Wenn ich über "Neuer Task..." explorer.exe aufrufe kommt nur ein Explorer-Fenster, in dem ich auf "Computer" bin. Sehe alle Laufwerke und kann auch auf alle Daten zugreifen.
Hab ComboFix von meinem Standrechner mit angeschlossener Laptopplatte ausgeführt. Code:
ComboFix 12-07-25.04 - luks2 24.07.2012 18:07:43.2.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.43.1031.18.8190.6545 [GMT 2:00]
ausgeführt von:: c:\users\luks2\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-24 bis 2012-07-24 ))))))))))))))))))))))))))))))
.
.
2012-07-24 16:10 . 2012-07-24 16:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-24 14:59 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF398F66-DFE1-4590-88CB-081989892B48}\mpengine.dll
2012-07-19 08:28 . 2012-07-19 08:28 -------- d-----w- C:\_OTL
2012-07-16 20:34 . 2012-07-16 20:34 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-07-16 20:01 . 2012-07-16 20:01 -------- d-----w- c:\windows\SysWow64\Wat
2012-07-16 20:01 . 2012-07-16 20:01 -------- d-----w- c:\windows\system32\Wat
2012-07-16 19:52 . 2012-07-16 19:52 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2012-07-16 19:52 . 2012-07-16 19:52 -------- d-----w- c:\windows\system32\wbem\en-US
2012-07-16 19:35 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-16 19:25 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-16 19:21 . 2012-07-03 01:19 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-16 19:19 . 2012-07-16 19:19 -------- d-----w- c:\program files\Microsoft IntelliType Pro
2012-07-16 19:19 . 2012-07-16 19:19 -------- d-----w- c:\windows\PCHEALTH
2012-07-16 19:06 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-07-16 19:06 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-07-16 19:06 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-07-16 19:06 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-07-16 19:06 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-07-16 19:06 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-07-16 19:06 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-07-16 19:03 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-07-16 19:02 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-07-16 18:56 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-07-16 18:56 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-07-16 18:52 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-07-16 18:52 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-07-16 18:52 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-07-16 18:52 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-07-16 18:52 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-07-16 18:52 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-07-16 18:52 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-07-16 18:52 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-07-16 18:52 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-07-16 18:51 . 2012-07-16 18:51 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-07-16 18:39 . 2012-07-16 18:39 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-07-16 18:36 . 2012-07-16 18:36 -------- d-----w- c:\program files (x86)\Oracle
2012-07-16 18:35 . 2012-07-05 20:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-16 18:35 . 2012-07-05 20:06 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-07-16 18:35 . 2012-07-16 18:35 -------- d-----w- c:\program files (x86)\Java
2012-07-16 18:34 . 2012-07-16 17:43 -------- d-----w- c:\windows\Panther
2012-07-16 18:31 . 2012-07-16 18:31 -------- d-----w- c:\windows\system32\SPReview
2012-07-16 18:24 . 2012-07-05 11:02 95744 ----a-w- c:\windows\system32\pdfcmon.dll
2012-07-16 18:24 . 2005-04-15 18:58 1071088 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2012-07-16 18:24 . 2004-03-08 23:00 662288 ----a-w- c:\windows\SysWow64\MSCOMCT2.OCX
2012-07-16 18:24 . 1998-06-23 23:00 137000 ----a-w- c:\windows\SysWow64\MSMAPI32.OCX
2012-07-16 18:24 . 1998-07-06 16:56 125712 ----a-w- c:\windows\SysWow64\VB6DE.DLL
2012-07-16 18:24 . 1998-07-06 16:55 158208 ----a-w- c:\windows\SysWow64\MSCMCDE.DLL
2012-07-16 18:24 . 1998-07-06 16:55 64512 ----a-w- c:\windows\SysWow64\MSCC2DE.DLL
2012-07-16 18:24 . 2012-07-16 18:24 -------- d-----w- c:\program files (x86)\PDFCreator
2012-07-16 18:24 . 1998-07-05 23:00 23552 ----a-w- c:\windows\SysWow64\MSMPIDE.DLL
2012-07-16 18:23 . 2012-05-31 10:25 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-07-16 18:23 . 2012-07-16 18:23 -------- d-----w- c:\program files (x86)\VideoLAN
2012-07-16 18:22 . 2012-07-16 18:24 -------- d-----w- c:\program files (x86)\Notepad++
2012-07-16 18:18 . 2012-07-16 18:25 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-16 18:18 . 2012-07-16 18:18 -------- d-----w- c:\programdata\Malwarebytes
2012-07-16 18:18 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-16 18:15 . 2012-07-16 18:15 -------- d-----w- c:\program files (x86)\Fraps
2012-07-16 18:14 . 2010-11-20 03:00 2560 ----a-w- c:\windows\system32\drivers\de-DE\rdpwd.sys.mui
2012-07-16 18:14 . 2010-11-20 03:12 7168 ----a-w- c:\windows\system32\drivers\de-DE\msdsm.sys.mui
2012-07-16 18:14 . 2010-11-20 03:07 3584 ----a-w- c:\windows\system32\drivers\de-DE\tsusbflt.sys.mui
2012-07-16 18:14 . 2010-11-20 03:00 4608 ----a-w- c:\windows\system32\drivers\de-DE\vdrvroot.sys.mui
2012-07-16 18:14 . 2010-11-20 03:07 2560 ----a-w- c:\windows\system32\drivers\de-DE\disk.sys.mui
2012-07-16 18:08 . 2010-11-20 03:33 376192 ----a-w- c:\windows\system32\drivers\netio.sys
2012-07-16 18:06 . 2012-07-16 19:59 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-07-16 18:06 . 2012-07-16 19:59 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-07-16 18:06 . 2011-09-15 21:55 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-07-16 18:06 . 2012-07-16 18:06 -------- d-----w- c:\programdata\Avira
2012-07-16 18:06 . 2012-07-16 18:06 -------- d-----w- c:\program files (x86)\Avira
2012-07-16 18:06 . 2012-07-16 18:06 -------- d-----w- c:\windows\system32\EventProviders
2012-07-16 18:04 . 2012-07-16 18:04 -------- d-----w- c:\programdata\ATI
2012-07-16 18:04 . 2012-07-16 18:04 0 ----a-w- c:\windows\ativpsrm.bin
2012-07-16 17:57 . 2012-07-16 17:57 -------- d-----w- c:\programdata\AMD
2012-07-16 17:57 . 2012-07-16 17:57 -------- d-----w- c:\program files (x86)\AMD AVT
2012-07-16 17:57 . 2012-07-16 17:57 -------- d-----w- c:\program files (x86)\AMD APP
2012-07-16 17:57 . 2012-07-16 17:57 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-07-16 17:57 . 2012-07-16 17:57 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2012-07-16 17:57 . 2012-07-16 17:57 -------- d-----w- c:\program files (x86)\ATI Technologies
2012-07-16 17:56 . 2012-07-16 21:18 -------- d-sh--w- c:\windows\Installer
2012-07-16 17:56 . 2012-07-16 17:56 -------- d-----w- c:\program files\ATI
2012-07-16 17:56 . 2012-07-16 17:57 -------- d-----w- c:\program files\ATI Technologies
2012-07-16 17:49 . 2012-07-23 11:17 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-16 18:27 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-07-16 18:27 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-06-11 18:59 . 2012-06-11 18:59 10248192 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-06-11 18:35 . 2012-06-11 18:35 70144 ----a-w- c:\windows\system32\coinst_8.98.dll
