Vielen Dank für die schnelle Antwort :-)
Ich habe Deine Schritte befolgt und hier sind die Ergebnisse
Malwarebytes Anti-Rootkit log 1: Zitat:
Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org
Database version: v2012.12.11.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
hecklau :: HECKLAUJ02 [administrator]
11.12.2012 17:59:00
mbar-log-2012-12-11 (17-59-00).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31271
Time elapsed: 31 minute(s), 28 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 7
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BrowserCompanion (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Delete on reboot.
Registry Values Detected: 6
HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\BASE64|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\CHROME|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\PROTOCOLS\HANDLER\PROX|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\PROTOCOLS\HANDLER\BASE64|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\PROTOCOLS\HANDLER\CHROME|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\CLASSES\PROTOCOLS\HANDLER\PROX|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Delete on reboot.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 4
C:\Program Files (x86)\BrowserCompanion (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache (PUP.Blabbers) -> Delete on reboot.
Files Detected: 105
C:\Users\hecklau\AppData\Local\Temp\blabbers-ff-le.xpi (PUP.Blabbers) -> Delete on reboot.
C:\Program Files (x86)\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Delete on reboot.
C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Delete on reboot.
C:\Program Files (x86)\BrowserCompanion\logo.ico (PUP.Blabbers) -> Delete on reboot.
C:\Program Files (x86)\BrowserCompanion\terms.lnk.url (PUP.Blabbers) -> Delete on reboot.
C:\Program Files (x86)\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Delete on reboot.
C:\Program Files (x86)\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> Delete on reboot.
C:\Program Files (x86)\BrowserCompanion\updater.ini (PUP.Blabbers) -> Delete on reboot.
C:\Program Files (x86)\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\fix2.js (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\fix3.js (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\fix4.js (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\icon.png (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\lock.js (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\witapi.js (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\witmain.js (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\0984d4fababb5d92394dc5b39b700075_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\150b7566b7871fb6e0ef44753d0c6dc3_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\1bb25568f8455e74906142466f792c87_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\1bcf5a8f2429c4942ad539ef2c5df336 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\1bcf5a8f2429c4942ad539ef2c5df336_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\231785d024a11371bfc94ffff0a4b741_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\253712f62fa354f36c490a3f42ba9bfc_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\286965653b415f505622ea74d2bd3bbe_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\a6d4447986c4e442d92ed00b149c14f3_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\a74277a9a3c0203a3093f810f43fbc11 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\a74277a9a3c0203a3093f810f43fbc11_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\a95092a9bd34f5cfc98f78ca74502f36_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\aa36bceec49c832079e270icmc219ats (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\b3688636ecfdc491aea728939c15f43e_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\b5080fd498f4580cd85cbf8ff41766c5_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\5f4ce27504a73ff97d1936c597c769e5 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\5f4ce27504a73ff97d1936c597c769e5_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\62cce7d26ab5636bceb113b988d56c59_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\6496a43cad388e4b78f1ecce8fcffc27_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\6d091eb0bf44b762a039ee138e6b165c_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\6d4100dc97e9abad47303e5e0d38b2b6_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\6f8b3140943075f95ae0c74c1a13b752_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\6ff6ea009817b27df633b37777d528cd (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\6ff6ea009817b27df633b37777d528cd_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\897979c67bed116efad1a04f5f229ecd_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\8a8dc36effa0a0300d6fb1a383936a49 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\8a8dc36effa0a0300d6fb1a383936a49_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\8fd0e5f2c42f56c41599ca329ef70350_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\e9e14a99847657c53e1cc29cc55ab7af_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\ece5f266221b5245c6e3d7e27ddee963 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\ece5f266221b5245c6e3d7e27ddee963_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\ece71b71690fad200cbed95871ef4bb2 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\ece71b71690fad200cbed95871ef4bb2_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\eeab68dd74d26245087956fb3caf6937_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\8ffbb13aa6f702b0cafab391f90d1db7_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\92014bb7f6462cb491e652ca4941f1d2 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\92014bb7f6462cb491e652ca4941f1d2_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\9c2afdb0a6d9bf59b300144154b58c67_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\9c86b973456448ae01f1cbc0d6cf607a_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\a227f4517bd7937e697182f46906a6b4_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\8ffbb13aa6f702b0cafab391f90d1db7 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\e02b35320e5111f1b626466c13c70a0a (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\c6d8337e4b016a68fdbb60b29e7d254d (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\c6d8337e4b016a68fdbb60b29e7d254d_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\d5747e13728fd7df356bc13545143ea6_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\d6418e300158fb16d8396d122d4b423b_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\d965aead622233a60676ef2349956f38_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\ddedfe6ede02f148caf19a2dec7f877d_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\2a86ac4f3322238b4f27d14a09839275 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\2a86ac4f3322238b4f27d14a09839275_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\2e0dda2d2281da01c330dc3e12b45a9d_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\38207d71d9cc86fb6daebc118ce6286c_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\4713e82e27fb9719d76577d1585acb00_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\477f5134e73f0099219c494cb23f6657_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\e02b35320e5111f1b626466c13c70a0a_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\e3cd5b2c64ca319aadec7c28c6c6feba_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\e6c109bf52ef89fe99f9a9379617ab0e_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\e72174145ae7671ff95578a2089c26b2 (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\e72174145ae7671ff95578a2089c26b2_expire (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\e7395ccc0c22b2cca7bf3e0c7db4d8a6_DE (PUP.Blabbers) -> Delete on reboot.
C:\Users\hecklau\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271 (PUP.Blabbers) -> Delete on reboot.
