Habe um meinen PC zu schützen VIELE Schutzprogramme incl. Viren runtergeladen :-( Hallo! Erst mal möchte ich den Betreibern dieser HP herzlich danken, dass es sie gibt und dass sie tun, was sie hier tun. Ohne euch wäre ich jetzt wahrscheinlich völlig aufgeschmissen, also DANKE! Zu meinem Problem: Mein Laptop wurde immer langsamer und ich habe gelegentlich Fehlermeldungen bezgl. "System32" bekommen, mit denen ich nichts anfangen konnte. Ich habe das gegoogelt und bin auf diverse kostenlose Schutzprogramme gestoßen. Ich habe einige (4-5) davon herunter geladen und immer wurden zahlreiche Registry-Fehler gefunden. Aber jedesmal, wenn ich die bereinigen wollte, hätte ich bezahlen müssen. Soviel zu Freeware. Alle diese Programme habe ich inzwischen wieder deinstalliert. Was jedoch kostenfrei war, waren diverse Viren, Trojaner oder was weiß ich, denn inzwischen spinnt mein Rechner total: - er ist sehr langsam (auch bei World und Excel) - andauernd habe ich andere Suchmaschinen und Toolbars auf - sonst zuverlässige Programme funktionieren nicht mehr oder nur sehr schlecht - die Datenverbindung ist sehr oft sehr gestört oder nicht möglich Irgendwann bin ich auf diese Seite hier gestoßen, weil ich die Seriennummer für "Advanced System Protector" gesucht hab. Ich habe den Threat "http://www.trojaner-board.de/132944-...loeschen.html" gefunden und alle Schritte befolgt und am Ende gesehen, dass das falsch war. :-( Danach hab ich mich hier registriert und bin alle Schritte von eurer Checkliste durchgegangen. Dabei gab es aber diverse Probleme bzw. Abweichungen: - Schritt 1 (defogger) ging noch ohne Probleme - Schritt 2 (OTL) auch noch OTL.txt: OTL logfile created on: 29.05.2013 10:29:12 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\clk\Eigene Dateien\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1023,42 Mb Total Physical Memory | 470,03 Mb Available Physical Memory | 45,93% Memory free 2,41 Gb Paging File | 1,88 Gb Available in Paging File | 78,04% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 74,33 Gb Total Space | 22,96 Gb Free Space | 30,90% Space Free | Partition Type: NTFS Computer Name: CK | User Name: clk | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.29 10:29:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\clk\Eigene Dateien\Downloads\OTL (1).exe PRC - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) -- C:\Programme\PDF Architect\HelperService.exe PRC - [2012.11.12 12:45:22 | 001,104,824 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2012.11.12 12:45:18 | 000,309,688 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Kies\KiesTrayAgent.exe PRC - [2012.11.12 12:45:14 | 000,968,120 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe PRC - [2012.11.01 14:16:42 | 000,577,536 | ---- | M] (Samsung Electronics) -- C:\Programme\Samsung\Kies\KiesAirMessage.exe PRC - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012.08.09 20:51:26 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2011.07.31 14:07:18 | 000,189,808 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe PRC - [2010.01.18 11:51:22 | 000,139,944 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\ezprint.exe PRC - [2010.01.18 11:51:20 | 000,770,728 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\lxeemon.exe PRC - [2010.01.15 12:53:35 | 000,308,688 | ---- | M] () -- C:\Programme\Verbindungsassistent\WTGService.exe PRC - [2010.01.07 16:20:28 | 000,598,696 | ---- | M] ( ) -- C:\WINDOWS\system32\lxeecoms.exe PRC - [2009.07.24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft LifeCam\MSCamS32.exe PRC - [2009.05.25 11:18:04 | 000,040,960 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\DeviceHelper\DeviceManager.exe PRC - [2008.08.29 18:56:58 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe PRC - [2008.08.29 16:20:56 | 000,935,208 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005.08.11 17:30:30 | 000,081,920 | ---- | M] (Macrovision Corporation) -- C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe PRC - [2005.07.06 17:29:22 | 000,356,352 | ---- | M] (TOSHIBA) -- C:\Programme\Toshiba\TOSHIBA Applet\THotkey.exe PRC - [2005.07.05 16:08:48 | 000,034,816 | ---- | M] (TOSHIBA Corp.) -- C:\Programme\Toshiba\TOSHIBA Applet\TAPPSRV.exe PRC - [2005.05.13 11:01:30 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe PRC - [2005.04.12 10:05:26 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe PRC - [2005.04.05 16:25:34 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\Tvs\TvsTray.exe PRC - [2005.01.18 01:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe PRC - [2004.11.17 10:56:10 | 001,077,327 | ---- | M] (TOSHIBA) -- C:\Programme\Toshiba\Touch and Launch\PadExe.exe PRC - [2004.10.15 00:28:02 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPLpr.exe PRC - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe ========== Modules (No Company Name) ========== MOD - [2013.05.28 03:36:24 | 001,114,624 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Podcaster\58d56b6e5f2d64072a30a2e30836c48b\Podcaster.ni.dll MOD - [2013.05.28 03:36:03 | 001,008,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\7d49dbd67986f8d42121998b34f4c117\CPKTMusicPlugin.ni.dll MOD - [2013.05.28 03:35:57 | 000,941,568 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MusicManager\ea6d01d8b7841d50fd4982c5a8de85c6\MusicManager.ni.dll MOD - [2013.05.28 03:35:53 | 002,196,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\1d3881e1208354c3eaf1ea547dbe6e57\Kies.Common.Multimedia.ni.dll MOD - [2013.05.28 03:35:21 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ce94bdcea014a8a68dcd79ba7bb1dc1d\System.Runtime.Remoting.ni.dll MOD - [2013.05.16 23:05:41 | 000,608,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePodcast\5fd169b743c851328f1ce54448cfc598\DevicePodcast.ni.dll MOD - [2013.05.16 23:05:39 | 000,293,888 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceVideo\cfa251d13148007a6933b966c042d0d6\DeviceVideo.ni.dll MOD - [2013.05.16 23:05:38 | 000,371,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePhoto\ce4b607c73d5580c9fc6bee40c7d78bd\DevicePhoto.ni.dll MOD - [2013.05.16 23:05:36 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceMusic\6ea65242122082eab20415e24c1ede0f\DeviceMusic.ni.dll MOD - [2013.05.16 23:05:35 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\VideoManager\9d7efff4973160fa60cdf0bea83af5e6\VideoManager.ni.dll MOD - [2013.05.16 23:05:31 | 001,491,968 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PodcastService\5a89adbbddd7f51ba595f1bd9e55e3b1\PodcastService.ni.dll MOD - [2013.05.16 23:05:29 | 000,621,568 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PhotoManager\57a9a4a0c4b8ac9e8b320f503c7edd79\PhotoManager.ni.dll MOD - [2013.05.16 23:05:13 | 006,242,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceHost\9d108adf5c109f98d4facbe7732dacff\DeviceHost.ni.dll MOD - [2013.05.16 23:04:52 | 001,879,040 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Phonebook\eba357cabe6a4322466c4849723f3f3d\Phonebook.ni.dll MOD - [2013.05.16 23:04:32 | 000,396,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BATPlugin\b9e8a3df0aabceb08b98d721af9c3c95\BATPlugin.ni.dll MOD - [2013.05.16 23:04:25 | 000,507,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\ceebedcdfa2c2594e97e5b0b06edf53c\Kies.Common.MediaDB.ni.dll MOD - [2013.05.16 23:04:22 | 000,064,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\c16d6291f2ba4824d3432098bb5a1a0a\Kies.Common.AllShare.ni.dll MOD - [2013.05.16 23:04:21 | 000,283,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\c660385ceb5c4e62e1735ee758921b77\Kies.Common.DeviceServiceLib.FirmwareUpdate.Commo n.ni.dll MOD - [2013.05.16 23:04:19 | 000,569,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f40c49bba92f7ad114be62ad99956d4e\Kies.Common.DeviceServiceLib.FileService.ni.dll MOD - [2013.05.16 23:04:17 | 000,621,056 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\cac3a4d93b07ea5ffaf37934cd72fad9\Kies.Common.DeviceServiceLib.DeviceDataService.ni .dll MOD - [2013.05.16 23:04:15 | 000,915,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\912fbcd57dc29ab59d795937985d2067\Kies.Common.DeviceServiceLib.DeviceManagement.ni. dll MOD - [2013.05.16 23:04:12 | 001,057,792 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\7f814507d38f722ea12668601eccdef2\Kies.Common.DeviceService.ni.dll MOD - [2013.05.16 23:04:02 | 000,200,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\90d7bfef054a7714225ec62fb1b5bf0e\Kies.Common.MainUI.ni.dll MOD - [2013.05.16 23:04:01 | 000,066,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\b2642b48602b96bf37257e96637cb2c1\Kies.Common.DBManager.ni.dll MOD - [2013.05.16 23:04:00 | 000,273,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\a2e0f8e4559020b73813922ec9e1b490\Kies.Common.Util.ni.dll MOD - [2013.05.16 23:03:58 | 001,874,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.UI\957ef902c5e03f29b3f2c3c243e8f8e6\Kies.UI.ni.dll MOD - [2013.05.16 23:03:55 | 000,119,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\8c3eb2c5125c85b57c7b136e488a277f\GongSolutions.Wpf.DragDrop.ni.dll MOD - [2013.05.16 23:03:54 | 001,211,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Interface\da94c8d8cd1b08607102ff4d783da070\Kies.Interface.ni.dll MOD - [2013.05.16 23:03:12 | 001,692,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies\8e2a077381fe98ea660ba46f5dd5075a\Kies.ni.exe MOD - [2013.05.16 21:16:42 | 018,019,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\03a2c7d0e26886bf966276d441290257\PresentationFramework.ni.dll MOD - [2013.05.16 21:15:52 | 011,522,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\921404b7803bda0cb1cba2ee458e4c9f\PresentationCore.ni.dll MOD - [2013.05.16 21:15:33 | 003,880,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\0268fc0c7a4db1850c1c6ba33d980b29\WindowsBase.ni.dll MOD - [2013.05.16 21:15:11 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\88856f5f657eaa34828421b355a5fd76\System.Configuration.ni.dll MOD - [2013.05.16 21:15:07 | 007,053,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\56734db07bf2cb287a5f0cf662cc32ef\System.Core.ni.dll