Ebenfalls Trojaner drauf, ABER CD Laufwerk NICHT vorhanden!

Chris4You · 26.01.2012, 10:00

Hi,

alle Rechner mit MAM überprüfen lassen...
Mit Umleitungen meine ich, dassDu z. b. bei suchergebnissesn aus Google erstmal auf andere Seiten umgeleitet wirst...

chris

Schakatak · 26.01.2012, 18:19

Alle Rechner geprüft. Alles soweit ok.

Keine Umleitungen.

Was mir aber auffiel, ist, dass hin und wieder einfach Popup Fenster blitzartig aufgehen und sofort wieder zu und weg sind sie. Sie werden auch nicht als geöffnetes Fenster in der Taskleiste abgebildet. Macht das dieses MAM?

Gruß

PS: Vorher musste ich diese WErbe POP UPS immer von Hand schließen.

Lieben Gruß Michael

Schakatak · 26.01.2012, 18:39

Zitat:

Zitat von Schakatak

Anderes Problem: Die Internetverbindungen über unseren Router (4 Laptops angeschlossen über WLAN) bricht seit einiger zeit häufig ab oder die Geshwindigkeit lässt zu wünschen übrig.

Kann es ein Virus oder Trojaner sein?

Wie könnten wir das prüfen?
Lieben Gruß Michael

Wärst du so freundlich und gehst bitte noch auf dieses hoffentlich kleine Problem ein. Das wäre echt nett.

Michael

Chris4You · 26.01.2012, 21:00

Hi,

die Popups tauchen auf dem Rechner auf, der bereinigt wurde?

ESET Online Scanner ESET

Anmerkung für Vista-User: Bitte den Browser unbedingt als Administrator starten.
Button "ESET Online Scanner" drücken.
Firefox-User müssen ein zusätzliches Addon (esetsmartinstaller_enu.exe) installieren.
Das Firefox-Addon auf dem Desktop speichern und dann installieren.
IE-User müssen das Installieren eines ActiveX Elements erlauben.
Einen Haken bei "Remove found threads" und "Scan archives" machen.
Start drücken.
Der Scan beginnt automatisch.
Finish drücken.
Browser schließen.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt suchen und mit Deinem Editor öffnen.
Logfile hier posten.

Du hast alle Rechner mit MAM überprüft?

Router resettet hast du schon, oder?

Dann würde ich alle Rechner ausschalten und nacheinander einschalten und versuchen festzustellen, ob einer identifiziert werden kann, bei dem das netzwerk anfängt zu spinnen...

Falls das auf anhieb nicht klappt:
TCPView auf jedem Rechner installieren und den Verkehr überwachen:

TCPView
Anzeige der vom Rechner aufgebauten Internetverbindungen mit Status, Zieladresse etc.
Lege ein Verzeichnis an, entpacke die Dateien in das Verzeichnis und starte dann die
tcpview.exe. Copyright und Co abnicken.
Das Log kann unter "File", "Save as.." abgespeichert werden, in den Editor laden
abkopieren und hier posten.
Download: Download
Anleitung: Sysinternals

chris

Schakatak · 27.01.2012, 07:27

Hi

Erstmal zur Verdeutlichung. Diese kommenden POPUPS, die sofort verschwinden, hatte ich sonst nicht beachtet. Vielleicht waren sie auch schon vorher da . Ich weiß es nicht. Manche POPUPs erzeugen auch ein neues Firefoxfenster. Dort ist dann WErbung, so von wegen Pokern und so. Die schließe ich immer händisch.

Sie erscheinen auf MEINEM Rechner, der auch mit Malwarebytes (MAM) untersucht worden ist. Alles sauber. Der REchner von meiner Tochter (der Infizierte) läuft rund.

Ich hoffe, MAM ist dieses Malwarebyteprogramm!?!

Router wurde NICHT resettet. Soll ich das jetzt nochmal machen?

Schakatak · 27.01.2012, 07:28

Zitat:

Zitat von Chris4You

Hi,

Dann würde ich alle Rechner ausschalten und nacheinander einschalten und versuchen festzustellen, ob einer identifiziert werden kann, bei dem das netzwerk anfängt zu spinnen...

chris

Wie stelle ich das denn nu wieder fest? *grins*

Chris4You · 27.01.2012, 14:02

Hi,

okay, TDSS-Killer auf Deinem Rechner ausführen und ein OTL-Log von dem Rechner posten...