(end)
| Malwarebytes Anti-Rootkit log 2: Zitat:
Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org
Database version: v2012.12.12.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
hecklau :: HECKLAUJ02 [administrator]
12.12.2012 11:17:08
mbar-log-2012-12-12 (11-17-08).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31058
Time elapsed: 16 minute(s), 44 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
OTL Logfile: Code:
OTL logfile created on: 12.12.2012 11:26:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\hecklau\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,88 Gb Total Physical Memory | 5,91 Gb Available Physical Memory | 74,93% Memory free
15,77 Gb Paging File | 13,47 Gb Available in Paging File | 85,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 75,00 Gb Total Space | 16,63 Gb Free Space | 22,18% Space Free | Partition Type: NTFS
Drive D: | 222,99 Gb Total Space | 76,60 Gb Free Space | 34,35% Space Free | Partition Type: NTFS
Drive G: | 111,57 Gb Total Space | 32,07 Gb Free Space | 28,75% Space Free | Partition Type: NTFS
Drive H: | 117,19 Gb Total Space | 12,72 Gb Free Space | 10,86% Space Free | Partition Type: NTFS
Drive I: | 546,48 Gb Total Space | 60,72 Gb Free Space | 11,11% Space Free | Partition Type: NTFS
Drive K: | 279,37 Gb Total Space | 25,38 Gb Free Space | 9,08% Space Free | Partition Type: NTFS
Drive M: | 546,48 Gb Total Space | 4,11 Gb Free Space | 0,75% Space Free | Partition Type: NTFS
Drive N: | 546,48 Gb Total Space | 60,72 Gb Free Space | 11,11% Space Free | Partition Type: NTFS
Drive O: | 546,48 Gb Total Space | 4,11 Gb Free Space | 0,75% Space Free | Partition Type: NTFS
Drive P: | 950,00 Gb Total Space | 180,55 Gb Free Space | 19,00% Space Free | Partition Type: NTFS
Drive Q: | 950,00 Gb Total Space | 180,55 Gb Free Space | 19,00% Space Free | Partition Type: NTFS
Drive R: | 546,48 Gb Total Space | 4,11 Gb Free Space | 0,75% Space Free | Partition Type: NTFS
Drive S: | 950,00 Gb Total Space | 180,55 Gb Free Space | 19,00% Space Free | Partition Type: NTFS
Drive T: | 546,48 Gb Total Space | 4,11 Gb Free Space | 0,75% Space Free | Partition Type: NTFS
Drive U: | 136,62 Gb Total Space | 42,07 Gb Free Space | 30,79% Space Free | Partition Type: NTFS
Computer Name: HECKLAUJ02 | User Name: hecklau | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found
PRC - C:\Users\hecklau\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\rpcnet.exe (Absolute Software Corp.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\hecklau\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
PRC - D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - D:\Programme\Synergy\synergys.exe ()
PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - D:\Programme\VMware\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - D:\Programme\Software4u\iPhone Explorer\Software4u.IPELauncher.exe (Marx Softwareentwicklung - www.software4u.de)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe (Trend Micro Inc.)
PRC - d:\Programme\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - d:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - D:\Programme\CheckPoint\Endpoint Connect\TracSrvWrapper.exe (Check Point Software Technologies)
PRC - D:\Programme\CheckPoint\Endpoint Connect\TrGUI.exe (Check Point Software Technologies)
PRC - D:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\SwyxIt!\ODialer.exe (Swyx Solutions)
PRC - C:\Program Files (x86)\SwyxIt!\CLMgr.exe (Swyx Solutions)
PRC - C:\Program Files (x86)\SwyxIt!\SwyxIt!.exe (Swyx Solutions)
PRC - D:\Programme\UltraEdit\uedit32.exe (IDM Computer Solutions, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\cf840dca36a7b949696ce331d0532d3e\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()
MOD - C:\Users\hecklau\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
MOD - D:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\IpPbxCDSSharedLib\6.20.0.430__cf78dfa0a74454f8\IpPbxCDSSharedLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Xceed.Compression\3.7.8113.16100__ba83ff368b7563c6\Xceed.Compression.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\IpPbxWin32\1.0.0.2__cf78dfa0a74454f8\IpPbxWin32.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\IpPbxTracing\1.0.0.0__cf78dfa0a74454f8\IpPbxTracing.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Microsoft.Web.Services3\3.0.0.0__31bf3856ad364e35\Microsoft.Web.Services3.dll ()
MOD - D:\Programme\Software4u\iPhone Explorer\Software4u.IPhoneLib.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - D:\Programme\CheckPoint\Endpoint Connect\imageformats\qgif4.dll ()
MOD - D:\Programme\CheckPoint\Endpoint Connect\QtGui4.dll ()
MOD - D:\Programme\CheckPoint\Endpoint Connect\QtCore4.dll ()
MOD - C:\Program Files (x86)\SwyxIt!\SPLicense.dll ()
MOD - C:\Program Files (x86)\SwyxIt!\PlantronicsDeviceEventSink.dll ()
MOD - C:\Program Files (x86)\SwyxIt!\IpPbxCDSClientLib.XmlSerializers.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Configuration.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Configuration.resources.dll ()
========== Services (SafeList) ==========
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (rpcnet) -- C:\Windows\SysWOW64\rpcnet.exe (Absolute Software Corp.)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Synergy Server) -- D:\Programme\Synergy\synergys.exe ()
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMAuthdService) -- D:\Programme\VMware\vmware-authd.exe (VMware, Inc.)
SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (VmbService) -- D:\Programme\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (tmlisten) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe (Trend Micro Inc.)
SRV - (ntrtscan) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe (Trend Micro Inc.)
SRV - (MSSQLSERVER) -- d:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (MSSQL$TEST) -- d:\Programme\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (TracSrvWrapper) -- D:\Programme\CheckPoint\Endpoint Connect\TracSrvWrapper.exe (Check Point Software Technologies)
SRV - (TmProxy) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmProxy.exe (Trend Micro Inc.)
SRV - (CVPND) -- D:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (InstallFilterService) -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (TmFilter) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys (Trend Micro Inc.)
DRV - (TmPreFilter) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys (Trend Micro Inc.)