MOD - [2013.05.16 21:14:45 | 013,198,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\40730f817297bb5d791a7101ed9630fe\System.Windows.Forms.ni.dll MOD - [2013.02.16 01:53:42 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\81c0ff81b2ad570ee85d6cd7ce751bba\System.ServiceProcess.ni.dll MOD - [2013.01.10 11:45:49 | 012,621,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Theme\ac8efe59a037ffeb38513bdea352da28\Kies.Theme.ni.dll MOD - [2013.01.10 11:44:59 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\0a9aa8a20cf2f935e03e948e5fe7a476\Kies.Common.DeviceServiceLib.FirmwareUpdate.Firmw areUpdateAgentHelper.ni.dll MOD - [2013.01.10 11:43:15 | 000,029,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\34da4bec626fd6331c6702365be50f28\Kies.Common.StoreManager.ni.dll MOD - [2013.01.10 11:43:11 | 000,232,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\779a065e9d217d3a3aeeb354f9fce387\ASF_cSharpAPI.ni.dll MOD - [2013.01.10 11:43:08 | 000,043,008 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.FUSCryptLib\7296ee8d41eeb2bcc543df81eea19ebe\Interop.FUSCryptLib.ni.dll MOD - [2013.01.10 11:43:04 | 000,189,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\7504b4d1e0c4f84827a869844fa75ffd\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downl oader.ni.dll MOD - [2013.01.10 11:43:00 | 000,175,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\9a9a70b72df9ca4a018ffeb43208fac0\Interop.DevFileServiceLib.ni.dll MOD - [2013.01.10 11:42:52 | 000,018,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.DeviceServi#\d89293c7be2f75ca92ddd2efac0dcfad\Interop.DeviceServiceModelDBLib.ni.dll MOD - [2013.01.10 11:42:50 | 000,184,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\c35f66934441c52d7c6f60347751059f\Kies.Common.DeviceServiceLib.Interface.ni.dll MOD - [2013.01.10 11:42:02 | 000,052,224 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll MOD - [2013.01.10 11:42:02 | 000,032,256 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll MOD - [2013.01.10 11:42:01 | 000,171,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll MOD - [2013.01.10 11:42:01 | 000,030,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\0e99d29839b75154cac69d87c6857da7\Interop.PRPLAYERCORELib.ni.dll MOD - [2013.01.10 10:55:41 | 000,395,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll MOD - [2013.01.10 10:55:33 | 000,743,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\78c73ae3f99d95d788e3690a561a7701\ICSharpCode.SharpZipLib.ni.dll MOD - [2013.01.10 10:55:28 | 000,052,224 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\4f4243b3bc2e4cdf0ec6e7ad5559aa20\Interop.DeviceSearchLib.ni.dll MOD - [2013.01.10 10:55:27 | 001,499,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Locale\570e33cc3bc3f82ffc64c06efd1e90d6\Kies.Locale.ni.dll MOD - [2013.01.10 10:55:26 | 000,078,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\495e94c8e04436b65dcb695c969d0d4e\Kies.MVVM.ni.dll MOD - [2013.01.10 00:08:18 | 001,812,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\25732130189e8f468a7d98647edffe8e\System.Xaml.ni.dll MOD - [2013.01.09 17:29:33 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\a23c39d504467a0024e5f20c0f962f3f\System.Xml.ni.dll MOD - [2013.01.09 17:26:37 | 001,667,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\307bb964c6b7dbc20676e8905ec99df9\System.Drawing.ni.dll MOD - [2013.01.09 17:26:31 | 009,094,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\5f79b00e1aaeafcc07907aa61fd3599e\System.ni.dll MOD - [2013.01.09 17:26:10 | 014,416,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll MOD - [2012.04.16 23:11:02 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll MOD - [2010.01.18 11:51:22 | 000,139,944 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\ezprint.exe MOD - [2010.01.18 11:51:20 | 000,770,728 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\lxeemon.exe MOD - [2010.01.15 12:53:35 | 000,308,688 | ---- | M] () -- C:\Programme\Verbindungsassistent\WTGService.exe MOD - [2009.12.16 13:07:29 | 001,159,168 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\lxeedrs.dll MOD - [2009.12.16 13:04:21 | 000,389,120 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\lxeescw.dll MOD - [2009.11.04 09:14:19 | 000,157,696 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxeedrpp.dll MOD - [2009.06.23 07:11:04 | 000,102,400 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\epoemdll.dll MOD - [2009.06.23 07:10:29 | 000,045,056 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\epstring.dll MOD - [2009.06.23 07:09:11 | 002,203,648 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\epwizres.dll MOD - [2009.05.27 08:16:50 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeedatr.dll MOD - [2009.05.25 11:18:04 | 000,040,960 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\DeviceHelper\DeviceManager.exe MOD - [2009.04.28 09:56:29 | 000,024,064 | ---- | M] () -- C:\WINDOWS\system32\LXEEsmr.dll MOD - [2009.04.07 15:25:27 | 000,409,600 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\iptk.dll MOD - [2009.03.30 08:37:28 | 000,708,608 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\epwizard.dll MOD - [2009.03.30 08:35:40 | 000,159,744 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\customui.dll MOD - [2009.03.30 08:35:22 | 000,061,440 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\epfunct.dll MOD - [2009.03.30 08:35:17 | 000,118,784 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\eputil.dll MOD - [2009.03.30 08:35:05 | 000,139,264 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\imagutil.dll MOD - [2009.03.10 01:43:49 | 000,155,648 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\lxeecaps.dll MOD - [2009.03.02 10:25:47 | 000,151,552 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\lxeeptp.dll MOD - [2009.02.20 10:48:03 | 000,299,008 | ---- | M] () -- C:\WINDOWS\system32\LXEEsm.dll MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2004.07.20 17:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll ========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013.05.15 21:11:18 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.01.09 18:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) [Auto | Stopped] -- C:\Programme\PDF Architect\ConversionService.exe -- (PDF Architect Service) SRV - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Programme\PDF Architect\HelperService.exe -- (PDF Architect Helper Service) SRV - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2010.01.15 12:53:35 | 000,308,688 | ---- | M] () [Auto | Running] -- C:\Programme\Verbindungsassistent\WTGService.exe -- (WTGService) SRV - [2010.01.07 16:20:28 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxeecoms.exe -- (lxee_device) SRV - [2010.01.07 16:20:23 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeeserv.exe -- (lxeeCATSCustConnectService) SRV - [2009.10.20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Programme\WinPcap\rpcapd.exe -- (rpcapd) SRV - [2009.07.24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc) SRV - [2009.05.25 11:18:04 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Programme\Gemeinsame Dateien\DeviceHelper\DeviceManager.exe -- (DeviceManager) SRV - [2008.08.29 18:56:58 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe -- (PLFlash DeviceIoControl Service) SRV - [2008.08.29 16:20:56 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2005.07.05 16:08:48 | 000,034,816 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Programme\Toshiba\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV) SRV - [2005.01.18 01:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2004.10.22 02:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012.09.20 06:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm) DRV - [2012.09.20 06:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus) DRV - [2012.06.27 10:37:56 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2012.06.27 10:37:56 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) DRV - [2012.06.27 10:37:56 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011.08.01 15:57:30 | 000,045,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dc3d.sys -- (dc3d) DRV - [2010.11.22 14:25:54 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri) DRV - [2010.11.22 14:24:53 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc) DRV - [2010.11.22 14:24:53 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt) DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.11.04 13:09:32 | 000,763,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\UDXTTM6010.sys -- (UDXTTM6010) DRV - [2009.11.04 13:09:32 | 000,023,104 | ---- | M] (DTV-DVB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Cinergy_Hybrid-Stick_HID.sys -- (TTHID) DRV - [2009.10.20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) DRV - [2009.07.24 16:05:24 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo) DRV - [2009.06.19 16:44:14 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2009.05.25 11:18:02 | 000,103,552 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qcusbser.sys -- (qcusbser) DRV - [2008.07.24 12:03:56 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2008.04.13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE) DRV - [2006.07.24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2005.07.04 15:54:08 | 000,098,176 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd) DRV - [2005.06.27 18:48:08 | 000,053,504 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid) DRV - [2005.05.30 18:28:38 | 000,008,576 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfec.sys -- (tosrfec) DRV - [2005.05.10 17:50:00 | 000,029,056 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs) DRV - [2005.04.15 07:14:58 | 001,130,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005.04.13 00:30:12 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005.03.31 02:18:40 | 000,230,400 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2005.03.30 12:42:54 | 000,047,230 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosporte.sys -- (tosporte) DRV - [2005.03.02 08:45:24 | 000,004,864 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD) DRV - [2004.12.21 11:38:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2004.10.29 18:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) DRV - [2004.10.04 10:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2004.08.04 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2004.08.04 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2003.01.29 23:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{E649DC79-BD07-46CD-85E1-6D561DA45348}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_de IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8080;https=127.0.0.1:8080 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Programme\PDF Architect\FFPDFArchitectExt [2013.02.05 01:26:21 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\lrcfan@fansoft.br: C:\Programme\LyricsFan\FF\ [2013.05.24 01:02:06 | 000,000,000 | ---D | M] [2012.05.28 21:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Mozilla\Extensions [2012.05.28 21:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Mozilla\Extensions\ideskbrowser@haufe.de [2011.03.09 18:58:21 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.01.15 10:36:52 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.10.14 20:03:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.02.18 21:59:45 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2010.10.14 20:01:57 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll [2009.03.24 12:10:44 | 000,114,688 | ---- | M] (Zylom) -- C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll ========== Chrome ========== CHR - default_search_provider: WebSearch (Enabled) CHR - default_search_provider: search_url = hxxp://websearch.searchrocket.info/?l=1&q={searchTerms}&pid=658&r=2013/05/27&hid=542167775&lg=EN&cc=DE&unqvl=16 CHR - default_search_provider: suggest_url = hxxp://localhost CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.94\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Picasa (Enabled) = C:\Programme\Google\Picasa3\npPicasa3.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: FileConverter 1.3 = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.15.2.523_0\ CHR - Extension: FileConverter 1.3 = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.15.2.523_0\ O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Programme\PDF Architect\PDFIEHelper.dll (pdfforge GbR) O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found. O2 - BHO: (Lyrics Fan) - {A8720491-9558-4C0D-9E35-30EED15DFB2B} - C:\Programme\LyricsFan\lrcfan.dll (FAN Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll () O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (&TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\THCDeskBand.dll (TerraTec Electronic GmbH) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll () O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [EzPrint] C:\Programme\Lexmark Pro700 Series\ezprint.exe () O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (Macrovision Corporation) O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [LexwareInfoService] C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG) O4 - HKLM..\Run: [lxeemon.exe] C:\Programme\Lexmark Pro700 Series\lxeemon.exe () O4 - HKLM..\Run: [PadTouch] C:\Programme\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA) O4 - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation) O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKLM..\Run: [THotkey] C:\Programme\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA) O4 - HKLM..\Run: [Tvs] C:\Programme\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation) O4 - HKCU..\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKCU..\Run: [KiesAirMessage] C:\Programme\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics) O4 - HKCU..\Run: [KiesPreload] C:\Programme\Samsung\Kies\Kies.exe (Samsung) O4 - HKCU..\Run: [TOSCDSPD] C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\NPJPI150_02.dll (Sun Microsystems, Inc.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Java Plug-in 1.5.0_02) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE8F664F-9C4B-483B-A8DB-622FC4AD8803}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\haufereader - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\dokume~1\alluse~1\anwend~1\wincert\win32c~1.dll) - c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Wincert\win32cert.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005.08.17 14:44:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{1b98acd0-01f1-11df-9878-0013ce2957d0}\Shell - "" = AutoRun O33 - MountPoints2\{1b98acd0-01f1-11df-9878-0013ce2957d0}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{1b98acd0-01f1-11df-9878-0013ce2957d0}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{1b98acd1-01f1-11df-9878-0013ce2957d0}\Shell - "" = AutoRun O33 - MountPoints2\{1b98acd1-01f1-11df-9878-0013ce2957d0}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{1b98acd1-01f1-11df-9878-0013ce2957d0}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{73bb7cd3-01bd-11df-9874-0013ce2957d0}\Shell - "" = AutoRun O33 - MountPoints2\{73bb7cd3-01bd-11df-9874-0013ce2957d0}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{73bb7cd3-01bd-11df-9874-0013ce2957d0}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{73bb7cd6-01bd-11df-9874-000000000000}\Shell - "" = AutoRun O33 - MountPoints2\{73bb7cd6-01bd-11df-9874-000000000000}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{73bb7cd6-01bd-11df-9874-000000000000}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{8df95eb0-0cc0-11df-9899-0013ce2957d0}\Shell - "" = AutoRun O33 - MountPoints2\{8df95eb0-0cc0-11df-9899-0013ce2957d0}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{8df95eb0-0cc0-11df-9899-0013ce2957d0}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{c008a570-081d-11df-988e-0013ce2957d0}\Shell - "" = AutoRun O33 - MountPoints2\{c008a570-081d-11df-988e-0013ce2957d0}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{c008a570-081d-11df-988e-0013ce2957d0}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{c008a571-081d-11df-988e-0013ce2957d0}\Shell - "" = AutoRun O33 - MountPoints2\{c008a571-081d-11df-988e-0013ce2957d0}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{c008a571-081d-11df-988e-0013ce2957d0}\Shell\AutoRun\command - "" = E:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.05.27 23:54:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\StarApp [2013.05.26 20:54:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\GoforFiles [2013.05.26 20:38:36 | 000,000,000 | ---D | C] -- C:\Programme\Uninstaller [2013.05.26 20:34:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\player [2013.05.25 21:21:13 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\clk\Recent [2013.05.24 01:02:06 | 000,000,000 | ---D | C] -- C:\Programme\LyricsFan [2013.05.24 01:01:31 | 000,000,000 | ---D | C] -- C:\Programme\FindLyrics [2013.05.23 23:49:17 | 000,000,000 | ---D | C] -- C:\Programme\SystemRequirementsLab [2013.05.13 23:10:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Lhsp [2013.05.13 23:09:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\speech [2013.05.13 23:09:24 | 000,000,000 | ---D | C] -- C:\Programme\MWS Reader 4 [2013.05.08 23:18:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\AppData [2012.06.15 22:11:23 | 000,894,448 | ---- | C] (Oracle Corporation) -- C:\Programme\chromeinstall-7u5.exe [2 C:\Dokumente und Einstellungen\All Users\*.tmp files -> C:\Dokumente und Einstellungen\All Users\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.29 10:25:19 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\defogger_reenable [2013.05.29 10:09:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.05.29 10:02:36 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\Lyrics Fan Update.job [2013.05.29 10:02:28 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\GoforFilesUpdate.job [2013.05.29 10:00:54 | 000,556,544 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.05.29 10:00:54 | 000,506,084 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.05.29 10:00:54 | 000,116,942 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.05.29 10:00:54 | 000,089,548 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.05.29 09:51:00 | 000,001,202 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2044978897-1172690549-42215457-1007UA.job [2013.05.29 09:51:00 | 000,001,150 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2044978897-1172690549-42215457-1007Core.job [2013.05.29 09:48:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.05.29 09:48:08 | 1073,201,152 | -HS- | M] () -- C:\hiberfil.sys [2013.05.28 10:05:31 | 000,632,031 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Desktop\adwcleaner.exe [2013.05.28 02:00:13 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-CK-clk.job [2013.05.20 20:45:49 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.05.16 23:19:41 | 003,622,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.05.16 21:06:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2 C:\Dokumente und Einstellungen\All Users\*.tmp files -> C:\Dokumente und Einstellungen\All Users\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.29 10:25:19 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\defogger_reenable [2013.05.28 10:05:22 | 000,632,031 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Desktop\adwcleaner.exe [2013.05.26 20:54:39 | 000,000,274 | ---- | C] () -- C:\WINDOWS\tasks\GoforFilesUpdate.job [2013.05.24 01:02:08 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\Lyrics Fan Update.job [2013.03.11 14:25:04 | 000,002,482 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin [2012.11.27 22:49:46 | 000,774,826 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2044978897-1172690549-42215457-1007-0.dat [2012.11.27 22:49:31 | 000,275,386 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2012.10.29 13:09:28 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2012.10.29 13:09:28 