2012-06-11 18:29 . 2012-06-11 18:29 24826368 ----a-w- c:\windows\system32\atio6axx.dll
2012-06-11 18:00 . 2012-06-11 18:00 20467712 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-06-11 17:25 . 2012-06-11 17:25 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-06-11 17:24 . 2012-06-11 17:24 924160 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-06-11 17:23 . 2012-06-11 17:23 1090560 ----a-w- c:\windows\system32\aticfx64.dll
2012-06-11 17:20 . 2012-06-11 17:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-06-11 17:19 . 2012-06-11 17:19 532992 ----a-w- c:\windows\system32\atieclxx.exe
2012-06-11 17:19 . 2012-06-11 17:19 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-06-11 17:17 . 2012-06-11 17:17 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-06-11 17:17 . 2012-06-11 17:17 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-06-11 17:17 . 2012-06-11 17:17 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-06-11 17:17 . 2012-06-11 17:17 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-06-11 17:16 . 2012-06-11 17:16 6301696 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-06-11 17:01 . 2012-06-11 17:01 6914560 ----a-w- c:\windows\system32\atidxx64.dll
2012-06-11 16:51 . 2012-06-11 16:51 4246528 ----a-w- c:\windows\system32\atiumd6a.dll
2012-06-11 16:45 . 2012-06-11 16:45 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-06-11 16:45 . 2012-06-11 16:45 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-06-11 16:45 . 2012-06-11 16:45 5480448 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-06-11 16:45 . 2012-06-11 16:45 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-06-11 16:45 . 2012-06-11 16:45 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-06-11 16:45 . 2012-06-11 16:45 15703040 ----a-w- c:\windows\system32\aticaldd64.dll
2012-06-11 16:43 . 2012-06-11 16:43 4729344 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-06-11 16:40 . 2012-06-11 16:40 13277696 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-06-11 16:36 . 2012-06-11 16:36 6605824 ----a-w- c:\windows\system32\atiumd64.dll
2012-06-11 16:27 . 2012-06-11 16:27 539136 ----a-w- c:\windows\system32\atiadlxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-06-11 16:26 . 2012-06-11 16:26 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-06-11 16:26 . 2012-06-11 16:26 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 367616 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-06-11 16:25 . 2012-06-11 16:25 54784 ----a-w- c:\windows\system32\atiuxp64.dll
2012-06-11 16:25 . 2012-06-11 16:25 42496 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-06-11 16:25 . 2012-06-11 16:25 45056 ----a-w- c:\windows\system32\atiu9p64.dll
2012-06-11 16:24 . 2012-06-11 16:24 32768 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-06-11 16:24 . 2012-06-11 16:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-06-11 11:50 . 2012-06-11 11:50 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-06-11 11:50 . 2012-06-11 11:50 75264 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-06-11 11:50 . 2012-06-11 11:50 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-06-11 11:50 . 2012-06-11 11:50 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-06-11 11:50 . 2012-06-11 11:50 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-06-11 11:50 . 2012-06-11 11:50 16457728 ----a-w- c:\windows\system32\amdocl64.dll
2012-06-11 11:49 . 2012-06-11 11:49 13008896 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-06-11 11:48 . 2012-06-11 11:48 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-06-11 11:48 . 2012-06-11 11:48 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-05-10 14:35 . 2012-05-10 14:35 43520 ----a-w- c:\windows\system32\kdbsdk64.dll
2012-05-10 14:35 . 2012-05-10 14:35 29184 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-24_14.41.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-07-16 18:06 . 2012-07-24 14:49 21664 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-24 14:49 34058 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:30 . 2012-07-16 20:01 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2012-07-24 14:58 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2012-07-16 17:40 . 2012-07-24 15:22 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-07-16 17:40 . 2012-07-16 22:13 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-07-24 15:22 . 2012-07-24 15:22 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-16 22:13 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-24 15:22 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-07-16 17:47 . 2012-07-24 14:49 4314 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2909973487-2284765892-632351020-1000_UserData.bin
+ 2012-07-24 16:11 . 2012-07-24 16:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-24 14:40 . 2012-07-24 14:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-24 16:11 . 2012-07-24 16:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-24 14:40 . 2012-07-24 14:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-19 20:40 . 2012-07-24 15:35 164306 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:36 . 2012-07-24 14:59 615810 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-07-24 14:32 615810 c:\windows\system32\perfh009.dat
+ 2009-07-14 17:58 . 2012-07-24 14:59 653928 c:\windows\system32\perfh007.dat
- 2009-07-14 17:58 . 2012-07-24 14:32 653928 c:\windows\system32\perfh007.dat
+ 2009-07-14 02:36 . 2012-07-24 14:59 106190 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-07-24 14:32 106190 c:\windows\system32\perfc009.dat
- 2009-07-14 17:58 . 2012-07-24 14:32 129800 c:\windows\system32\perfc007.dat
+ 2009-07-14 17:58 . 2012-07-24 14:59 129800 c:\windows\system32\perfc007.dat
+ 2009-07-14 05:30 . 2012-07-24 14:58 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-07-16 20:01 143360 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 00:21 . 2009-07-14 01:41 299520 c:\windows\system32\drivers\UMDF\WpdFs.dll
+ 2012-07-16 18:43 . 2012-07-24 16:10 413008 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2012-07-16 18:43 . 2012-07-24 14:37 413008 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-07-24 14:37 230752 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-07-24 16:10 230752 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-07-16 18:01 . 2012-07-24 16:10 8267508 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2909973487-2284765892-632351020-1000-8192.dat
- 2012-07-16 18:01 . 2012-07-24 14:37 8267508 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2909973487-2284765892-632351020-1000-8192.dat
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-16 348624]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-23 113120]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-16 1255736]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-15 27760]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-11 239616]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-16 86224]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\luks2\AppData\Roaming\Mozilla\Firefox\Profiles\r7wb8wmg.default\
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-07-24 18:14:34 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-07-24 16:14
ComboFix2.txt 2012-07-24 14:44
.