DRV - (VSApiNt) -- C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys (Trend Micro Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1601906125-279381933-2032345518-14107\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
IE - HKU\S-1-5-21-1601906125-279381933-2032345518-14107\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1601906125-279381933-2032345518-14107\..\SearchScopes,DefaultScope = {4327FABE-3C22-4689-8DBF-D226CF777FE9}
IE - HKU\S-1-5-21-1601906125-279381933-2032345518-14107\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
IE - HKU\S-1-5-21-1601906125-279381933-2032345518-14107\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1601906125-279381933-2032345518-14107\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Plus! Network"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig"
FF - prefs.js..extensions.enabledAddons: coralietab@mozdev.org:2.04.20110724
FF - prefs.js..extensions.enabledAddons: foxyproxy@eric.h.jung:4.1
FF - prefs.js..extensions.enabledAddons: {dc572301-7619-498c-a57d-39143191b318}:0.4.0.3.1
FF - prefs.js..extensions.enabledAddons: bbrs_002@blabbers.com:1.0.5
FF - prefs.js..extensions.enabledAddons: ffe_ff3aeroff4@game-point.net:2.0.1
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:3.6.2
FF - prefs.js..extensions.enabledItems: coralietab@mozdev.org:2.04.20110724
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.7
FF - prefs.js..extensions.enabledItems: ff-bmboc@bytemobile.com:4.2.2
FF - prefs.js..extensions.enabledItems: {269e35b1-cdde-11de-8a39-0800200c9a67}:0.3.3
FF - prefs.js..extensions.enabledItems: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}:0.7.2
FF - prefs.js..keyword.URL: "hxxp://www.searchplusnetwork.com/?sp=vit4&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: D:\Programme\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ [2012.04.13 15:05:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.19 12:06:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: D:\Programme\Mozilla Firefox\components [2012.06.22 08:37:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins [2012.08.16 07:53:23 | 000,000,000 | ---D | M]
[2012.04.10 14:46:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\Extensions
[2012.12.03 17:52:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\Firefox\Profiles\g33a8ykm.default\extensions
[2012.04.13 14:56:28 | 000,000,000 | ---D | M] (MacOSX Theme) -- C:\Users\hecklau\AppData\Roaming\mozilla\Firefox\Profiles\g33a8ykm.default\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}
[2012.04.13 14:55:39 | 000,000,000 | ---D | M] (Netfox) -- C:\Users\hecklau\AppData\Roaming\mozilla\Firefox\Profiles\g33a8ykm.default\extensions\{269e35b1-cdde-11de-8a39-0800200c9a67}
[2012.07.31 08:56:25 | 000,000,000 | ---D | M] (FT GraphiteGlow) -- C:\Users\hecklau\AppData\Roaming\mozilla\Firefox\Profiles\g33a8ykm.default\extensions\{99e34760-2754-11e0-91fa-0800200c9a66}
[2012.08.22 17:07:46 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\hecklau\AppData\Roaming\mozilla\Firefox\Profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com
[2012.04.13 14:45:52 | 000,000,000 | ---D | M] (IE Tab +) -- C:\Users\hecklau\AppData\Roaming\mozilla\Firefox\Profiles\g33a8ykm.default\extensions\coralietab@mozdev.org
[2012.11.23 17:33:41 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\hecklau\AppData\Roaming\mozilla\Firefox\Profiles\g33a8ykm.default\extensions\foxyproxy@eric.h.jung
[2012.07.31 08:53:18 | 000,827,050 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\ffe_ff3aeroff4@game-point.net.xpi
[2012.12.03 17:52:24 | 000,710,866 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2012.12.02 11:26:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire
[2012.12.11 11:59:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire
[2012.12.11 11:59:56 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2a86ac4f3322238b4f27d14a09839275_expire
[2012.12.12 10:53:46 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9_expire
[2012.12.10 11:38:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire
[2012.10.22 11:04:56 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5f4ce27504a73ff97d1936c597c769e5_expire
[2012.12.12 11:17:51 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\6ff6ea009817b27df633b37777d528cd_expire
[2012.12.11 11:59:56 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\8a8dc36effa0a0300d6fb1a383936a49_expire
[2012.11.27 10:49:31 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\8ffbb13aa6f702b0cafab391f90d1db7_expire
[2012.11.21 13:55:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\92014bb7f6462cb491e652ca4941f1d2_expire
[2012.12.12 10:53:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire
[2012.12.11 11:59:55 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc_expire
[2012.12.11 11:59:54 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\bf73732e1f0b76bac435293ba3880579_expire
[2012.10.30 10:26:43 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\c6d8337e4b016a68fdbb60b29e7d254d_expire
[2012.10.29 09:16:33 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire
[2012.12.11 11:59:56 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\d89bfd841403290d610bcf662008b443_expire
[2012.10.30 09:03:20 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\df4525cd4117d8ae1c7453b139759242_expire
[2012.11.20 10:44:00 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e72174145ae7671ff95578a2089c26b2_expire
[2012.12.11 11:59:55 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire
[2012.11.20 10:44:00 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece5f266221b5245c6e3d7e27ddee963_expire
[2012.10.22 11:04:56 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece71b71690fad200cbed95871ef4bb2_expire
[2012.12.11 11:59:55 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire
[2012.12.10 11:38:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire
[2012.12.10 11:38:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire
[2012.08.22 17:07:46 | 000,002,792 | ---- | M] () -- C:\Users\hecklau\AppData\Roaming\mozilla\firefox\profiles\g33a8ykm.default\searchplugins\Plusnetwork.xml