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2012.10.29 13:09:28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2012.10.29 13:09:28 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2012.10.29 13:09:28 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2012.02.15 14:43:40 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.08.28 22:05:55 | 000,001,474 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\CountdownProPrefs.cdp [2011.08.28 21:57:18 | 000,123,172 | ---- | C] () -- C:\Programme\countdown.sis [2010.12.31 14:38:46 | 000,036,072 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\mdbu.bin [2010.01.16 15:55:23 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt [2010.01.14 14:04:33 | 000,007,168 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.01.14 14:04:33 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat ========== ZeroAccess Check ========== [2005.08.17 14:51:55 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2010.01.16 00:16:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BTrieve [2013.01.13 18:15:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software [2013.05.28 10:06:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Datamngr [2012.11.16 12:31:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FMBackup2 [2012.05.28 18:27:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Haufe [2011.02.24 12:29:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IM [2011.02.24 12:26:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IncrediMail [2010.12.22 19:32:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kestrel [2010.06.27 22:41:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexmark Pro700 Series [2012.05.28 18:31:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware [2012.09.24 22:37:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX [2012.12.15 00:35:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe [2012.11.19 01:30:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung [2013.05.27 23:54:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\StarApp [2013.05.28 09:22:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Systweak [2013.05.27 11:48:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2010.01.15 15:13:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TerraTec [2013.04.15 20:51:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TVgenial [2013.04.15 22:36:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Wincert [2010.02.14 18:21:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom [2011.02.18 19:33:01 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2012.12.14 22:21:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\com.adobe.downloadassistant.AdobeDownloadAssistant [2013.04.13 21:17:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\DriverTurbo [2013.02.16 23:08:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\DVDVideoSoft [2013.03.28 15:07:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\GlarySoft [2013.05.26 20:55:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\GoforFiles [2012.05.28 21:10:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Haufe Mediengruppe [2010.07.25 19:27:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\InterVideo [2010.03.18 11:58:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\IrfanView [2010.12.22 19:46:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Kestrel [2010.01.15 23:57:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Lexware [2012.01.18 05:09:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\MAGIX [2010.01.16 00:45:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Marine Aquarium 3 [2012.12.15 00:48:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\PDAppFlex [2013.02.17 19:01:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\PDF Architect [2013.01.11 15:39:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\PhotoScape [2013.05.28 09:18:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\player [2013.01.23 22:15:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Samsung [2012.10.14 18:41:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Smilebox [2010.11.20 00:37:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Sony [2013.05.28 09:22:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Systweak [2010.01.15 15:12:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\TerraTec [2005.08.18 10:13:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\toshiba [2010.01.31 01:17:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Verbindungsassistent [2010.01.16 01:44:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Windows Desktop Search [2010.01.16 01:45:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Windows Search ========== Purity Check ========== ========== Files - Unicode (All) ========== (C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft ??) -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft 鼠标 ========== Alternate Data Streams ========== @Alternate Data Stream - 134 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:373E1720 < End of report > OTL Extra.txt: OTL Extras logfile created on: 29.05.2013 10:29:12 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\clk\Eigene Dateien\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1023,42 Mb Total Physical Memory | 470,03 Mb Available Physical Memory | 45,93% Memory free 2,41 Gb Paging File | 1,88 Gb Available in Paging File | 78,04% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 74,33 Gb Total Space | 22,96 Gb Free Space | 30,90% Space Free | Partition Type: NTFS Computer Name: CK | User Name: clk | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .hta [@ = htafile] -- Reg Error: Key error. File not found .html [@ = ChromeHTML] -- Reg Error: Key error. File not found .url [@ = InternetShortcut] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- "C:\Dokumente und Einstellungen\clk\Anwendungsdaten\File Scout\filescout.exe" /open "%1" Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "C:\Programme\Microsoft Office\Office12\GROOVE.EXE" = C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation) "C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager "C:\Programme\Microsoft LifeCam\LifeCam.exe" = C:\Programme\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation) "C:\Programme\Microsoft LifeCam\LifeEnC2.exe" = C:\Programme\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation) "C:\Programme\Microsoft LifeCam\LifeExp.exe" = C:\Programme\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation) "C:\Programme\Microsoft LifeCam\LifeTray.exe" = C:\Programme\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation) "C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvr.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema Classic -- (TerraTec Electronic GmbH) "C:\Programme\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe:*:Enabled:TerraTec Home Cinema Classic (tvtv Setup) -- (TerraTec Electronic GmbH) "C:\Programme\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe:*:Enabled:TerraTec Home Cinema Classic (Auto Update) -- (TerraTec Electronic GmbH) "C:\Programme\TerraTec\TerraTec Home Cinema\InstTool.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\InstTool.exe:*:Enabled:TerraTec Home Cinema Classic (Setup) -- (TerraTec Electronic GmbH) "C:\Programme\TerraTec\TerraTec Home Cinema\TTDvrServer.exe" = C:\Programme\TerraTec\TerraTec Home Cinema\TTDvrServer.exe:*:Enabled:NOXON Home Server -- (TerraTec Electronic GmbH) "C:\WINDOWS\system32\lxeecoms.exe" = C:\WINDOWS\system32\lxeecoms.exe:*:Enabled:Pro700 Series Server -- ( ) "C:\Programme\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe" = C:\Programme\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader "C:\Programme\Sony Ericsson\Update Service\Update Service.exe" = C:\Programme\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service "D:\DVD-Start.exe" = D:\DVD-Start.exe:*:Enabled:Schnellstart-DVD "C:\Programme\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe" = C:\Programme\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine "C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) "C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Smilebox\sbtb_install.exe" = C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Smilebox\sbtb_install.exe:*:Enabled:Smilebox Installer -- () "C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation) "C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe" = C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager "C:\Programme\GoforFiles\goforfilesdl.exe" = C:\Programme\GoforFiles\goforfilesdl.exe:*:Enabled:GoforFiles "C:\Programme\GoforFiles\GoforFiles.exe" = C:\Programme\GoforFiles\GoforFiles.exe:*:Enabled:GoforFiles ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help "{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store "{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Symbolleiste "{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office "{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool "{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM "{122879BD-2614-4AAB-9988-13C0719843D4}" = QuickSteuer 2012 COMPUTERBILD Edition "{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights "{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR "{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21 "{26d7e6f7-ec35-414f-9a3f-110a055af0dc}" = Nero BackItUp 4 "{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart "{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax "{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2 "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36C97B5B-5593-45B8-B50E-DAD87036BD9D}" = Microsoft LifeCam "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3EB6332B-AF02-457C-A31C-835458C5B48B}" = TOSHIBA Benutzerhandbücher "{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help "{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD-Speicherkarten-Formatierung "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help "{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter "{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav "{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap "{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help "{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision "{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help "{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help "{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live "{5D96E2B1-D9AC-46E0-9073-425C5F63E338}" = Touch and Launch "{63218538-4A69-497F-8455-904261B0E9E4}" = CorelDRAW Graphics Suite X3 "{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema "{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zoom-Dienstprogramm "{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility "{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6 "{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed "{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed "{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7ED0C3C2-6A3B-4FD1-97C8-20613D7D9ACF}" = TIxx21/x515 "{80A07844-CA64-4DE4-AB61-D37DDBE8074F}" = PDF Architect "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound "{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime "{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12 "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2 "{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express "{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer "{995A7F95-907E-4C25-8A2A-39CDCB7EC69C}" = Nero BackItUp "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{a3f81d11-fb74-4433-8df4-143df715746d}" = Nero 9 "{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls "{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress "{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool "{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed "{AB5C4115-57A5-4B30-B103-3DDF65FB5034}" = Nero BackItUp "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch "{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor "{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation "{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit "{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree "{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU "{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU "{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module "{C4A6EBB9-8030-45F0-808F-C7B076DABBA6}_is1" = Kestrel GX "{C61B2B59-75D2-4203-B589-E0102C3A6F32}" = QuickSteuer Wissens-Center 2012 "{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel "{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant "{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA "{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit "{C9FB6FFC-B3D2-4AA0-AC05-73DB7796B638}" = DE "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark "{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help "{DEE03A90-C723-4E3D-A661-86651D6F0668}" = QuickSteuer Deluxe 2010 "{E3CDAAD3-F806-4F2A-BACF-487AD2E5B3EB}" = QuickSteuer 2011 "{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help "{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}" = Lexware Info Service "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager "{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision "0D1EC8C098410CAFE85D1071184DB179AA0C5B30" = Windows-Treiberpaket - Intel USB (10/05/2012 9.1.9.1002) "2DA959FE3D6F0F5BC313481E72071D510DD786FB" = Windows-Treiberpaket - Intel (w29n51) net (12/19/2007 9.0.4.39) "43BC439F70814058C8C4D8445214560BA562954E" = Windows-Treiberpaket - Intel System (10/05/2012 9.1.9.1002) "5394CDFA2BDA136A47E0AD3B0649491E4BF0775C" = Windows-Treiberpaket - Intel System (10/05/2012 9.1.9.1002) "64A4C14F7BE3030FF4E9D0D18265D36EA120B146" = Windows-Treiberpaket - Intel hdc (10/05/2012 9.1.9.1002) "7B31B8054391F9C7EF590728F991F590BB07F0D7" = Windows-Treiberpaket - Texas Instruments Inc (tifm21) MTD (05/25/2009 2.0.0.10) "99384DC7A73D4A1912DFD6CEF0D996D685137527" = Windows-Treiberpaket - Intel hdc (10/05/2012 9.1.9.1002) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software "ATI Display Driver" = ATI Display Driver "Avira AntiVir Desktop" = Avira Free Antivirus "Cinergy Hybrid Stick" = Cinergy Hybrid Stick V1.00.08.06a "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant "ENTERPRISE" = Microsoft Office Enterprise 2007 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128 "HSPA USB MODEM ALCATEL_is1" = HSPA USB MODEM "ie8" = Windows Internet Explorer 8 "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{7ED0C3C2-6A3B-4FD1-97C8-20613D7D9ACF}" = Texas Instruments PCIxx21/x515 drivers. "IrfanView" = IrfanView (remove only) "Lexmark Pro700 Series" = Lexmark Pro700 Series "LHTTSGED" = L&H TTS3000 Deutsch "lrcfan@fansoft.br" = Lyrics Fan "Marvell Miniport Driver" = Marvell Miniport Driver "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2 "MUSTEK 1200 CU v2.0a" = MUSTEK 1200 CU v2.0a "PC-Diagnose-Tool" = TOSHIBA PC-Diagnose-Tool "PhotoScape" = PhotoScape "Picasa 3" = Picasa 3 "SP_08b196fe" = ContinueToSave 1.74 "SP_d2639597" = Search Assistant WebSearch 1.74 "SynTPDeinstKey" = Synaptics Pointing Device Driver "TOSHIBA Software Modem" = TOSHIBA Software Modem "Verbindungsassistent" = Verbindungsassistent "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinPcapInst" = WinPcap 4.1.1 "WinRAR archiver" = WinRAR "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Winamp Detect" = Winamp Erkennungs-Plug-in ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 16.05.2013 17:20:14 | Computer Name = CK | Source = .NET Runtime Optimization Service | ID = 1103 Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown Error - 20.05.2013 16:39:07 | Computer Name = CK | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung chrome.exe, Version 26.0.1410.64, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 21.05.2013 14:48:44 | Computer Name = CK | Source = MsiInstaller | ID = 11609 Description = Error - 23.05.2013 17:48:31 | Computer Name = CK | Source = crypt32 | ID = 131083 Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 23.05.2013 17:48:31 | Computer Name = CK | Source = crypt32 | ID = 131083 Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 23.05.2013 17:56:10 | Computer Name = CK | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung msiexec.exe, Version 4.5.6001.22159, fehlgeschlagenes Modul MSI2C7.tmp, Version 1.0.0.0, Fehleradresse 0x00015505. Error - 27.05.2013 15:57:45 | Computer Name = CK | Source = Microsoft Office 12 | ID = 1000 Description = Faulting application outlook.exe, version 12.0.6668.5000, stamp 508314b2, faulting module urlmon.dll, version 8.0.6001.23486, stamp 516dcdd1, debug? 0, fault address 0x000059e4. Error - 28.05.2013 13:28:33 | Computer Name = CK | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung adwcleaner.exe, Version 2.3.0.1, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 28.05.2013 15:35:41 | Computer Name = CK | Source = MsiInstaller | ID = 11609 Description = Error - 28.05.2013 18:17:08 | Computer Name = CK | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung rundll32.exe, Version 5.1.2600.5512, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. [ OSession Events ] Error - 08.01.2013 18:10:54 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 38859 seconds with 300 seconds of active time. This session ended with a crash. Error - 10.01.2013 06:20:29 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 53745 seconds with 480 seconds of active time. This session ended with a crash. Error - 17.01.2013 17:18:45 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2841 seconds with 360 seconds of active time. This session ended with a crash. Error - 21.01.2013 15:34:04 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 34139 seconds with 600 seconds of active time. This session ended with a crash. Error - 23.01.2013 18:14:04 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 7459 seconds with 240 seconds of active time. This session ended with a crash. Error - 25.01.2013 07:37:27 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 542 seconds with 420 seconds of active time. This session ended with a crash. Error - 05.03.2013 16:23:48 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 37439 seconds with 900 seconds of active time. This session ended with a crash. Error - 08.03.2013 20:25:25 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47 seconds with 0 seconds of active time. This session ended with a crash. Error - 06.05.2013 16:35:11 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 50993 seconds with 840 seconds of active time. This session ended with a crash. Error - 27.05.2013 15:57:22 | Computer Name = CK | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 38895 seconds with 1560 seconds of active time. This session ended with a crash. [ System Events ] Error - 29.05.2013 04:06:07 | Computer Name = CK | Source = Service Control Manager | ID = 7023 Description = Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: %%2147500037 Error - 29.05.2013 04:06:37 | Computer Name = CK | Source = DCOM | ID = 10010 Description = Der Server "{B12468C9-5B13-40D9-B74B-1815B776F1FB}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error - 29.05.2013 04:06:46 | Computer Name = CK | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error - 29.05.2013 04:09:44 | Computer Name = CK | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error - 29.05.2013 04:10:38 | Computer Name = CK | Source = Service Control Manager | ID = 7023 Description = Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: %%2147500037 Error - 29.05.2013 04:11:07 | Computer Name = CK | Source = DCOM | ID = 10010 Description = Der Server "{B12468C9-5B13-40D9-B74B-1815B776F1FB}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error - 29.05.2013 04:25:50 | Computer Name = CK | Source = Service Control Manager | ID = 7023 Description = Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: %%2147500037 Error - 29.05.2013 04:26:20 | Computer Name = CK | Source = DCOM | ID = 10010 Description = Der Server "{B12468C9-5B13-40D9-B74B-1815B776F1FB}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error - 29.05.2013 04:26:21 | Computer Name = CK | Source = Service Control Manager | ID = 7023 Description = Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: %%2147500037 Error - 29.05.2013 04:26:50 | Computer Name = CK | Source = DCOM | ID = 10010 Description = Der Server "{B12468C9-5B13-40D9-B74B-1815B776F1FB}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. [ TuneUp Events ] Error - 02.10.2011 12:44:17 | Computer Name = CK | Source = TuneUp.UtilitiesSvc | ID = 300 Description = < End of report > - Schritt 3 (Gmer) funktionierte nicht mehr richtig. Nach dem Scan hatte ich den berühmten "blauen Bildschirm" mit langem Fehlertext (nicht kopierbar). Nach dem Neustart, den ich manuell durchführen musste, bekam ich wieder eine "System 32-Fehlermeldung", hierzu konnte ich wenigstens einen Screenprint machen, den ich auch als World-Dokument schicken könnte. Die technischen Informationen zu dem Problembericht lauteten: C:\DOKUME~1\clk\LOKALE~1\Temp\WERe788.dir00\Mini052913-01.dmp C:\DOKUME~1\clk\LOKALE~1\Temp\WERe788.dir00\sysdata.xml Ich benötige also bitte dringend Hilfe, weil ich offensichtlich alle Fehler gemacht habe, die man nur machen kann. Was kann/soll ich als nächstes tun, um meinen Rechner wieder "sauber" zu bekommen? Herzlichen Dank schon mal vorab für euer Feedback! Liebe Grüße Claudia |