Vor Suchlauf: 10 Verzeichnis(se), 963.398.397.952 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 963.956.768.768 Bytes frei
.
- - End Of File - - 082BB87531C2AE96319B7B831AADDE33
Hier Add-Remove Programs.txt Code:
Adobe Reader X (10.1.3) - Deutsch
Avira Free Antivirus
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Fraps
Java Auto Updater
Java(TM) 7 Update 5
JavaFX 2.1.1
Malwarebytes Anti-Malware Version 1.62.0.1300
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 14.0.1 (x86 de)
Mozilla Maintenance Service
Notepad++
PDFCreator
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VLC media player 2.0.2
Hab mir den Log angesehen. Das Programm sucht ja nur auf C, was wenig sinnvoll ist wenn das beschädigte System auf F liegt.
Hab mir also gedacht vielleicht klappt das ganze auf dem Laptop auch indem ich die ComboFix.exe auf die Laptopfestplatte kopiere. Hab es unter (LaptopHDD) also F:\Users\Schöller\Desktop abgelegt. Anschließen HDD in den Laptop rein und den Rechner gestartet. Nach dem Start habe ich den Taskmanager gestartet und bin unter Prozesse auf alle Prozesse anzeigen gegangen, damit der Taskmanager unter Admin läuft. Hab dan anschließend über NeuerTask eine cmd-Shell gestartet und den Befehl "firewall.cpl" eingegeben. Hab in dem Neuen Fenster die Windows-Firewall deaktiviert. Anschließend habe ich wieder über Neuer Task "explorer.exe" aufgerufen und bin auf "C:\Programme\Avira\Antivier Desktop" gegangen, habe dort "avcenter.exe" ausgeführt und den AntivierGuard deaktiviert.
Jetzt bin ich wieder auf "Neuer Task" und habe die unter "C:\Users\Schöller\Desktop\ComboFix.exe" ausgewählt. Bevor ich auf OK geklickt habe hab ich noch "Diese Aufgabe mit Administrationsrechten erstellen." angehackt und hab dann die ComboFix.exe laut Anleitung durchlaufen lassen. Nach dem automatischen Neustart öffnet sich jedoch das ComboFix Fenster nicht mehr, so wie es beim Standrechner war und ich kann auch nirgends eins der zwei Logfiles finden. Der Ordner Qoobox ist aber vorhanden.
Hab anschließend einen Neustart gemacht Wieder den AviraGuard deaktiviert und dieses mal habe ich "Neuer Task" explorer.exe aufgerufen und das ComboFix.exe aus dem Explorer mittels Rechtsklick "Als Administrator ausführen" gestartet. Nach dem Neustart ist das ComboFix Fenster wieder nicht aufgegangen.
Hab dann nach einem weiteren Neustart mal adwcleaner auf die selbe Art laufen lassen. Habe nicht auf Delete geklickt. Hier der Log: Code:
# AdwCleaner v1.702 - Logfile created 07/24/2012 at 19:44:14
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Schöller - SCHÖLLER-PC
# Running from : C:\Users\Schöller\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\Users\Schöller\AppData\Roaming\Mozilla\Firefox\Profiles\ru11u5hw.default\extensions\ffxtlbra@softonic.com
File Found : C:\Users\Schöller\AppData\Roaming\Mozilla\Firefox\Profiles\ru11u5hw.default\searchplugins\softonic.xml
***** [Registry] *****
***** [Registre - GUID] *****
Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=10&cc=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=15&cc=
-\\ Mozilla Firefox v5.0.1 (de)
Profile name : default
File : C:\Users\Schöller\AppData\Roaming\Mozilla\Firefox\Profiles\ru11u5hw.default\prefs.js
Found : user_pref("browser.startup.homepage", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=13&cc=[...]
Found : user_pref("browser.search.selectedEngine", "Search the web (Softonic)");
Found : user_pref("keyword.URL", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=2&cc=&q=");
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Schöller\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found : "name" : "Search the web (Softonic)",
Found : "search_url" : "hxxp://search.softonic.com/MON00015/tb_v1?q={searchTerms}&SearchSource=49&cc=",
Found : "homepage" : "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=48&cc=",
*************************
AdwCleaner[R1].txt - [2332 octets] - [24/07/2012 19:44:14]
########## EOF - C:\AdwCleaner[R1].txt - [2460 octets] ##########
Auserdem habe ich auch auf diese Art OTL mit einem Quick Scan laufen lassen.
