hxxp://www.internals.com) -- C:\WINDOWS\System32\WinIo.sys
[2013.07.16 08:40:12 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.07.16 08:37:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.07.16 08:37:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.07.16 08:37:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.07.16 08:37:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.07.16 08:36:31 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.07.16 08:36:26 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Videos
[2013.07.16 08:36:26 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Adminstrator\Eigene Dateien\Eigene Videos
[2013.07.16 08:35:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.07.16 08:35:24 | 005,089,088 | R--- | C] (Swearware) -- C:\Dokumente und Einstellungen\Adminstrator\Desktop\ComboFix.exe
[2013.07.15 16:12:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.07.02 21:04:35 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2013.06.23 18:49:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Adminstrator\Eigene Dateien\Neuer Ordner (2)
[65 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.07.18 08:40:49 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.18 08:40:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.07.18 08:39:03 | 000,001,102 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.18 08:33:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.07.17 20:14:57 | 000,000,144 | ---- | M] () -- C:\Dokumente und Einstellungen\Adminstrator\Desktop\Virensuche.url
[2013.07.17 18:36:37 | 000,000,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Adminstrator\Eigene Dateien\MBR.dat
[2013.07.17 18:31:10 | 000,002,489 | ---- | M] () -- C:\Dokumente und Einstellungen\Adminstrator\Desktop\Microsoft Word 2010.lnk
[2013.07.17 13:21:25 | 000,001,529 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2013.07.17 13:02:07 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.07.17 12:55:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.07.17 12:15:37 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.07.17 11:56:56 | 000,270,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.07.17 10:37:58 | 000,506,904 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.07.17 10:37:58 | 000,484,974 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.07.17 10:37:58 | 000,096,698 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.07.17 10:37:58 | 000,080,988 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.07.16 19:26:16 | 000,001,678 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2013.07.16 19:15:15 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2013.07.16 19:15:14 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.07.16 19:15:14 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.07.16 19:15:14 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2013.07.16 09:05:11 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.07.16 08:40:20 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013.07.16 08:34:27 | 005,089,088 | R--- | M] (Swearware) -- C:\Dokumente und Einstellungen\Adminstrator\Desktop\ComboFix.exe
[2013.07.09 12:23:26 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\.directory
[2013.07.01 22:22:51 | 000,047,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Adminstrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.07.01 07:26:31 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.06.24 16:13:42 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[65 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.07.17 20:14:37 | 000,000,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Adminstrator\Desktop\Virensuche.url
[2013.07.17 18:36:37 | 000,000,512 | ---- | C] () -- C:\Dokumente und Einstellungen\Adminstrator\Eigene Dateien\MBR.dat
[2013.07.17 15:37:05 | 000,000,715 | ---- | C] () -- C:\Dokumente und Einstellungen\Adminstrator\Desktop\Firefox.lnk
[2013.07.17 13:21:25 | 000,001,529 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2013.07.16 19:26:16 | 000,001,678 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2013.07.16 08:40:20 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013.07.16 08:40:16 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2013.07.16 08:37:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.07.16 08:37:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.07.16 08:37:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.07.16 08:37:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.07.16 08:37:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.07.09 12:23:26 | 000,000,049 | ---- | C] () -- C:\WINDOWS\System32\.directory
[2013.05.11 18:46:09 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Missing.ini
[2012.12.26 10:22:41 | 000,284,154 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1801674531-261478967-682003330-1004-0.dat
[2012.12.26 10:22:29 | 000,284,154 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.12.02 12:15:05 | 000,000,062 | ---- | C] () -- C:\WINDOWS\pcvcdbr.INI
[2012.12.02 12:12:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcvcdvw.INI
[2012.08.16 11:29:56 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Menu.INI
[2012.04.27 12:14:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.05 11:08:02 | 000,000,063 | ---- | C] () -- C:\WINDOWS\wiso.ini
[2011.11.26 13:22:02 | 000,049,848 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011.09.12 21:03:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\webica.ini
[2010.12.28 16:09:21 | 000,047,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Adminstrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.25 07:03:02 | 000,000,470 | ---- | C] () -- C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\burnaware.ini
[2010.08.24 18:52:41 | 000,000,145 | ---- | C] () -- C:\Dokumente und Einstellungen\Adminstrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
========== ZeroAccess Check ==========
[2010.08.24 18:51:59 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.02.28 20:49:18 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.04.24 11:51:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\Buhl Data Service GmbH
[2013.06.07 22:21:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\DVDVideoSoft
[2011.05.25 15:49:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\Ekdyod
[2010.10.13 11:26:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\elsterformular
[2012.12.25 23:19:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\Garmin
[2012.05.15 14:21:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\Haldy
[2011.09.12 21:02:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\ICAClient
[2011.01.21 23:04:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\ProtectDISC