Hi, bei mir gibt's nur eine regel: es wird nur das gemacht was ich sage, also keine anderen tools mehr laufen lassen :) Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. |
Hi, hier die ComboFix-Log-Datei: Combofix Logfile: Code: ComboFix 13-05-30.01 - clk 29.05.2013 23:44:17.1.1 - x86 Und nun? LG Claudia |
Bleibt noch einiges an Arbeit :) Downloade dir bitte Rogue Killer von hier.
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches OTL log bitte. |
OKI, hier erst mal die RK-Log-Datei: RogueKiller V8.5.4 [Mar 18 2013] durch Tigzy mail: tigzyRK<at>gmail<dot>com mail : tigzyRK<at>gmail<dot>com Kommentare : RogueKiller - Geeks to Go Forums Webseite : Download RogueKiller (Official website) Blog : tigzy-RK Betriebssystem : Windows XP (5.1.2600 Service Pack 3) 32 bits version Gestartet in : Normaler Modus Benutzer : clk [Admin Rechte] Funktion : Scannen -- Datum : 05/30/2013 00:15:41 | ARK || FAK || MBR | ¤¤¤ Böswillige Prozesse : 0 ¤¤¤ ¤¤¤ Registry-Einträge : 5 ¤¤¤ [PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:8080;hxxps=127.0.0.1:8080) -> GEFUNDEN [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> GEFUNDEN [HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> GEFUNDEN [HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> GEFUNDEN [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> GEFUNDEN ¤¤¤ Bestimmte Dateien / Ordner: ¤¤¤ ¤¤¤ Treiber : [GELADEN] ¤¤¤ SSDT[25] : NtClose @ 0x80567C07 -> HOOKED (Unknown @ 0xF7CAE9BC) SSDT[41] : NtCreateKey @ 0x80573887 -> HOOKED (Unknown @ 0xF7CAE976) SSDT[50] : NtCreateSection @ 0x80565433 -> HOOKED (Unknown @ 0xF7CAE9C6) SSDT[53] : NtCreateThread @ 0x80578925 -> HOOKED (Unknown @ 0xF7CAE96C) SSDT[63] : NtDeleteKey @ 0x80595ABA -> HOOKED (Unknown @ 0xF7CAE97B) SSDT[65] : NtDeleteValueKey @ 0x805936DA -> HOOKED (Unknown @ 0xF7CAE985) SSDT[68] : NtDuplicateObject @ 0x805749DA -> HOOKED (Unknown @ 0xF7CAE9B7) SSDT[98] : NtLoadKey @ 0x805ADCBB -> HOOKED (Unknown @ 0xF7CAE98A) SSDT[122] : NtOpenProcess @ 0x80574BC1 -> HOOKED (Unknown @ 0xF7CAE958) SSDT[128] : NtOpenThread @ 0x80590CFC -> HOOKED (Unknown @ 0xF7CAE95D) SSDT[177] : NtQueryValueKey @ 0x8056A531 -> HOOKED (Unknown @ 0xF7CAE9DF) SSDT[193] : NtReplaceKey @ 0x8065012A -> HOOKED (Unknown @ 0xF7CAE994) SSDT[200] : NtRequestWaitReplyPort @ 0x8056DD9E -> HOOKED (Unknown @ 0xF7CAE9D0) SSDT[204] : NtRestoreKey @ 0x8064FCC1 -> HOOKED (Unknown @ 0xF7CAE98F) SSDT[213] : NtSetContextThread @ 0x8062E8FB -> HOOKED (Unknown @ 0xF7CAE9CB) SSDT[237] : NtSetSecurityObject @ 0x80598227 -> HOOKED (Unknown @ 0xF7CAE9D5) SSDT[247] : NtSetValueKey @ 0x8057DAF3 -> HOOKED (Unknown @ 0xF7CAE980) SSDT[255] : NtSystemDebugControl @ 0x8064AD09 -> HOOKED (Unknown @ 0xF7CAE9DA) SSDT[257] : NtTerminateProcess @ 0x80585851 -> HOOKED (Unknown @ 0xF7CAE967) S_SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0xF7CAE9EE) S_SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0xF7CAE9F3) ¤¤¤ Hosts-Datei: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR überprüfen: ¤¤¤ +++++ PhysicalDrive0: FUJITSU MHV2080BH +++++ --- User --- [MBR] 734e3e3266d18b4a2a96f5324795e50b [BSP] 11a7810e0250fcb50b0c0d5abe648c91 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76112 Mo 3 - [XXXXXX] UNKNOWN (0x88) [VISIBLE] Offset (sectors): 155878695 | Size: 203 Mo User = LL1 ... OK! User = LL2 ... OK! Abgeschlossen : << RKreport[1]_S_05302013_02d0015.txt >> RKreport[1]_S_05302013_02d0015.txt Den Adw-Cleaner hatte ich mir vorher schon mal auf mein Desktop geladen. Kann ich den nehmen, oder muss ich den neu runterladen? LG Claudia |
Neu laden, aber bitte vorher noch einmal RogueKiller und Löschen klicken nach dem Scan. Und warte bis Du alle Scans durch hast und poste alle Logs euf einmal, ich bekomm sonst keine Benachrichtigung :) |
OK, hier alle Logfiles: RogueKiller V8.5.4 [Mar 18 2013] durch Tigzy mail: tigzyRK<at>gmail<dot>com mail : tigzyRK<at>gmail<dot>com Kommentare : RogueKiller - Geeks to Go Forums Webseite : Download RogueKiller (Official website) Blog : tigzy-RK Betriebssystem : Windows XP (5.1.2600 Service Pack 3) 32 bits version Gestartet in : Normaler Modus Benutzer : clk [Admin Rechte] Funktion : Entfernen -- Datum : 05/30/2013 00:46:15 | ARK || FAK || MBR | ¤¤¤ Böswillige Prozesse : 0 ¤¤¤ ¤¤¤ Registry-Einträge : 5 ¤¤¤ [PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:8080;hxxps=127.0.0.1:8080) -> NICHT ENTFERNT, PROXY REPARIEREN BENUTZEN [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> GELÖSCHT [HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> ERSETZT (1) [HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> ERSETZT (1) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> ERSETZT (0) ¤¤¤ Bestimmte Dateien / Ordner: ¤¤¤ ¤¤¤ Treiber : [GELADEN] ¤¤¤ SSDT[25] : NtClose @ 0x80567C07 -> HOOKED (Unknown @ 0xF7D3AC44) SSDT[41] : NtCreateKey @ 0x80573887 -> HOOKED (Unknown @ 0xF7D3ABFE) SSDT[50] : NtCreateSection @ 0x80565433 -> HOOKED (Unknown @ 0xF7D3AC4E) SSDT[53] : NtCreateThread @ 0x80578925 -> HOOKED (Unknown @ 0xF7D3ABF4) SSDT[63] : NtDeleteKey @ 0x80595ABA -> HOOKED (Unknown @ 0xF7D3AC03) SSDT[65] : NtDeleteValueKey @ 0x805936DA -> HOOKED (Unknown @ 0xF7D3AC0D) SSDT[68] : NtDuplicateObject @ 0x805749DA -> HOOKED (Unknown @ 0xF7D3AC3F) SSDT[98] : NtLoadKey @ 0x805ADCBB -> HOOKED (Unknown @ 0xF7D3AC12) SSDT[122] : NtOpenProcess @ 0x80574BC1 -> HOOKED (Unknown @ 0xF7D3ABE0) SSDT[128] : NtOpenThread @ 0x80590CFC -> HOOKED (Unknown @ 0xF7D3ABE5) SSDT[177] : NtQueryValueKey @ 0x8056A531 -> HOOKED (Unknown @ 0xF7D3AC67) SSDT[193] : NtReplaceKey @ 0x8065012A -> HOOKED (Unknown @ 0xF7D3AC1C) SSDT[200] : NtRequestWaitReplyPort @ 0x8056DD9E -> HOOKED (Unknown @ 0xF7D3AC58) SSDT[204] : NtRestoreKey @ 0x8064FCC1 -> HOOKED (Unknown @ 0xF7D3AC17) SSDT[213] : NtSetContextThread @ 0x8062E8FB -> HOOKED (Unknown @ 0xF7D3AC53) SSDT[237] : NtSetSecurityObject @ 0x80598227 -> HOOKED (Unknown @ 0xF7D3AC5D) SSDT[247] : NtSetValueKey @ 0x8057DAF3 -> HOOKED (Unknown @ 0xF7D3AC08) SSDT[255] : NtSystemDebugControl @ 0x8064AD09 -> HOOKED (Unknown @ 0xF7D3AC62) SSDT[257] : NtTerminateProcess @ 0x80585851 -> HOOKED (Unknown @ 0xF7D3ABEF) S_SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0xF7D3AC76) S_SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0xF7D3AC7B) ¤¤¤ Hosts-Datei: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR überprüfen: ¤¤¤ +++++ PhysicalDrive0: FUJITSU MHV2080BH +++++ --- User --- [MBR] 734e3e3266d18b4a2a96f5324795e50b [BSP] 11a7810e0250fcb50b0c0d5abe648c91 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76112 Mo 3 - [XXXXXX] UNKNOWN (0x88) [VISIBLE] Offset (sectors): 155878695 | Size: 203 Mo User = LL1 ... OK! User = LL2 ... OK! Abgeschlossen : << RKreport[3]_D_05302013_02d0046.txt >> RKreport[1]_S_05302013_02d0015.txt ; RKreport[2]_S_05302013_02d0043.txt ; RKreport[3]_D_05302013_02d0046.txtAdwCleaner Logfile: Code: # AdwCleaner v2.301 - Datei am 30/05/2013 um 00:49:12 erstellt Code: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ LG Claudia Sollen wir morgen weiter machen??? Okay, du bist offline. Also danngute Nacht und bis morgen (gleich). ;-) LG Claudia |
Also ich wär da, Kaffe is da, wo bleibt das frische OTL Logfile? :D |
Hier ist er, aber das hat über eine Stunde gedauert. Der PC wird gerade NOCH langsamer als vorher... :-(OTL Logfile: Code: OTL logfile created on: 30.05.2013 14:37:09 - Run 2 LG Claudia |
Das bekommen wir schon hin :) Systemscan mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32bit oder FRST 64bit (Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
|