OTL.txt Code:
OTL logfile created on: 24.07.2012 20:10:18 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Schöller\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,04 Gb Available Physical Memory | 76,07% Memory free
7,99 Gb Paging File | 6,86 Gb Available in Paging File | 85,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,23 Gb Total Space | 377,72 Gb Free Space | 83,52% Space Free | Partition Type: NTFS
Drive D: | 13,24 Gb Total Space | 2,21 Gb Free Space | 16,67% Space Free | Partition Type: NTFS
Computer Name: SCHÖLLER-PC | User Name: Schöller | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.07.17 02:10:12 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Schöller\Desktop\OTL.exe
PRC - [2011.07.21 12:08:02 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2009.07.24 19:24:02 | 000,427,304 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
PRC - [2009.07.23 21:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009.07.23 12:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
========== Modules (No Company Name) ==========
MOD - [2009.07.24 19:24:16 | 000,275,848 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll
MOD - [2009.07.24 19:24:16 | 000,124,288 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll
MOD - [2009.07.24 19:24:14 | 000,349,480 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll
MOD - [2009.07.23 12:37:14 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.05.13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010.03.23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.07.02 20:16:06 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.03.02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
SRV - [2011.09.09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011.07.21 12:08:02 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.05.09 05:42:04 | 000,428,200 | ---- | M] (Avira GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.03.23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe -- (STacSV)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.22 20:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009.03.02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
SRV - [2009.02.22 12:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.21 12:11:10 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.07.21 12:11:09 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.05.13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.05.13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 01:37:44 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.05.27 22:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.03.23 14:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.09.22 03:47:14 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.07.21 05:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.02 20:51:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.06.29 20:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 12:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.05.23 08:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.05.09 02:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2009.05.05 07:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009.04.29 08:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009.03.09 07:49:08 | 000,036,408 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_AT&c=94&bd=Pavilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_AT&c=94&bd=Pavilion&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {3A9BC1E9-AED6-4CA0-91F2-B1E51CA4559B}
IE:64bit: - HKLM\..\SearchScopes\{3A9BC1E9-AED6-4CA0-91F2-B1E51CA4559B}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1134&query={searchTerms}&invocationType=tb50hpcnnbie7-de-at
IE:64bit: - HKLM\..\SearchScopes\{669F9EBE-F244-45E5-A3FA-BADDDF680154}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE:64bit: - HKLM\..\SearchScopes\{7E61E34B-4E2D-4BE4-ABA2-BE66227B9C0F}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_AT&c=94&bd=Pavilion&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {3A9BC1E9-AED6-4CA0-91F2-B1E51CA4559B}
IE - HKLM\..\SearchScopes\{3A9BC1E9-AED6-4CA0-91F2-B1E51CA4559B}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1134&query={searchTerms}&invocationType=tb50hpcnnbie7-de-at
IE - HKLM\..\SearchScopes\{669F9EBE-F244-45E5-A3FA-BADDDF680154}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKLM\..\SearchScopes\{7E61E34B-4E2D-4BE4-ABA2-BE66227B9C0F}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Schöller\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=10&cc=
IE - HKCU\..\SearchScopes,DefaultScope = {0925E80A-14E0-4CFC-B10C-075F401A1187}
IE - HKCU\..\SearchScopes\{0925E80A-14E0-4CFC-B10C-075F401A1187}: "URL" = hxxp://search.softonic.com/MON00015/tb_v1?q={searchTerms}&SearchSource=4&cc=
IE - HKCU\..\SearchScopes\{2D49EF8B-8198-4D5A-AF5A-01B68FB86FED}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{3A9BC1E9-AED6-4CA0-91F2-B1E51CA4559B}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1134&query={searchTerms}&invocationType=tb50hpcnnbie7-de-at
IE - HKCU\..\SearchScopes\{669F9EBE-F244-45E5-A3FA-BADDDF680154}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
IE - HKCU\..\SearchScopes\{7E61E34B-4E2D-4BE4-ABA2-BE66227B9C0F}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKCU\..\SearchScopes\{F22D8E9C-0C80-4BE6-BE4B-A0A7D19E8995}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-W1&o=100000080&src=crm&q={searchTerms}&locale=de_US&apn_ptnrs=JM&apn_dtid=YYYYYYYYAT&apn_uid=8e4b707f-3d0d-43d2-98a6-6a6bf1e12751&apn_sauid=480D4507-FBD1-4401-A014-F66B683C8EA8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..browser.startup.homepage: "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=13&cc="
FF - prefs.js..browser.search.selectedEngine: "Search the web (Softonic)"
FF - prefs.js..keyword.URL: "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=2&cc=&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.08.13 16:13:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011.08.13 16:13:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Schöller\AppData\Roaming\mozilla\Extensions
[2012.03.19 09:20:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Schöller\AppData\Roaming\mozilla\Firefox\Profiles\ru11u5hw.default\extensions
[2012.03.19 09:20:24 | 000,000,000 | ---D | M] (Softonic Toolbar) -- C:\Users\Schöller\AppData\Roaming\mozilla\Firefox\Profiles\ru11u5hw.default\extensions\ffxtlbra@softonic.com
[2012.03.19 09:20:22 | 000,002,060 | ---- | M] () -- C:\Users\Schöller\AppData\Roaming\Mozilla\Firefox\Profiles\ru11u5hw.default\searchplugins\softonic.xml
[2011.08.13 16:13:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.07.08 09:31:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=48&cc=
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF29620.3XE (Microsoft Corporation)
O4 - HKLM..\Run: [nmhvslfrxxfxxfd] C:\ProgramData\nmhvslfrxxfxxfdosjca.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [nmhvslfrxxfxxfd] C:\ProgramData\nmhvslfrxxfxxfdosjca.exe File not found
O4 - HKLM..\RunOnce: [combofix] C:\ComboFix\CF29620.3XE (Microsoft Corporation)