[2012.03.29 09:05:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.03.29 09:05:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012.07.30 10:53:24 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMME\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2012.03.13 05:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.03.13 06:23:34 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.13 06:06:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.03.13 06:23:34 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.13 06:23:34 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.13 06:23:34 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.13 06:23:34 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Check Point Endpoint Security] D:\Programme\CheckPoint\Endpoint Connect\TrGUI.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [MobileBroadband] D:\Programme\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [OfficeScanNT Monitor] C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Synergy] D:/Programme/Synergy/synergy.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1601906125-279381933-2032345518-14107..\Run: [DAEMON Tools Lite] D:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1601906125-279381933-2032345518-14107..\Run: [iPhone Explorer Launcher] D:\Programme\Software4u\iPhone Explorer\Software4u.IPELauncher.exe (Marx Softwareentwicklung - www.software4u.de)
O4 - HKU\S-1-5-21-68118334-1497826446-2629867153-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Z1] C:\Users\hecklau\Desktop\mbar-1.01.0.1011\mbar\mbar.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-68118334-1497826446-2629867153-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\hecklau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\hecklau\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1601906125-279381933-2032345518-14107\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Markierte Rufnummer/URI wählen - C:\Program Files (x86)\SwyxIt!\IEDial.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: SwyxIt! Wählhilfe - {F8E553C6-4C00-11D3-80BC-00105A653379} - C:\Program Files (x86)\SwyxIt!\IEDial.htm ()
O9 - Extra 'Tools' menuitem : SwyxIt! Wählhilfe - {F8E553C6-4C00-11D3-80BC-00105A653379} - C:\Program Files (x86)\SwyxIt!\IEDial.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1601906125-279381933-2032345518-14107\..Trusted Ranges: Range1 ([https] in Vertrauenswürdige Sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB (DellSystem.Scanner)
O16 - DPF: {C861B75F-EE32-4AA4-B610-281AF26A8D1C} https://vpn.seeburger.de/+CSCOL+/cscopf.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CC679CB8-DC4B-458B-B817-D447B3B6AC31} https://213.211.239.30/CACHE/stc/1/binaries/vpnweb.cab (Cisco AnyConnect Secure Mobility Client Web Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.66 10.0.0.68
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = seeburger.de
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93D81343-5FB2-474E-952F-9970D57B7C90}: DhcpNameServer = 10.0.0.66 10.0.0.68
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C9452D8E-37B4-4949-8D4A-C998A832E352}: DhcpNameServer = 139.7.30.126 139.7.30.125
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.06.17 16:15:47 | 000,000,000 | ---D | M] - N:\Automotive -- [ NTFS ]
O32 - AutoRun File - [2012.03.14 14:19:37 | 000,000,000 | ---D | M] - O:\Automotive -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.12 11:20:20 | 015,728,568 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.12.12 09:38:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
[2012.12.12 09:38:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell
[2012.12.12 09:37:36 | 000,000,000 | ---D | C] -- C:\Windows\{69093D49-3DD1-4FB5-A378-0D4DB4CF86EA}
[2012.12.11 17:37:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\hecklau\Desktop\OTL.exe
[2012.12.11 17:26:24 | 000,000,000 | ---D | C] -- C:\Users\hecklau\Desktop\mbar-1.01.0.1011
[2012.12.10 14:45:38 | 000,000,000 | ---D | C] -- C:\Users\hecklau\AppData\Roaming\Malwarebytes
[2012.12.10 14:45:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.12.10 14:45:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.10 14:45:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.11.30 15:52:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012.11.30 15:49:57 | 000,000,000 | ---D | C] -- C:\Users\hecklau\AppData\Local\Google
[2012.11.30 15:49:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012.11.16 17:45:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.11.16 17:45:07 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.11.16 17:45:06 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.11.16 17:45:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.11.16 17:45:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.11.16 17:45:05 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.11.16 09:30:38 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.11.16 09:30:24 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.11.16 09:30:23 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.11.16 09:30:23 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.11.16 09:30:18 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.11.14 12:11:16 | 000,000,000 | ---D | C] -- C:\Users\hecklau\flexdock
[2012.11.14 11:54:45 | 000,000,000 | ---D | C] -- C:\Users\hecklau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JasperSoft
[2012.11.14 11:54:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JasperSoft
[2012.11.13 13:07:39 | 000,000,000 | ---D | C] -- C:\Users\hecklau\.netbeans
[2012.11.13 13:07:37 | 000,000,000 | ---D | C] -- C:\Users\hecklau\.ireport
[2012.11.13 13:05:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Jaspersoft
[2012.11.13 12:36:44 | 000,000,000 | ---D | C] -- C:\Users\hecklau\.xmldog
[2012.11.13 11:48:17 | 000,000,000 | ---D | C] -- C:\Users\hecklau\.easyxmleditor
[2012.11.13 11:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy XML Editor
[2012.11.13 11:48:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy XML Editor
[2012.11.13 11:43:00 | 000,000,000 | ---D | C] -- C:\Users\hecklau\Application Data
[2012.11.13 11:35:40 | 000,000,000 | ---D | C] -- C:\Office Samples
[2012.11.13 11:25:46 | 000,000,000 | ---D | C] -- C:\Users\hecklau\AppData\Roaming\com.oxygenxml
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.12.12 11:20:29 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.12 11:20:27 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.12.12 11:20:27 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.12.12 11:20:20 | 015,728,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012.12.12 11:17:27 | 000,010,531 | ---- | M] () -- C:\Windows\uedit32.INI
[2012.12.12 10:59:53 | 000,000,143 | RHS- | M] () -- C:\ProgramData\3002.xml
[2012.12.12 10:59:51 | 000,008,906 | ---- | M] () -- C:\Windows\cfgall.ini
[2012.12.12 10:57:47 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.12 10:57:17 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