Okay, hier sind sie: --------------------------- Farbar Recovery Scan Tool --------------------------- The Addition.txt is saved in the same location FRST tool is run. --------------------------- OK --------------------------- Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-05-2013 Ran by clk at 2013-05-30 15:49:18 Run: Running from C:\Dokumente und Einstellungen\clk\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= "Nero SoundTrax Help (Version: 4.0.11.0) Adobe AIR (Version: 3.5.0.880) Adobe Download Assistant (Version: 1.2.3) Adobe Flash Player 11 ActiveX (Version: 11.7.700.202) Adobe Flash Player 11 Plugin (Version: 11.7.700.202) Adobe Photoshop CS6 (Version: 13.0) Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03) Advertising Center (Version: 0.0.0.1) ATI - Dienstprogramm zur Deinstallation der Software (Version: 6.14.10.1012) ATI Control Panel (Version: 6.14.10.5150) ATI Display Driver (Version: 8.13-050414a2-024375C) Avira Free Antivirus (Version: 12.1.9.1236) Bluetooth Stack for Windows by Toshiba (Version: v3.20.04) CD/DVD Drive Acoustic Silencer (Version: 1.00.008) Cinergy Hybrid Stick V1.00.08.06a (Version: 1.00.08.06a) CorelDRAW Graphics Suite X3 (Version: 13.0) DE (Version: 13.0) DolbyFiles (Version: 2.0) FontNav (Version: 5.0) Free YouTube to MP3 Converter version 3.12.0.128 (Version: 3.12.0.128) Google Chrome (Version: 27.0.1453.94) Hotfix für Windows XP (KB2633952) (Version: 1) Hotfix für Windows XP (KB2756822) (Version: 1) Hotfix für Windows XP (KB2779562) (Version: 1) HSPA USB MODEM ImagXpress (Version: 7.0.74.0) IrfanView (remove only) (Version: 4.35) J2SE Runtime Environment 5.0 Update 2 (Version: 1.5.0.20) Java 7 Update 21 (Version: 7.0.210) Java Auto Updater (Version: 2.1.9.5) Kestrel GX (Version: 1.0) L&H TTS3000 Deutsch Lexmark (Version: 1.0.0.0) Lexmark Pro700 Series Lexmark Symbolleiste (Version: 4.63.37.0) Lexmark Tools for Office (Version: 1.29.0.0) Lexware Info Service (Version: 2.80.00.0007) Lyrics Fan Macromedia Flash Player (Version: 7.0.19.0) Marvell Miniport Driver (Version: 11.45.3.3) Menu Templates - Starter Kit (Version: 9.0.4.0) Microsoft .NET Framework 1.1 (Version: 1.1.4322) Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322) Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB2742597) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729) Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU (Version: 2.2.30729) Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729) Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU (Version: 3.2.30729) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Corporation (Version: 9.0.30729.1) Microsoft IntelliPoint 8.2 (Version: 8.20.468.0) Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 Microsoft LifeCam (Version: 3.0.215.0) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000) Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (Version: 14.0.5130.5003) Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1) Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000) Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Software Update for Web Folders (German) 12 (Version: 12.0.6612.1000) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053) Microsoft_VC90_CRT_x86 (Version: 1.00.0000) Movie Templates - Starter Kit (Version: 9.0.4.0) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) MSXML 6.0 Parser (KB925673) (Version: 6.00.3888.0) MUSTEK 1200 CU v2.0a Nero 9 Nero BackItUp (Version: 4.0.0.0) Nero BackItUp 4 Nero BurningROM (Version: 9.0.0.0) Nero BurnRights (Version: 2.99.6.100) Nero ControlCenter (Version: 9.0.0.1) Nero CoverDesigner (Version: 4.0.3.100) Nero CoverDesigner Help (Version: 4.0.0.0) Nero Disc Copy Gadget (Version: 1.53.0.0) Nero Disc Copy Gadget Help (Version: 2.0.0.0) Nero DiscSpeed (Version: 4.99.5.105) Nero DriveSpeed (Version: 3.99.5.105) Nero Express (Version: 9.0.0.0) Nero InfoTool (Version: 5.99.5.105) Nero Installer (Version: 2.0.0.1) Nero Live (Version: 1.0.160.0) Nero Live Help (Version: 1.0.160.0) Nero PhotoSnap (Version: 1.53.2.0) Nero PhotoSnap Help (Version: 1.53.2.0) Nero Recode (Version: 3.53.0.0) Nero Recode Help (Version: 3.53.0.0) Nero Rescue Agent (Version: 1.99.0.1) Nero RescueAgent Help (Version: 1.99.0.1) Nero ShowTime (Version: 4.99.0.0) Nero StartSmart (Version: 9.0.6.100) Nero StartSmart Help (Version: 9.0.0.0) Nero Vision (Version: 6.0.0.100) Nero Vision (Version: 6.0.3.100) Nero WaveEditor (Version: 5.0.10.0) Nero WaveEditor Help (Version: 5.0.10.0) NeroBurningROM (Version: 9.0.6.100) NeroExpress (Version: 9.0.6.100) neroxml (Version: 1.0.0) PDF Architect (Version: 1.0.52.8917) PDF Settings CS6 (Version: 11.0) PDFCreator (Version: 1.6.2) PhotoScape Picasa 3 (Version: 3.9) PlayStation(R)Network Downloader (Version: 2.03.00126) PlayStation(R)Store (Version: 3.2.11.09227) QuickSteuer 2011 (Version: 17.00.00.0055) QuickSteuer 2012 COMPUTERBILD Edition (Version: 18.07.00.0008) QuickSteuer Deluxe 2010 (Version: 16.12.00.0002) QuickSteuer Wissens-Center 2012 (Version: 18.0.0.0) QuickTime (Version: 7.71.80.42) Samsung Kies (Version: 2.5.0.12104_15) Samsung PC Studio 3 USB Driver Installer (Version: 3.2.0.70701) SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0) SD Secure Module (Version: 1.0.2) Servicepack Datumsaktualisierung (Version: 1.00.00.0005) Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2360131) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2416400) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2497640) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2530548) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2559049) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2647516) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2675157) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2699988) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2722913) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2744842) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2761465) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2792100) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2797052) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2799329) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2809289) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2817183) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2829530) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB2847204) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB976325) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB978207) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (Version: 1) Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (Version: 1) Sicherheitsupdate für Windows XP (KB2584146) (Version: 1) Sicherheitsupdate für Windows XP (KB2585542) (Version: 1) Sicherheitsupdate für Windows XP (KB2598479) (Version: 1) Sicherheitsupdate für Windows XP (KB2603381) (Version: 1) Sicherheitsupdate für Windows XP (KB2618451) (Version: 1) Sicherheitsupdate für Windows XP (KB2619339) (Version: 1) Sicherheitsupdate für Windows XP (KB2620712) (Version: 1) Sicherheitsupdate für Windows XP (KB2621440) (Version: 1) Sicherheitsupdate für Windows XP (KB2624667) (Version: 1) Sicherheitsupdate für Windows XP (KB2631813) (Version: 1) Sicherheitsupdate für Windows XP (KB2633171) (Version: 1) Sicherheitsupdate für Windows XP (KB2639417) (Version: 1) Sicherheitsupdate für Windows XP (KB2641653) (Version: 1) Sicherheitsupdate für Windows XP (KB2646524) (Version: 1) Sicherheitsupdate für Windows XP (KB2647518) (Version: 1) Sicherheitsupdate für Windows XP (KB2653956) (Version: 1) Sicherheitsupdate für Windows XP (KB2655992) (Version: 1) Sicherheitsupdate für Windows XP (KB2659262) (Version: 1) Sicherheitsupdate für Windows XP (KB2660465) (Version: 1) Sicherheitsupdate für Windows XP (KB2661637) (Version: 1) Sicherheitsupdate für Windows XP (KB2676562) (Version: 1) Sicherheitsupdate für Windows XP (KB2685939) (Version: 1) Sicherheitsupdate für Windows XP (KB2686509) (Version: 1) Sicherheitsupdate für Windows XP (KB2691442) (Version: 1) Sicherheitsupdate für Windows XP (KB2695962) (Version: 1) Sicherheitsupdate für Windows XP (KB2698365) (Version: 1) Sicherheitsupdate für Windows XP (KB2705219) (Version: 1) Sicherheitsupdate für Windows XP (KB2707511) (Version: 1) Sicherheitsupdate für Windows XP (KB2709162) (Version: 1) Sicherheitsupdate für Windows XP (KB2712808) (Version: 1) Sicherheitsupdate für Windows XP (KB2718523) (Version: 1) Sicherheitsupdate für Windows XP (KB2719985) (Version: 1) Sicherheitsupdate für Windows XP (KB2723135) (Version: 1) Sicherheitsupdate für Windows XP (KB2724197) (Version: 1) Sicherheitsupdate für Windows XP (KB2727528) (Version: 1) Sicherheitsupdate für Windows XP (KB2731847) (Version: 1) Sicherheitsupdate für Windows XP (KB2753842) (Version: 1) Sicherheitsupdate für Windows XP (KB2753842-v2) (Version: 2) Sicherheitsupdate für Windows XP (KB2757638) (Version: 1) Sicherheitsupdate für Windows XP (KB2758857) (Version: 1) Sicherheitsupdate für Windows XP (KB2761226) (Version: 1) Sicherheitsupdate für Windows XP (KB2770660) (Version: 1) Sicherheitsupdate für Windows XP (KB2778344) (Version: 1) Sicherheitsupdate für Windows XP (KB2779030) (Version: 1) Sicherheitsupdate für Windows XP (KB2780091) (Version: 1) Sicherheitsupdate für Windows XP (KB2799494) (Version: 1) Sicherheitsupdate für Windows XP (KB2802968) (Version: 1) Sicherheitsupdate für Windows XP (KB2807986) (Version: 1) Sicherheitsupdate für Windows XP (KB2808735) (Version: 1) Sicherheitsupdate für Windows XP (KB2813170) (Version: 1) Sicherheitsupdate für Windows XP (KB2813345) (Version: 1) Sicherheitsupdate für Windows XP (KB2820197) (Version: 1) Sicherheitsupdate für Windows XP (KB2820917) (Version: 1) Sicherheitsupdate für Windows XP (KB2829361) (Version: 1) Skype Click to Call (Version: 6.3.11079) Skype™ 5.10 (Version: 5.10.116) SoundMAX (Version: 5.12.01.5240) SoundTrax (Version: 4.0.11.0) Synaptics Pointing Device Driver (Version: 7.12.4.0) System Requirements Lab for Intel (Version: 4.5.13.0) TerraTec Home Cinema (Version: 6.11.5) Texas Instruments PCIxx21/x515 drivers. (Version: 1.21.0000) TIxx21/x515 (Version: 1.21.0000) TOSHIBA Benutzerhandbücher (Version: 7.01) TOSHIBA ConfigFree (Version: 5.50.13) TOSHIBA Controls TOSHIBA Hotkey Utility (Version: 1.00.04K) TOSHIBA SD-Speicherkarten-Formatierung TOSHIBA Software Modem TOSHIBA TouchPad ON/Off Utility (Version: 1.00.09K) TOSHIBA Utilities (Version: 1.00.17K) TOSHIBA Virtual Sound TOSHIBA Zoom-Dienstprogramm Touch and Launch Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition Update für Windows Internet Explorer 8 (KB975364) (Version: 1) Update für Windows Internet Explorer 8 (KB976662) (Version: 1) Update für Windows Internet Explorer 8 (KB980182) (Version: 1) Update für Windows XP (KB2661254-v2) (Version: 2) Update für Windows XP (KB2718704) (Version: 1) Update für Windows XP (KB2736233) (Version: 1) Update für Windows XP (KB2749655) (Version: 1) Update Manager (Version: 4.60) VBA (Version: 6.2) Verbindungsassistent (Version: 2.1) WebFldrs XP (Version: 9.50.7523) Winamp (Version: 5.581 ) Winamp Erkennungs-Plug-in (Version: 1.0.0.1) Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0) Windows Internet Explorer 8 (Version: 20090308.140743) Windows Media Format 11 runtime Windows Media Player 11 Windows Presentation Foundation (Version: 3.0.6920.0) Windows-Treiberpaket - Intel (w29n51) net (12/19/2007 9.0.4.39) (Version: 12/19/2007 9.0.4.39) Windows-Treiberpaket - Intel hdc (10/05/2012 9.1.9.1002) (Version: 10/05/2012 9.1.9.1002) Windows-Treiberpaket - Intel System (10/05/2012 9.1.9.1002) (Version: 10/05/2012 9.1.9.1002) Windows-Treiberpaket - Intel USB (10/05/2012 9.1.9.1002) (Version: 10/05/2012 9.1.9.1002) Windows-Treiberpaket - Texas Instruments Inc (tifm21) MTD (05/25/2009 2.0.0.10) (Version: 05/25/2009 2.0.0.10) WinPcap 4.1.1 (Version: 4.1.0.1753) WinRAR XML Paper Specification Shared Components Pack 1.0 ==================== Restore Points ========================= 28-02-2013 19:29:43 Systemprüfpunkt 01-03-2013 21:53:51 Systemprüfpunkt 03-03-2013 12:13:18 Systemprüfpunkt 04-03-2013 19:00:52 Systemprüfpunkt 05-03-2013 19:54:40 Systemprüfpunkt 07-03-2013 10:41:16 Systemprüfpunkt 08-03-2013 15:25:59 Systemprüfpunkt 09-03-2013 15:40:44 Installed Windows XP -- Software Updates KB952011. 