O4 - HKLM..\RunOnceEx: [flags] Reg Error: Invalid data type. File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-AT\local\search.html ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-AT\local\search.html ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35DF1C3F-D3AF-4C8E-8D86-909B8910FCDC}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer_new.exe) - File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.07.24 19:02:07 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.07.24 19:02:07 | 000,000,000 | ---D | C] -- C:\Users\Schöller\AppData\Local\temp
[2012.07.24 18:47:38 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012.07.24 18:36:31 | 000,000,000 | ---D | C] -- C:\Users\Schöller\Desktop\Avira Antivir
[2012.07.24 18:36:28 | 017,825,480 | ---- | C] (pdfforge GbR) -- C:\Users\Schöller\Desktop\PDFCreator-1_3_2_setup.exe
[2012.07.24 18:36:28 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Schöller\Desktop\OTL.exe
[2012.07.24 18:36:26 | 000,000,000 | ---D | C] -- C:\Users\Schöller\Desktop\Malewarebytes
[2012.07.24 18:12:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.07.24 18:12:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.07.24 18:12:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.07.24 18:12:30 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.07.24 18:12:01 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.07.24 16:56:31 | 004,584,441 | R--- | C] (Swearware) -- C:\Users\Schöller\Desktop\ComboFix.exe
========== Files - Modified Within 30 Days ==========
[2012.07.24 19:49:16 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.24 19:49:16 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.24 19:46:04 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.24 19:46:04 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.24 19:46:04 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.24 19:46:04 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.24 19:46:04 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.24 19:41:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.24 19:41:40 | 3218,235,392 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.24 18:34:14 | 000,000,809 | ---- | M] () -- C:\Users\Schöller\Desktop\ComboFix.exe - Verknüpfung.lnk
[2012.07.24 16:31:07 | 004,584,441 | R--- | M] (Swearware) -- C:\Users\Schöller\Desktop\ComboFix.exe
[2012.07.19 18:02:22 | 000,624,883 | ---- | M] () -- C:\Users\Schöller\Desktop\adwcleaner.exe
[2012.07.17 02:10:12 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Schöller\Desktop\OTL.exe
[2012.07.17 02:09:04 | 000,050,477 | ---- | M] () -- C:\Users\Schöller\Desktop\Defogger.exe
========== Files Created - No Company Name ==========
[2012.07.24 18:36:28 | 000,624,883 | ---- | C] () -- C:\Users\Schöller\Desktop\adwcleaner.exe
[2012.07.24 18:36:28 | 000,050,477 | ---- | C] () -- C:\Users\Schöller\Desktop\Defogger.exe
[2012.07.24 18:36:28 | 000,000,809 | ---- | C] () -- C:\Users\Schöller\Desktop\ComboFix.exe - Verknüpfung.lnk
[2012.07.24 18:12:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.07.24 18:12:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.07.24 18:12:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.07.24 18:12:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.07.24 18:12:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.05.27 12:29:35 | 000,000,448 | ---- | C] () -- C:\ProgramData\ajdozthneconpur
[2012.05.25 04:01:03 | 000,129,536 | ---- | C] () -- C:\Users\Schöller\AppData\Roaming\k8h00.exe
[2011.02.17 02:34:07 | 000,001,854 | ---- | C] () -- C:\Users\Schöller\AppData\Roaming\GhostObjGAFix.xml
[2009.12.12 21:41:30 | 000,000,224 | ---- | C] () -- C:\Users\Schöller\AppData\Roaming\wklnhst.dat
========== LOP Check ==========
[2009.12.12 21:41:31 | 000,000,000 | ---D | M] -- C:\Users\Schöller\AppData\Roaming\Template
[2012.05.05 19:59:40 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Extras.txt Code:
OTL Extras logfile created on: 24.07.2012 20:10:18 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Schöller\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,04 Gb Available Physical Memory | 76,07% Memory free
7,99 Gb Paging File | 6,86 Gb Available in Paging File | 85,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,23 Gb Total Space | 377,72 Gb Free Space | 83,52% Space Free | Partition Type: NTFS
Drive D: | 13,24 Gb Total Space | 2,21 Gb Free Space | 16,67% Space Free | Partition Type: NTFS
Computer Name: SCHÖLLER-PC | User Name: Schöller | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1274E49D-7523-4B9A-A631-95FA2547B0EA}" = lport=139 | protocol=6 | dir=in | app=system |
"{24DF6CE4-6C34-4458-A41C-A5F6EA6E0CFA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2F4AD664-08A6-401A-9BDF-1295F52D9881}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{308129EF-0D96-4875-B25B-1E317B31BD6B}" = rport=139 | protocol=6 | dir=out | app=system |
"{309ED540-B357-4224-BF2D-EBE66B992D05}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B2283B6-92FD-4DA7-AE99-96D945227A2D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4732C770-692E-4144-809B-E6B02D4F616E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4C1E9C5D-535E-42DA-B690-4F389402D062}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{56CDD7B2-E430-44E5-B4B9-F6C6CF9B57A3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5E2AB8FF-1F69-470A-AB0D-9CC7309F4C19}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{65E6434A-9AA1-49D3-9C3E-82D409D661CA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{68BBA92C-9E7B-48D1-B16D-AE7AFF21D211}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{725B7296-E68D-429E-AFCF-8DCF1F3319EA}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7CD72E8F-6147-45AD-A601-FE0D6A51F1BD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{87EBCDF2-7F13-4A0A-BC9C-BC02F066A084}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8C763DA2-549C-434B-87BE-8372F0338F17}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8D0A70CD-95B2-436B-8E45-8CD79345B3B5}" = rport=138 | protocol=17 | dir=out | app=system |
"{92ABC8E3-9FE6-4103-8B42-7BDCAD9ECD38}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A459EADE-3E26-41BD-B824-9C5BF213F5E7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{ABFCD99E-482C-46FC-9E49-8E1C3BB179A3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AC8BFA8B-571C-490E-BEA7-34FE16A73D79}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6ACCEF1-DD28-4BA9-A402-3FA622391385}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BDBCEC6B-BEB8-4A29-BB40-2EB0039CDBC8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{C07B30CF-0583-4ACD-B789-71574F4F5B32}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C7C1FF93-866B-45A8-8E52-D77F51102367}" = rport=137 | protocol=17 | dir=out | app=system |
"{CC45C4BE-03E7-4FCA-9AA6-9D6B2804DAED}" = lport=137 | protocol=17 | dir=in | app=system |
"{D3D131A0-9052-4748-9CD0-EEF5E2CEDC9D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D5318AB9-BA26-4FF4-96B8-DDEE3C7E52FA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DCC636FE-14B0-4953-802C-66A68BD3B29A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E5A35A7A-163D-40D9-ACC3-E299ACA84093}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E6AC5A22-3991-4260-84FC-BE618BA555A9}" = lport=138 | protocol=17 | dir=in | app=system |
"{FA0F04D0-4FF8-4469-92A5-4BA5D8D9E372}" = rport=445 | protocol=6 | dir=out | app=system |
"{FDA8B9AF-D761-4218-8E3B-7A874DF2CE50}" = lport=445 | protocol=6 | dir=in | app=system |