[2012.12.12 10:57:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.12 10:56:55 | 2053,844,991 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.12 10:55:01 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.12 10:40:59 | 000,002,450 | -H-- | M] () -- C:\Users\hecklau\Documents\Default.rdp
[2012.12.11 17:37:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\hecklau\Desktop\OTL.exe
[2012.12.11 17:25:39 | 013,485,902 | ---- | M] () -- C:\Users\hecklau\Desktop\mbar-1.01.0.1011.zip
[2012.12.11 16:45:11 | 000,003,333 | ---- | M] () -- C:\Users\hecklau\Desktop\Netviewer_Support_Sessions_2041060.csv
[2012.12.11 15:14:58 | 053,599,515 | ---- | M] () -- C:\Users\hecklau\Desktop\2012_12_11 14_39_32_865.nvl
[2012.12.11 14:36:25 | 035,966,137 | ---- | M] () -- C:\Users\hecklau\Desktop\2012_12_11 14_09_40_451.nvl
[2012.12.10 14:45:34 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.21 09:24:02 | 000,002,052 | RHS- | M] () -- C:\Users\hecklau\ntuser.pol
[2012.11.16 15:34:09 | 000,001,344 | ---- | M] () -- C:\Users\hecklau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
[2012.11.14 16:15:10 | 725,052,523 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.11.14 12:43:41 | 000,001,268 | ---- | M] () -- C:\Users\Public\Desktop\iReport-4.7.0.lnk
[2012.11.14 11:54:45 | 000,001,186 | ---- | M] () -- C:\Users\hecklau\Desktop\iReport-2.0.2.lnk
[2012.11.13 11:48:13 | 000,001,085 | ---- | M] () -- C:\Users\hecklau\Desktop\Easy XML Editor.lnk
[2012.11.13 11:48:13 | 000,001,053 | ---- | M] () -- C:\Users\hecklau\Desktop\XML Dog.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.11 17:26:15 | 013,485,902 | ---- | C] () -- C:\Users\hecklau\Desktop\mbar-1.01.0.1011.zip
[2012.12.11 14:39:32 | 053,599,515 | ---- | C] () -- C:\Users\hecklau\Desktop\2012_12_11 14_39_32_865.nvl
[2012.12.11 14:09:40 | 035,966,137 | ---- | C] () -- C:\Users\hecklau\Desktop\2012_12_11 14_09_40_451.nvl
[2012.12.10 14:45:34 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.30 15:50:12 | 000,001,112 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.30 15:50:08 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.19 13:50:05 | 000,003,333 | ---- | C] () -- C:\Users\hecklau\Desktop\Netviewer_Support_Sessions_2041060.csv
[2012.11.14 12:43:41 | 000,001,268 | ---- | C] () -- C:\Users\Public\Desktop\iReport-4.7.0.lnk
[2012.11.14 11:54:45 | 000,001,186 | ---- | C] () -- C:\Users\hecklau\Desktop\iReport-2.0.2.lnk
[2012.11.13 11:48:13 | 000,001,085 | ---- | C] () -- C:\Users\hecklau\Desktop\Easy XML Editor.lnk
[2012.11.13 11:48:13 | 000,001,053 | ---- | C] () -- C:\Users\hecklau\Desktop\XML Dog.lnk
[2012.08.29 14:54:37 | 000,000,143 | RHS- | C] () -- C:\ProgramData\3002.xml
[2012.08.22 17:13:48 | 000,000,040 | ---- | C] () -- C:\Users\hecklau\AppData\Roaming\cdr.ini
[2012.06.07 14:33:40 | 000,007,610 | ---- | C] () -- C:\Users\hecklau\AppData\Local\Resmon.ResmonCfg
[2012.06.07 09:53:40 | 000,011,904 | RHS- | C] () -- C:\ProgramData\3002.abs
[2012.06.01 12:40:59 | 000,017,776 | ---- | C] () -- C:\Windows\EvtMessage.dll
[2012.05.30 11:39:21 | 000,129,024 | ---- | C] () -- C:\Windows\RegBootClean64.exe
[2012.05.30 11:39:20 | 000,102,400 | ---- | C] () -- C:\Windows\RegBootClean.exe
[2012.05.14 15:14:50 | 000,010,531 | ---- | C] () -- C:\Windows\uedit32.INI
[2012.04.11 07:57:45 | 001,984,860 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.04.10 13:47:15 | 000,002,052 | RHS- | C] () -- C:\Users\hecklau\ntuser.pol
[2012.03.29 09:25:13 | 000,008,906 | ---- | C] () -- C:\Windows\cfgall.ini
[2012.03.29 08:52:57 | 000,002,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.03.28 07:17:40 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2012.03.28 07:16:28 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.exe
[2012.01.31 15:07:54 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.01.31 15:07:52 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.01.31 15:07:50 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.01.31 15:07:47 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.01.31 15:07:44 | 013,906,944 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.04.18 14:39:56 | 000,226,364 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 12.12.2012 11:26:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\hecklau\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,88 Gb Total Physical Memory | 5,91 Gb Available Physical Memory | 74,93% Memory free
15,77 Gb Paging File | 13,47 Gb Available in Paging File | 85,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 75,00 Gb Total Space | 16,63 Gb Free Space | 22,18% Space Free | Partition Type: NTFS
Drive D: | 222,99 Gb Total Space | 76,60 Gb Free Space | 34,35% Space Free | Partition Type: NTFS
Drive G: | 111,57 Gb Total Space | 32,07 Gb Free Space | 28,75% Space Free | Partition Type: NTFS
Drive H: | 117,19 Gb Total Space | 12,72 Gb Free Space | 10,86% Space Free | Partition Type: NTFS
Drive I: | 546,48 Gb Total Space | 60,72 Gb Free Space | 11,11% Space Free | Partition Type: NTFS
Drive K: | 279,37 Gb Total Space | 25,38 Gb Free Space | 9,08% Space Free | Partition Type: NTFS
Drive M: | 546,48 Gb Total Space | 4,11 Gb Free Space | 0,75% Space Free | Partition Type: NTFS
Drive N: | 546,48 Gb Total Space | 60,72 Gb Free Space | 11,11% Space Free | Partition Type: NTFS
Drive O: | 546,48 Gb Total Space | 4,11 Gb Free Space | 0,75% Space Free | Partition Type: NTFS
Drive P: | 950,00 Gb Total Space | 180,55 Gb Free Space | 19,00% Space Free | Partition Type: NTFS
Drive Q: | 950,00 Gb Total Space | 180,55 Gb Free Space | 19,00% Space Free | Partition Type: NTFS
Drive R: | 546,48 Gb Total Space | 4,11 Gb Free Space | 0,75% Space Free | Partition Type: NTFS
Drive S: | 950,00 Gb Total Space | 180,55 Gb Free Space | 19,00% Space Free | Partition Type: NTFS
Drive T: | 546,48 Gb Total Space | 4,11 Gb Free Space | 0,75% Space Free | Partition Type: NTFS
Drive U: | 136,62 Gb Total Space | 42,07 Gb Free Space | 30,79% Space Free | Partition Type: NTFS
Computer Name: HECKLAUJ02 | User Name: hecklau | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.ini [@ = UltraEdit.ini] -- "F:\Laufwerk_C\Programme\UltraEdit\uedit32.exe" "%1"
.js [@ = UltraEdit.js] -- "F:\Laufwerk_C\Programme\UltraEdit\uedit32.exe" "%1"
.txt [@ = UltraEdit.txt] -- "F:\Laufwerk_C\Programme\UltraEdit\uedit32.exe" "%1"
[HKEY_USERS\S-1-5-21-1601906125-279381933-2032345518-14107\SOFTWARE\Classes\<extension>]
.html [@ = UltraEdit.html] -- D:\Programme\UltraEdit\uedit32.exe (IDM Computer Solutions, Inc.)