10-03-2013 15:58:31 Systemprüfpunkt 11-03-2013 12:24:20 RegClean Pro Mo, Mrz 11, 13 13:23 13-03-2013 12:35:08 Systemprüfpunkt 13-03-2013 22:15:23 Software Distribution Service 3.0 14-03-2013 08:56:47 Software Distribution Service 3.0 15-03-2013 11:16:49 Systemprüfpunkt 16-03-2013 16:07:32 Systemprüfpunkt 17-03-2013 19:10:01 Systemprüfpunkt 19-03-2013 09:12:46 Systemprüfpunkt 20-03-2013 10:47:20 Systemprüfpunkt 22-03-2013 18:19:50 Systemprüfpunkt 24-03-2013 19:56:26 Systemprüfpunkt 25-03-2013 22:59:48 Systemprüfpunkt 27-03-2013 21:23:57 Systemprüfpunkt 08-04-2013 19:59:05 Systemprüfpunkt 10-04-2013 07:07:16 Systemprüfpunkt 11-04-2013 01:01:02 Software Distribution Service 3.0 12-04-2013 06:48:48 Systemprüfpunkt 13-04-2013 10:07:28 Systemprüfpunkt 13-04-2013 19:27:15 Uniblue Powersuite installation 13-04-2013 19:45:01 PC Performer Sa, Apr 13, 13 21:44 13-04-2013 20:35:36 Konfiguriert SoundMAX 13-04-2013 20:46:03 Installed Windows XP Wdf01009. 15-04-2013 18:46:32 Removed Haufe iDesk-Browser. 15-04-2013 18:48:27 Haufe iDesk-Service wird entfernt 15-04-2013 19:42:19 Uniblue Powersuite installation 16-04-2013 21:13:25 Systemprüfpunkt 17-04-2013 23:25:03 Systemprüfpunkt 19-04-2013 04:16:46 Systemprüfpunkt 20-04-2013 19:55:21 Systemprüfpunkt 22-04-2013 10:31:02 Systemprüfpunkt 23-04-2013 14:18:20 Systemprüfpunkt 24-04-2013 17:56:01 Systemprüfpunkt 25-04-2013 21:18:50 Systemprüfpunkt 27-04-2013 15:07:28 Systemprüfpunkt 28-04-2013 16:56:18 Systemprüfpunkt 29-04-2013 17:48:00 Systemprüfpunkt 30-04-2013 20:22:12 Systemprüfpunkt 02-05-2013 06:34:35 Systemprüfpunkt 03-05-2013 20:13:51 Systemprüfpunkt 05-05-2013 12:02:19 Systemprüfpunkt 06-05-2013 14:25:12 Systemprüfpunkt 07-05-2013 18:42:36 Systemprüfpunkt 09-05-2013 18:15:27 Systemprüfpunkt 10-05-2013 18:59:38 Systemprüfpunkt 11-05-2013 20:27:04 Systemprüfpunkt 13-05-2013 01:46:24 Systemprüfpunkt 14-05-2013 04:27:28 Systemprüfpunkt 15-05-2013 18:43:26 Systemprüfpunkt 16-05-2013 18:49:34 Software Distribution Service 3.0 20-05-2013 19:04:42 Systemprüfpunkt 21-05-2013 20:13:00 Systemprüfpunkt 23-05-2013 06:48:22 Systemprüfpunkt 23-05-2013 21:49:15 Installed System Requirements Lab for Intel 23-05-2013 21:55:01 Removed Java 7 Update 9 25-05-2013 17:24:10 Systemprüfpunkt 26-05-2013 17:57:23 Systemprüfpunkt 26-05-2013 23:21:33 Software Distribution Service 3.0 27-05-2013 19:37:59 Uniblue SpeedUpMyPC installation 28-05-2013 01:00:37 Software Distribution Service 3.0 28-05-2013 07:16:42 Entfernt SMSC IrCC V5.1.3600.5 28-05-2013 07:17:56 Quitado VAFPlayer 29-05-2013 07:50:31 Software Distribution Service 3.0 30-05-2013 12:24:41 Software Distribution Service 3.0 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/30/2013 02:36:12 PM) (Source: Application Hang) (User: ) Description: Stillstehende Anwendung OUTLOOK.EXE, Version 12.0.6668.5000, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error: (05/30/2013 02:36:12 PM) (Source: Application Hang) (User: ) Description: Stillstehende Anwendung OUTLOOK.EXE, Version 12.0.6668.5000, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error: (05/30/2013 02:36:11 PM) (Source: Application Hang) (User: ) Description: Stillstehende Anwendung OUTLOOK.EXE, Version 12.0.6668.5000, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error: (05/29/2013 00:17:08 AM) (Source: Application Hang) (User: ) Description: Stillstehende Anwendung rundll32.exe, Version 5.1.2600.5512, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error: (05/28/2013 09:35:41 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT) Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL) Error: (05/28/2013 07:28:33 PM) (Source: Application Hang) (User: ) Description: Stillstehende Anwendung adwcleaner.exe, Version 2.3.0.1, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error: (05/27/2013 09:57:45 PM) (Source: Microsoft Office 12) (User: ) Description: Faulting application outlook.exe, version 12.0.6668.5000, stamp 508314b2, faulting module urlmon.dll, version 8.0.6001.23486, stamp 516dcdd1, debug? 0, fault address 0x000059e4. Error: (05/23/2013 11:56:10 PM) (Source: Application Error) (User: ) Description: Fehlgeschlagene Anwendung msiexec.exe, Version 4.5.6001.22159, fehlgeschlagenes Modul MSI2C7.tmp, Version 1.0.0.0, Fehleradresse 0x00015505. Das medienspezifische Ereignis für [msiexec.exe!ws!] wird verarbeitet. Error: (05/23/2013 11:48:31 PM) (Source: crypt32) (User: ) Description: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error: (05/23/2013 11:48:31 PM) (Source: crypt32) (User: ) Description: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . System errors: ============= Error: (05/30/2013 02:35:22 PM) (Source: DCOM) (User: CK) Description: Bei DCOM ist der Fehler "%%1058" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (05/30/2013 02:30:21 PM) (Source: DCOM) (User: CK) Description: Bei DCOM ist der Fehler "%%1058" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (05/30/2013 02:29:24 PM) (Source: DCOM) (User: CK) Description: Bei DCOM ist der Fehler "%%1058" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (05/30/2013 02:23:26 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Gatewaydienst auf Anwendungsebene" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (05/30/2013 02:23:26 PM) (Source: Service Control Manager) (User: ) Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Gatewaydienst auf Anwendungsebene. Error: (05/30/2013 02:20:03 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: %%2147500037 Error: (05/30/2013 02:20:03 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "lxeeCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (05/30/2013 02:20:02 PM) (Source: Service Control Manager) (User: ) Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst lxeeCATSCustConnectService. Error: (05/30/2013 02:18:20 PM) (Source: Dhcp) (User: ) Description: Die IP-Adresslease 192.168.1.6 für die Netzwerkkarte mit der Netzwerkadresse 00A0D1256548 wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet). Error: (05/30/2013 01:29:09 AM) (Source: DCOM) (User: CK) Description: Bei DCOM ist der Fehler "%%1058" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Microsoft Office Sessions: ========================= Error: (05/27/2013 09:57:22 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 38895 seconds with 1560 seconds of active time. This session ended with a crash. Error: (05/06/2013 10:35:11 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 50993 seconds with 840 seconds of active time. This session ended with a crash. Error: (03/09/2013 02:25:25 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/05/2013 10:23:48 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 37439 seconds with 900 seconds of active time. This session ended with a crash. Error: (01/25/2013 01:37:27 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 542 seconds with 420 seconds of active time. This session ended with a crash. Error: (01/24/2013 00:14:04 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 7459 seconds with 240 seconds of active time. This session ended with a crash. Error: (01/21/2013 09:34:04 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 34139 seconds with 600 seconds of active time. This session ended with a crash. Error: (01/17/2013 11:18:45 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2841 seconds with 360 seconds of active time. This session ended with a crash. Error: (01/10/2013 00:20:29 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 53745 seconds with 480 seconds of active time. This session ended with a crash. Error: (01/09/2013 00:10:54 AM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 38859 seconds with 300 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Percentage of memory in use: 80% Total physical RAM: 1023.42 MB Available physical RAM: 196.43 MB Total Pagefile: 2463.79 MB Available Pagefile: 1695.78 MB Total Virtual: 2047.88 MB Available Virtual: 1950.57 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:74.33 GB) (Free:22.81 GB) NTFS ==>[Drive with boot components (Windows XP)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 75 GB) (Disk ID: 4F6DE2FA) Partition 1: (Active) - (Size=74 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=204 MB) - (Type=88) ==================== End Of Log ============================ Das ging wenigstens schnell! ;-) LG Claudia |
fehlt noch ein log :) |
Ähem, du wolltest 2 haben und ich habe 2 geschickt. Was genau meinst du denn mit "(#-Symbol im Eingabefenster der Webseite anklicken)"? Welches logfile fehlt denn? LG, Claudia |
wenn du unten in der Antwortbox # drückst kommen Code-Boxen, dazwischen das Logfile stecken. Du hast Additional.txt gepostet, FRST.txt fehlt noch. |
Aaaaaah, jetzt seh ichs. Sorry, ich bin ein Mädchen... ;-) Okay, dann hier jetzt nochmal das fehlende Log: Code: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-05-2013 LG Claudia |
Alle Zeitangaben in WEZ +1. Es ist jetzt 17:18 Uhr. |
Copyright ©2000-2024, Trojaner-Board