"{FDC98435-732E-4ACE-9959-AB52C73AFA68}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0760CE14-99A7-44A5-A884-72B5EA081E9E}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{07CCC26A-9D3B-4BFC-8241-BFE8194D01BA}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{1512AC95-D559-4F55-8226-E081F7D227E6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1521CF27-0C4B-481E-BFB0-A3B350285CDD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{20210D77-52C9-4214-AB5F-64D230A9963F}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{222F7D4F-EDC7-436D-B886-97B46663C962}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{2D02385F-DD2D-4138-9A8B-2C6D8892ED0A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{39F89D0F-6AD0-4E81-A862-9B4784DE2156}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3D510862-C388-45E5-949F-5BC258AB6A06}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\live tv\qp.exe |
"{49CD750D-D603-4BA1-8F88-80E85E45870F}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{4C647ACF-D34C-4262-9ED3-29EA4678A4FB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4F5E3897-AF9C-44D0-A6CA-A44021CA9BEF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{54FBB541-7C24-4597-9F5C-C1E04816623E}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{59D7EEF3-2352-4D05-9ABD-08D2245A469A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{5C17EC10-8C0D-4868-A018-D6437DBEF007}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5FA85AD0-1C79-4BD8-8229-64760C775F7D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{627EA16A-63E6-4870-A992-4EA057E5557B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{6EA6AD43-19CD-48B4-9687-DA371E066A9C}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{72FC1F19-7437-4EEF-922D-DBE5A59328D6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{79B89C39-F1CC-464F-84B8-FB04E4AFB33B}" = protocol=6 | dir=out | app=system |
"{886851A4-D505-4832-AB69-A8A17FA48A0B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9874E8EB-8C21-481C-BA69-5C0DC277ABF8}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{9F5B2596-E356-4E5A-99C7-9553A76045E9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A1621C5F-C06C-4DBC-BE59-EEA77B0FF70C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2D1588A-2A1F-4685-B52C-1780D8D62B76}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{ABAEB175-E059-4991-9597-1DF36495ADE6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C03DB647-40BF-4AC6-8ED4-13BD81F499F8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C325E38F-0121-4579-A00A-BF069C83795C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D1719EEC-F365-493B-B9FE-4F10FF830B38}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{D22D51E2-2AD1-4A96-A7BA-CB3B4504406E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D4E4E98B-E370-48A0-89C6-EACFB3346AAB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DDFB874F-CA3D-41CD-A25E-D80ECB8CE55C}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{E0377C01-5B28-43F0-817E-08538CF8386B}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{ECBFCB92-A195-4EF0-96FD-44DC28E8E7A5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{EFBCAAFA-DC00-475A-AC9A-C7285FA81612}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{F36C2B93-A1FE-4DB7-98A4-10EFC0781FD9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F76CF122-C534-4A14-8356-F6073EBF5FB9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{FA414F6C-98A3-488D-8B0B-A1045B13823B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FD9DC3FD-BC98-4DF0-8F7E-7D706D1E2884}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\live tv\qpservice.exe |
"{FEDB36F4-1784-4EC9-923C-D7A3EF47177C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{BB0F0DE7-DEBA-40DC-9094-E50046742BA2}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{CCD059B9-6ACF-4463-B329-3FD0792C81BE}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6C47240C-016E-03B5-D13E-AECAED09F2E3}" = ATI Catalyst Install Manager
"{7FD7F421-39B2-4CAC-BC41-7D83DDBAB329}" = HP 3D DriveGuard
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{ADEB3402-CFBD-00E2-0EE6-F6A3F1AFACF0}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{09CC0D0E-061D-3C7B-3881-D2EB53A8AAFC}" = CCC Help Polish
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26606D8F-3133-DBE2-8AF5-AB28F300860A}" = CCC Help Chinese Standard
"{266D0EEA-E5A6-4A08-A0EE-5391D4EA44A7}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2EBA8202-FBD5-4004-81EA-BDC38C054CE2}" = HP User Guides 0153
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{33C17B75-EA9C-0687-9CED-03D92637B042}" = CCC Help Hungarian
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3FBDB7B8-7472-E895-2E5D-99D190B2D1B6}" = Catalyst Control Center InstallProxy
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant
"{5271C0D4-24E4-4C3D-A782-C012033FD3CF}" = AMD USB Filter Driver
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{546937C5-0529-333E-0D5E-FE3C53108806}" = CCC Help Japanese
"{55C70B62-5EF1-D527-7CAB-E50D8B3B4990}" = Catalyst Control Center Graphics Full New
"{577ED77E-25D9-1A76-4EF0-773B9C173758}" = CCC Help Portuguese
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5DB4EA68-A509-D408-585C-C9D045FADF72}" = Catalyst Control Center Graphics Previews Vista
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"{6D335F78-1F4F-7826-56DD-4F350EA6EADD}" = CCC Help Greek
"{6EF04EAE-0354-9919-E757-F1203E6F422B}" = CCC Help Italian
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{7028B245-30A2-BD8C-31B9-6008216FBDC2}" = CCC Help French
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779D3256-84D0-936F-18F9-A154DC85B4B4}" = Catalyst Control Center Localization All
"{7F4DA5B8-6884-47F2-AEBA-D9111E420C63}" = CCC Help Danish
"{7F9A8D27-A1B9-164F-FCB1-0B64C88629CF}" = CCC Help Norwegian
"{803263F7-8CAC-DC6D-3288-8128865A7472}" = CCC Help German
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CC47AA0-5774-61FC-6A59-7E1C936DB753}" = ccc-core-static
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}" = Windows Live Essentials
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A28867B-109A-5BBF-85C0-FC1BAA98CA1C}" = CCC Help Russian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8BCC9E4-9036-3029-F2BC-AA73A62DA73D}" = CCC Help Turkish
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor
"{B5C746E6-D961-445C-3768-5B6FAF6A1A31}" = CCC Help Spanish
"{C0769946-2CF1-9E8D-009B-5C413B3F01D1}" = CCC Help Czech
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C4F7EEE5-3D99-8552-7483-B2F412838B2A}" = Catalyst Control Center Graphics Previews Common
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D4C41D27-A2D5-94C6-1D08-3D470A12EAF0}" = CCC Help Swedish
"{D9D6A848-1BFD-592B-5F9D-0BA8692FDF0B}" = CCC Help Finnish
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DCD91C2F-3A86-B328-59A0-5EED6190D983}" = Catalyst Control Center Graphics Full Existing
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"{E5F5CAA5-84ED-DE41-40D0-8926FE7E5F4D}" = Catalyst Control Center Graphics Light
"{E6CE345D-BF83-1242-9E4D-3D60A5036D87}" = CCC Help English
"{EC155897-712F-5637-A5DA-6C7CE7CB5521}" = CCC Help Korean
"{F0580F64-44A1-C607-9364-887912B74F4D}" = CCC Help Thai