.ini [@ = UltraEdit.ini] -- D:\Programme\UltraEdit\uedit32.exe (IDM Computer Solutions, Inc.)
.js [@ = UltraEdit.js] -- D:\Programme\UltraEdit\uedit32.exe (IDM Computer Solutions, Inc.)
.txt [@ = UltraEdit.txt] -- D:\Programme\UltraEdit\uedit32.exe (IDM Computer Solutions, Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12B8AAC5-74BD-4FFD-B4B6-15D83A4E300E}" = lport=5900 | protocol=6 | dir=in | name=vnc5900 |
"{242F0E54-66A7-4083-A6E0-0A4FDAEFE02A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{374EDEEC-364D-4FB3-B2EF-05FC60DA7BF9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6A72F364-A24C-429B-AD72-AA2BDA01DB8E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{6ABE42A5-EF7D-4130-8A77-5970912EDCC3}" = lport=5800 | protocol=6 | dir=in | name=vnc5800 |
"{6DAE7BB5-E532-49FD-B920-D0DED4EA2B00}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7268FED5-69B4-4049-816D-A00E2DCD3D4C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{91753AFC-026B-449D-AAB2-1E01420D02E5}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{92696278-762F-4920-AA4F-140C9421F7A2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{99C40EE6-88AC-4FB5-8F7C-16A52F9B1D67}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9FD4EE6C-1FEC-42AD-BB1F-E6BFD0B73FA4}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{CE1BB512-7F69-489F-A6D0-17D36892344F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F07A3A29-F034-4439-9A0F-DB32D3488CE3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{27FF5BFF-B371-4BB7-8B6C-1D2458771557}" = dir=in | app=d:\programme\vmware\vmware-authd.exe |
"{37EFA396-7873-442A-BFB4-CC08BE195780}" = protocol=6 | dir=in | app=c:\program files\ultravnc\vncviewer.exe |
"{95C4F615-27CC-4EBB-A4AB-070D860BACF8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{97517721-36E3-4581-A1FF-351EFA4A98CA}" = dir=in | app=d:\programme\vmware\vmware-authd.exe |
"{BDBF5313-99C1-4995-B833-74B2AB55E1D2}" = dir=in | app=c:\program files (x86)\swyxit!\clmgr.exe |
"{D9F7CE9F-EF2E-49F3-9EE3-A458479E6FE4}" = protocol=17 | dir=in | app=c:\program files\ultravnc\vncviewer.exe |
"{E0EDF912-24F9-4333-A63E-BDE4C952B3A1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F4EF7853-CE52-4482-9759-CF4A8381DCA3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"TCP Query User{F3A7B234-916C-4644-AD4D-8D077C9E009C}C:\users\hecklau\desktop\netviewer_support.exe" = protocol=6 | dir=in | app=c:\users\hecklau\desktop\netviewer_support.exe |
"UDP Query User{56C25906-C654-4E69-8260-2B9F2F6E7461}C:\users\hecklau\desktop\netviewer_support.exe" = protocol=17 | dir=in | app=c:\users\hecklau\desktop\netviewer_support.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{04566294-A6B6-4462-9721-031073EB3694}" = Dell Client System Update
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{291E2930-2240-11E2-BC84-B8AC6F98CCE3}" = Google Earth Plug-in
"{3AD96D37-7CAF-4295-A274-E403F1F38065}" = Tools für Microsoft SQL Server 2005
"{43B6667D-7520-4186-B05B-F5C0494C495D}" = UltraEdit-32
"{56B6B9B0-C23F-4680-9B06-D96FF8832FB2}" = Microsoft SQL Server 2005 (TEST)
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = Accelerometer
"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.STANDARD_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.STANDARD_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.STANDARD_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.STANDARD_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.STANDARD_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.STANDARD_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARD_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARD_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.STANDARD_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.STANDARD_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.STANDARD_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.STANDARD_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.STANDARD_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.STANDARD_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90877318-0BD0-4BDE-BFC0-C4BB12DAC86A}_is1" = Rappelz
"{92D194E7-AEF9-4A9E-8620-8F3AE712E3F7}" = Snagit 10.0.2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{CF78AB2B-1CA0-42D2-A2F1-FDEBC7876EF0}" = Microsoft SQL Server 2005
"{D75B5A39-C686-421C-B2BE-FDF9574662E1}" = Cisco AnyConnect Secure Mobility Client
"{E30E7561-A466-4393-B8BF-FD93E733EF3C}" = Microsoft Office Live Meeting 2007
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{ECEA7878-2100-4525-915D-B09174E36971}" = Trend Micro OfficeScan Client
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{f508ae38-2d20-413e-a55c-58c86661f045}" = Check Point Endpoint Security
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FDEC0704-D15E-4DB8-A624-2256DD4C65D7}" = Dell MFP Laser 3115cn Scanner-Treiber
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BIS Developer Studio_6.3.4" = SEEBURGER BIS Developer Studio 6.3.4
"BIS Process Designer_6.3.4" = SEEBURGER BIS Process Designer 6.3.4
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"DAEMON Tools Lite" = DAEMON Tools Lite
"Easy XML Editor_is1" = Easy XML Editor 1.6.6
"FE5AE7DC-7B01-4263-A94C-B4526C276549_is1" = iPhone Explorer