[2013.06.07 22:25:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Adminstrator\Anwendungsdaten\TuneUp Software
[2013.07.17 13:21:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012.05.24 07:43:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2013.06.07 22:22:43 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2010.10.13 11:25:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2012.08.16 11:20:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RapidSolution
[2013.06.07 22:26:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2013.06.16 13:49:48 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.06.07 22:27:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\TuneUp Software
========== Purity Check ==========
< End of report > Kontrolle mit OTL > Extra.txt Code:
OTL Extras logfile created on: 18.07.2013 08:55:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Adminstrator\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
894,17 Mb Total Physical Memory | 344,25 Mb Available Physical Memory | 38,50% Memory free
2,12 Gb Paging File | 1,50 Gb Available in Paging File | 71,08% Paging File free
Paging file location(s): c:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 97,53 Gb Free Space | 65,44% Space Free | Partition Type: NTFS
Computer Name: *********-5C7CAA | User Name: Adminstrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.txt [@ = TXTFile] -- "C:\Programme\Fhwm\Fhwm.exe" %1
[HKEY_USERS\S-1-5-21-1801674531-261478967-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- "C:\Programme\Fhwm\Fhwm.exe" %1
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Systemsteuerung
"{0E806605-5B82-4A4F-BC31-AA4FADA03C42}" = t@x 2012 Professional
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3752A675-51DC-4F66-9924-FE973CE73556}" = Winklers Lernprogramm 2022 (Demo)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{46B1A7B4-4E7D-426B-B62C-38597142250F}" = WISO Haushaltsbuch 2012
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7108738A-F48C-4FC9-80A1-4B70254270DF}" = Audials
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{813768CF-9FCE-4E0E-A291-9E479F7B827E}" = Stotax Gehalt und Lohn Start 2011
"{824E562F-04CC-4908-946F-DF2D5E620914}" = Winklers Lernprogramm 2027 (Demo)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0081-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{959B7F35-2819-40C5-A0CD-3C53B5FCC935}" = Genesys USB Mass Storage Device
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF860F85-54A3-4A28-879B-BF9E6E325776}" = QuickShare
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira Free Antivirus
"BurnAware Free_is1" = BurnAware Free 3.0.3
"ElsterFormular 11.5.1.4843" = ElsterFormular
"Free Audio CD to MP3 Converter_is1" = Free Audio CD to MP3 Converter version 1.3.12.1228
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Webclient für Win32
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"Power Manager_is1" = Power Manager 1.11.5
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"SMSERIAL" = Motorola SM56 Data Fax Modem
"Sweetpacks Bundle Uninstaller" = Sweetpacks Bundle Uninstaller
"uni mouse driver" = Mouse driver v1.0
"VLC media player" = VLC media player 1.0.1
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WISO Haushaltsbuch 2012" = WISO Haushaltsbuch 2012
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16.07.2013 02:58:25 | Computer Name = *********-5C7CAA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OneClick.exe, Version 13.0.3020.2, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 16.07.2013 12:53:07 | Computer Name = *********-5C7CAA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 16.07.2013 16:25:31 | Computer Name = *********-5C7CAA | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32)
- Failed to compile: Microsoft.Build.Tasks, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
. Error code = 0x80070005
Error - 17.07.2013 01:48:42 | Computer Name = *********-5C7CAA | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 17.07.2013 03:51:10 | Computer Name = *********-5C7CAA | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32)
- Failed to compile: C:\Programme\Gemeinsame Dateien\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.AddInAdapter.v9.0.dll
. Error code = 0x80070005
Error - 17.07.2013 04:26:30 | Computer Name = *********-5C7CAA | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32)
- Failed to compile: c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication
Foundation\Microsoft.Transactions.Bridge.dll . Error code = 0x80070005
Error - 17.07.2013 06:01:41 | Computer Name = *********-5C7CAA | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 17.07.2013 09:57:59 | Computer Name = *********-5C7CAA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung aswmbr.exe, Version 0.9.9.1771, fehlgeschlagenes
Modul aswmbr.exe, Version 0.9.9.1771, Fehleradresse 0x000128d9.
Error - 17.07.2013 10:52:28 | Computer Name = *********-5C7CAA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung aswmbr.exe, Version 0.9.9.1771, fehlgeschlagenes
Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x00011689.
Error - 18.07.2013 02:28:57 | Computer Name = *********-5C7CAA | Source = CltMngSvc | ID = 1000
Description =
[ System Events ]
Error - 16.07.2013 03:02:32 | Computer Name = *********-5C7CAA | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_WINIO\0000" wurde ohne vorbereitende Maßnahmen
vom System entfernt.
Error - 16.07.2013 03:06:24 | Computer Name = *********-5C7CAA | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WINIO" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 16.07.2013 14:16:20 | Computer Name = *********-5C7CAA | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 16.07.2013 14:20:22 | Computer Name = *********-5C7CAA | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 16.07.2013 14:21:06 | Computer Name = *********-5C7CAA | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 16.07.2013 14:23:44 | Computer Name = *********-5C7CAA | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 17.07.2013 01:48:42 | Computer Name = *********-5C7CAA | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst WMI-Leistungsadapter.
Error - 17.07.2013 01:48:42 | Computer Name = *********-5C7CAA | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WMI-Leistungsadapter" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 17.07.2013 06:01:40 | Computer Name = *********-5C7CAA | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst WMI-Leistungsadapter.
Error - 17.07.2013 06:01:40 | Computer Name = *********-5C7CAA | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WMI-Leistungsadapter" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
< End of report > |