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{F3F9A4E5-CD9F-4657-CF99-5CE3F7729909}" = Catalyst Control Center Core Implementation
"{F5B1D41A-05B9-98E2-C350-E69D4A444CB4}" = CCC Help Chinese Traditional
"{FCF0F615-6E70-B949-028F-88D32C55C2BC}" = CCC Help Dutch
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AOL Toolbar" = AOL Toolbar 5.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"EasyBits Magic Desktop" = Magic Desktop
"ENTERPRISE" = Microsoft Office Enterprise 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"Mozilla Firefox 5.0.1 (x86 de)" = Mozilla Firefox 5.0.1 (x86 de)
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 07.02.2011 12:07:37 | Computer Name = Schöller-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 07.02.2011 12:08:15 | Computer Name = Schöller-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16700,
Zeitstempel: 0x4cd23213 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xd48 Startzeit der fehlerhaften Anwendung: 0x01cbc6e12d0c8c6d Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 77cfaed6-32d4-11e0-b5a3-00269e7dd7fd
Error - 07.02.2011 13:34:05 | Computer Name = Schöller-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 07.02.2011 13:34:05 | Computer Name = Schöller-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 08.02.2011 01:09:15 | Computer Name = Schöller-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 08.02.2011 01:09:15 | Computer Name = Schöller-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 08.02.2011 01:17:18 | Computer Name = Schöller-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 08.02.2011 01:17:18 | Computer Name = Schöller-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 08.02.2011 12:09:56 | Computer Name = Schöller-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 08.02.2011 12:09:56 | Computer Name = Schöller-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
[ Hewlett-Packard Events ]
Error - 24.07.2012 11:40:57 | Computer Name = Schöller-PC | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164HPSFMsgr.exe bei System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) bei System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) bei System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) bei System.Activator.CreateInstance(Type
type, Boolean nonPublic) bei HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar()
StackTrace:
bei System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
bei System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
bei System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) bei System.Activator.CreateInstance(Type type, Boolean nonPublic)
bei HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar() Source: mscorlib Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: de-DE RAM: 4092 Ram
Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)
Error - 24.07.2012 11:50:31 | Computer Name = Schöller-PC | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 bei System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) bei System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) bei System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) bei System.Activator.CreateInstance(Type
type, Boolean nonPublic) bei HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
bei System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
bei System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
bei System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) bei System.Activator.CreateInstance(Type type, Boolean nonPublic)
bei HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib
Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: de-DE RAM: 4092 Ram
Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)
Error - 24.07.2012 11:50:32 | Computer Name = Schöller-PC | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164HPSFMsgr.exe bei System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) bei System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) bei System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) bei System.Activator.CreateInstance(Type
type, Boolean nonPublic) bei HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar()
StackTrace:
bei System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
bei System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
bei System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) bei System.Activator.CreateInstance(Type type, Boolean nonPublic)
bei HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar() Source: mscorlib Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: de-DE RAM: 4092 Ram
Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)
Error - 24.07.2012 12:29:45 | Computer Name = Schöller-PC | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 bei System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) bei System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) bei System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) bei System.Activator.CreateInstance(Type
type, Boolean nonPublic) bei HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
bei System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
bei System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
bei System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) bei System.Activator.CreateInstance(Type type, Boolean nonPublic)
bei HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib
Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: de-DE RAM: 4092 Ram
Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)
Error - 24.07.2012 12:29:46 | Computer Name = Schöller-PC | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164HPSFMsgr.exe bei System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) bei System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) bei System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) bei System.Activator.CreateInstance(Type
type, Boolean nonPublic) bei HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar()
StackTrace:
bei System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
bei System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
bei System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) bei System.Activator.CreateInstance(Type type, Boolean nonPublic)
bei HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar() Source: mscorlib Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: de-DE RAM: 4092 Ram
Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)
Error - 24.07.2012 12:45:58 | Computer Name = Schöller-PC | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 bei System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) bei System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) bei System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) bei System.Activator.CreateInstance(Type
type, Boolean nonPublic) bei HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
bei System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
bei System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
bei System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) bei System.Activator.CreateInstance(Type type, Boolean nonPublic)
bei HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib
Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: de-DE RAM: 4092 Ram
Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)