"Free CD to MP3 Converter" = Free CD to MP3 Converter
"Free Window Registry Repair" = Free Window Registry Repair
"iReport-2.0.2.exe" = iReport 2.0.2
"iReport-4.7.0.exe" = iReport 4.7.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.STANDARD" = Microsoft Office Standard 2010
"ShareMouse_is1" = ShareMouse v1.0.86
"Spark 2.6.3.12555" = Spark 2.6.3.12555
"Spesoft Audio Converter_is1" = Spesoft Audio Converter 2.6
"Synergy" = Synergy
"TeamViewer 7" = TeamViewer 7
"The One Ring 3D Screensaver_is1" = The One Ring 3D Screensaver 1.0
"VLC media player" = VLC media player 2.0.1
"VMware_Player" = VMware Player
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1601906125-279381933-2032345518-14107\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 18.10.2012 12:00:36 | Computer Name = hecklauj02.seeburger.de | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3011
Error - 18.10.2012 12:00:37 | Computer Name = hecklauj02.seeburger.de | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 18.10.2012 12:00:37 | Computer Name = hecklauj02.seeburger.de | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4009
Error - 18.10.2012 12:00:37 | Computer Name = hecklauj02.seeburger.de | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4009
Error - 19.10.2012 02:50:55 | Computer Name = hecklauj02.seeburger.de | Source = AutoEnrollment | ID = 6
Description =
Error - 19.10.2012 02:51:47 | Computer Name = hecklauj02.seeburger.de | Source = WinMgmt | ID = 10
Description =
Error - 19.10.2012 06:55:55 | Computer Name = hecklauj02.seeburger.de | Source = VmbService | ID = 0
Description = GetClient
Error - 19.10.2012 06:56:12 | Computer Name = hecklauj02.seeburger.de | Source = VmbService | ID = 0
Description = GetLoggedOnUser
Error - 22.10.2012 03:10:29 | Computer Name = hecklauj02.seeburger.de | Source = WinMgmt | ID = 10
Description =
Error - 23.10.2012 03:26:22 | Computer Name = hecklauj02.seeburger.de | Source = WinMgmt | ID = 10
Description =
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 12.12.2012 04:39:10 | Computer Name = hecklauj02.seeburger.de | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
1084 NULL object. Cannot establish a connection at this time.
Error - 12.12.2012 05:55:43 | Computer Name = hecklauj02.seeburger.de | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::callbackHandler File: .\IPC\SocketTransport.cpp
Line:
1280 Invoked Function: WSAGetOverlappedResult Return Code: 10054 (0x00002746) Description:
Eine vorhandene Verbindung wurde vom Remotehost geschlossen.
Error - 12.12.2012 05:55:43 | Computer Name = hecklauj02.seeburger.de | Source = acvpnagent | ID = 67108866
Description = Function: CSocketTransport::callbackHandler File: .\IPC\SocketTransport.cpp
Line:
1281 Invoked Function: WSARecv/WSARecvFrom Return Code: 0 (0x00000000) Description:
unknown
Error - 12.12.2012 05:55:43 | Computer Name = hecklauj02.seeburger.de | Source = acvpnagent | ID = 67108866
Description = Function: CIpcTransport::OnSocketReadComplete File: .\IPC\IPCTransport.cpp
Line:
873 Invoked Function: CSocketTransport::readSocket Return Code: -31522801 (0xFE1F000F)
Description:
SOCKETTRANSPORT_ERROR_TRANSPORT_FAILURE
Error - 12.12.2012 05:55:43 | Computer Name = hecklauj02.seeburger.de | Source = acvpnagent | ID = 67108866
Description = Function: CIpcDepot::OnIpcMessageReceived File: .\IPC\IPCDepot.cpp Line:
832 Invoked Function: CIpcTransport::OnSocketReadComplete Return Code: -31522801
(0xFE1F000F) Description: SOCKETTRANSPORT_ERROR_TRANSPORT_FAILURE
Error - 12.12.2012 05:55:43 | Computer Name = hecklauj02.seeburger.de | Source = acvpnagent | ID = 67108866
Description = Function: CTcpTransport::writeSocketBlocking File: .\IPC\SocketTransport.cpp
Line:
1676 Invoked Function: WSASend Return Code: 10054 (0x00002746) Description: Eine vorhandene
Verbindung wurde vom Remotehost geschlossen.
Error - 12.12.2012 05:55:43 | Computer Name = hecklauj02.seeburger.de | Source = acvpnagent | ID = 67108866
Description = Function: CIpcTransport::terminateIpcConnection File: .\IPC\IPCTransport.cpp
Line:
384 Invoked Function: CSocketTransport::writeSocketBlocking Return Code: -31522805
(0xFE1F000B) Description: SOCKETTRANSPORT_ERROR_WRITE
Error - 12.12.2012 05:57:40 | Computer Name = hecklauj02.seeburger.de | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 376 Invoked
Function: IRunnable::Run Return Code: -32047093 (0xFE17000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE
Error - 12.12.2012 05:59:47 | Computer Name = hecklauj02.seeburger.de | Source = acvpnui | ID = 67108866
Description = Function: CMainFrame::getDARTInstallDir File: .\mainfrm.cpp Line: 4612
Invoked
Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: Es sind keine
Daten mehr verfügbar.
Error - 12.12.2012 05:59:48 | Computer Name = hecklauj02.seeburger.de | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
1084 NULL object. Cannot establish a connection at this time.
[ Media Center Events ]
Error - 07.06.2012 02:09:02 | Computer Name = hecklauj02.seeburger.de | Source = MCUpdate | ID = 0
Description = 08:08:37 - Fehler beim Herstellen der Internetverbindung. 08:08:39
- Serververbindung konnte nicht hergestellt werden..