Error - 24.07.2012 12:46:01 | Computer Name = Schöller-PC | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164HPSFMsgr.exe bei System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) bei System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) bei System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) bei System.Activator.CreateInstance(Type
type, Boolean nonPublic) bei HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar()
StackTrace:
bei System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
bei System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
bei System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) bei System.Activator.CreateInstance(Type type, Boolean nonPublic)
bei HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar() Source: mscorlib Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: de-DE RAM: 4092 Ram
Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)
Error - 24.07.2012 13:05:46 | Computer Name = Schöller-PC | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 bei System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) bei System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) bei System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) bei System.Activator.CreateInstance(Type
type, Boolean nonPublic) bei HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
bei System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
bei System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
bei System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) bei System.Activator.CreateInstance(Type type, Boolean nonPublic)
bei HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib
Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: de-DE RAM: 4092 Ram
Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)
Error - 24.07.2012 13:05:48 | Computer Name = Schöller-PC | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164HPSFMsgr.exe bei System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) bei System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) bei System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) bei System.Activator.CreateInstance(Type
type, Boolean nonPublic) bei HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar()
StackTrace:
bei System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
bei System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
bei System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) bei System.Activator.CreateInstance(Type type, Boolean nonPublic)
bei HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar() Source: mscorlib Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: de-DE RAM: 4092 Ram
Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)
Error - 24.07.2012 13:44:21 | Computer Name = Schöller-PC | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 bei System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) bei System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) bei System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) bei System.Activator.CreateInstance(Type
type, Boolean nonPublic) bei HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
bei System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)
bei System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)
bei System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) bei System.Activator.CreateInstance(Type type, Boolean nonPublic)
bei HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib
Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: de-DE RAM: 4092 Ram
Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)
[ Media Center Events ]
Error - 06.12.2009 14:58:35 | Computer Name = Schöller-PC | Source = MCUpdate | ID = 0
Description = 19:58:35 - Fehler beim Herstellen der Internetverbindung. 19:58:35
- Serververbindung konnte nicht hergestellt werden..
Error - 07.12.2009 01:41:57 | Computer Name = Schöller-PC | Source = MCUpdate | ID = 0
Description = 06:41:57 - Fehler beim Herstellen der Internetverbindung. 06:41:57
- Serververbindung konnte nicht hergestellt werden..
Error - 08.12.2009 00:41:35 | Computer Name = Schöller-PC | Source = MCUpdate | ID = 0
Description = 05:41:30 - Broadband konnte nicht abgerufen werden (Fehler: Timeout
für Vorgang überschritten)
Error - 13.12.2009 00:05:17 | Computer Name = Schöller-PC | Source = MCUpdate | ID = 0
Description = 05:05:15 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
Error - 14.12.2009 13:35:00 | Computer Name = Schöller-PC | Source = MCUpdate | ID = 0
Description = 18:35:00 - Fehler beim Herstellen der Internetverbindung. 18:35:00
- Serververbindung konnte nicht hergestellt werden..
Error - 17.12.2009 03:09:49 | Computer Name = Schöller-PC | Source = MCUpdate | ID = 0
Description = 08:09:41 - Broadband konnte nicht abgerufen werden (Fehler: Timeout
für Vorgang überschritten)
Error - 18.12.2009 05:40:10 | Computer Name = Schöller-PC | Source = MCUpdate | ID = 0
Description = 10:40:06 - Broadband konnte nicht abgerufen werden (Fehler: Die Verbindung
mit dem Remoteserver kann nicht hergestellt werden.)
Error - 18.12.2009 06:43:40 | Computer Name = Schöller-PC | Source = MCUpdate | ID = 0
Description = 11:43:39 - Broadband konnte nicht abgerufen werden (Fehler: Invalid
security token.)
Error - 27.12.2009 04:59:00 | Computer Name = Schöller-PC | Source = MCUpdate | ID = 0
Description = 09:59:00 - ClientUpdate konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
Error - 27.12.2009 04:59:25 | Computer Name = Schöller-PC | Source = MCUpdate | ID = 0
Description = 09:59:25 - MCESpotlight konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
[ OSession Events ]
Error - 23.12.2011 14:30:34 | Computer Name = Schöller-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 25 seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 24.07.2012 12:12:19 | Computer Name = Schöller-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Easybits Shared Services for Windows" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
Error - 24.07.2012 12:19:45 | Computer Name = Schöller-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 24.07.2012 12:25:38 | Computer Name = Schöller-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 24.07.2012 12:26:54 | Computer Name = Schöller-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
Error - 24.07.2012 12:43:24 | Computer Name = Schöller-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
Error - 24.07.2012 12:46:17 | Computer Name = Schöller-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Easybits Shared Services for Windows" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
Error - 24.07.2012 12:56:57 | Computer Name = Schöller-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 24.07.2012 13:02:18 | Computer Name = Schöller-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 24.07.2012 13:03:11 | Computer Name = Schöller-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
Error - 24.07.2012 13:41:56 | Computer Name = Schöller-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Defender" wurde mit folgendem Fehler beendet:
%%126
< End of report >
Vielleicht können Sie mir mit dieser Information weiterhelfen und ich hoffe das ich nichts schlimmer gemacht habe als es schon ist.
Grüße Lukas |