Error - 08.06.2012 03:10:35 | Computer Name = hecklauj02.seeburger.de | Source = MCUpdate | ID = 0
Description = 09:10:35 - Fehler beim Herstellen der Internetverbindung. 09:10:35
- Serververbindung konnte nicht hergestellt werden..
Error - 08.06.2012 03:11:16 | Computer Name = hecklauj02.seeburger.de | Source = MCUpdate | ID = 0
Description = 09:10:41 - Fehler beim Herstellen der Internetverbindung. 09:10:41
- Serververbindung konnte nicht hergestellt werden..
Error - 18.06.2012 01:55:13 | Computer Name = hecklauj02.seeburger.de | Source = MCUpdate | ID = 0
Description = 07:55:13 - Fehler beim Herstellen der Internetverbindung. 07:55:13
- Serververbindung konnte nicht hergestellt werden..
Error - 18.06.2012 01:55:24 | Computer Name = hecklauj02.seeburger.de | Source = MCUpdate | ID = 0
Description = 07:55:18 - Fehler beim Herstellen der Internetverbindung. 07:55:18
- Serververbindung konnte nicht hergestellt werden..
Error - 20.06.2012 01:55:49 | Computer Name = hecklauj02.seeburger.de | Source = MCUpdate | ID = 0
Description = 07:55:49 - Fehler beim Herstellen der Internetverbindung. 07:55:49
- Serververbindung konnte nicht hergestellt werden..
Error - 20.06.2012 01:56:42 | Computer Name = hecklauj02.seeburger.de | Source = MCUpdate | ID = 0
Description = 07:55:54 - Fehler beim Herstellen der Internetverbindung. 07:55:54
- Serververbindung konnte nicht hergestellt werden..
Error - 16.07.2012 01:35:49 | Computer Name = hecklauj02.seeburger.de | Source = MCUpdate | ID = 0
Description = 07:35:49 - Fehler beim Herstellen der Internetverbindung. 07:35:49
- Serververbindung konnte nicht hergestellt werden..
Error - 16.07.2012 01:36:02 | Computer Name = hecklauj02.seeburger.de | Source = MCUpdate | ID = 0
Description = 07:35:55 - Fehler beim Herstellen der Internetverbindung. 07:35:55
- Serververbindung konnte nicht hergestellt werden..
Error - 13.08.2012 01:43:04 | Computer Name = hecklauj02.seeburger.de | Source = MCUpdate | ID = 0
Description = 07:43:02 - Fehler beim Herstellen der Internetverbindung. 07:43:02
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 01.10.2012 03:47:25 | Computer Name = hecklauj02.seeburger.de | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender
Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann
eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn
die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde
und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere
Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error - 01.10.2012 04:01:28 | Computer Name = hecklauj02.seeburger.de | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender
Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann
eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn
die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde
und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere
Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error - 01.10.2012 05:56:42 | Computer Name = hecklauj02.seeburger.de | Source = NETLOGON | ID = 5719
Description = Der Computer konnte eine sichere Sitzung mit einem Domänencontroller
in der Domäne SUB aufgrund der folgenden Ursache nicht einrichten: %%1311 Dies kann
zu Authentifizierungsproblemen führen. Stellen Sie sicher, dass der Computer mit
dem Netzwerk verbunden ist. Wenden Sie sich an den Domänenadministrator, wenn das
Problem weiterhin besteht. ZUSÄTZLICHE INFORMATIONEN Wenn dieser Computer ein Domänencontroller
der bestimmten Domäne ist, wird eine sichere Sitzung zum primären Domänencontrolleremulator
in der bestimmten Domäne eingerichtet. Andernfalls richtet dieser Computer eine
sichere Sitzung zu einem beliebigen Domänencontroller in der bestimmten Domäne ein.
Error - 01.10.2012 09:55:44 | Computer Name = hecklauj02.seeburger.de | Source = Service Control Manager | ID = 7034
Description = Dienst "Synergy Server" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 02.10.2012 02:03:35 | Computer Name = hecklauj02.seeburger.de | Source = NETLOGON | ID = 5719
Description = Der Computer konnte eine sichere Sitzung mit einem Domänencontroller
in der Domäne SUB aufgrund der folgenden Ursache nicht einrichten: %%1311 Dies kann
zu Authentifizierungsproblemen führen. Stellen Sie sicher, dass der Computer mit
dem Netzwerk verbunden ist. Wenden Sie sich an den Domänenadministrator, wenn das
Problem weiterhin besteht. ZUSÄTZLICHE INFORMATIONEN Wenn dieser Computer ein Domänencontroller
der bestimmten Domäne ist, wird eine sichere Sitzung zum primären Domänencontrolleremulator
in der bestimmten Domäne eingerichtet. Andernfalls richtet dieser Computer eine
sichere Sitzung zu einem beliebigen Domänencontroller in der bestimmten Domäne ein.
Error - 02.10.2012 02:03:39 | Computer Name = hecklauj02.seeburger.de | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender
Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann
eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn
die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde
und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere
Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error - 02.10.2012 02:04:17 | Computer Name = hecklauj02.seeburger.de | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender
Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann
eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn
die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde
und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere
Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error - 02.10.2012 02:05:07 | Computer Name = hecklauj02.seeburger.de | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Browser erreicht.
Error - 02.10.2012 02:05:17 | Computer Name = hecklauj02.seeburger.de | Source = DCOM | ID = 10016
Description =
Error - 02.10.2012 02:07:17 | Computer Name = hecklauj02.seeburger.de | Source = Service Control Manager | ID = 7031
Description = Der Dienst "OfficeScan NT RealTime Scan" wurde unerwartet beendet.
Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000
Millisekunden durchgeführt: Neustart des Diensts.
< End of report >
--- --- --- |