Lasse Deinen Rechner mal aus dem Netzwerk und beobachte, ob es zu Zusammenbrüchen oder Performanceeinbußen kommt...

Resette den Router vorher...

Chris

Schakatak · 27.01.2012, 14:37

Hi Chris. Jetzt wirst du mir zu schnell.

Hinweis:Zusammenbrüche oder Performanceprobleme hatte ich offline nicht. Meine Performanceprobleme sind wohl normal, wenn man bedenkt, dass 4 Laptops gleichzeitig über WLAN ins Netz gehen, das leuchtet mir ein, aber es darf doch nicht zu Verbindungsabbrüchen kommen. Es geht zwar kurz danach weiter, aber diese Abbrüche nerven. ES MUSS NICHT ZWANGSLÄUFIG EIN VIRUS ODER TROJANER SEIN.

Vor deinem letzten Post hast du was von

ESET online Test

und

TCP View

geschrieben. Soll ich erst noch die Tipps oder sofort TDSS Killer und OTL ausführen?

Ich möchte nicht in der Reihenfolge durcheinander kommen.

Der jetzige Stand ist folgender:

ESET online Test und TCP View habe ich noch nicht gemacht.

So, was soll ich als nächstes durchführen?

Schakatak · 27.01.2012, 18:00

OTL

Code:

ATTFilter

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\bPk0yiZRB98vWmQ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\bPk0yiZRB98vWmQ not found.
File C:\Users\Alina\AppData\Roaming\csrss.exe not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Laptop Papa
->Temp folder emptied: 3312966 bytes
->Temporary Internet Files folder emptied: 1914917 bytes
->Java cache emptied: 28168637 bytes
->FireFox cache emptied: 53402012 bytes
->Flash cache emptied: 56983 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 563821 bytes
RecycleBin emptied: 7681 bytes
 
Total Files Cleaned = 83.00 mb
 

 
OTL by OldTimer - Version 3.2.31.0 log created on 01272012_175540

Files\Folders moved on Reboot...
File\Folder C:\windows\temp\TMP00000025C8FC4E5D417226E4 not found!

Registry entries deleted on Reboot...

TDSS Killer hat 0 founds.

Was ist jetzt zu tun?

Ich habe noch nichts aus Antwort 19 gemacht. Ist es jetzt nötig?

Chris4You · 28.01.2012, 19:57

Hi,

auf dem Rechner mit den PopUps Eset durchführen (Post 19).
Mit welchem Browser arbeitest Du auf diesem Rechner (IE, FireFox, ???).

Mit Abbrüchen meinst Du das einfrieren der Verbindung (kurzzeitig geht die Übertragungsrate auf 0 oder komplett weg und z. B. download neu anschmeißen?

chris

Schakatak · 29.01.2012, 10:33

Ok ESET führe ich durch.

Icha rbeite mit Firefox.

Mit Abbrüchen meine ich folgendes:

Ich bin z.B. im Internet unterwegs. Meine Frau und meine beiden Kinder auch.

Unten in der Taskleiste im ganz rechtsseitigen Bereich befindet sich die "Verbindungstreppe" unseres Routers (DLink). Diese zeigt an, OB eine Verbindung besteht oder nicht.

Es kommt hin und wieder vor, dass die Treppe "keine Verbindung" meldet. Ohne etwas zu tun, wird die Verbindung meistens wieder hergestellt.

Und wenn wir alle "Drin" sind, ist die Geschwindigkeit langsam, was für mich auf Grund der Nutzer verständlich ist. Aber ich kann mir die kurzzeitigen Abbrüche nicht erklären.

Alle Rechner frieren in diesem Zustand NICHT ein. Jeder kann dann normal weiterarbeiten, aber eben nicht im Internet. Auch die Performance MEINES Rechners bei einer solchen Ungterbrechtung der Verbindung leidet NICHT.

ESET füre ich JETZT durch und ich melde mich dann.

Vielen Dank Chris

Schakatak · 29.01.2012, 14:40

0 found: Hier der Log

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=b049e41478e37a42bd55ed1812981294
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-01-29 12:58:15
# local_time=2012-01-29 01:58:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 9235511 9235511 0 0
# compatibility_mode=5893 16776573 100 94 151213 79461731 0 0
# compatibility_mode=8192 67108863 100 0 3769 3769 0 0
# scanned=194708
# found=0
# cleaned=0
# scan_time=11354

Ich denke, wir wären durch. Oder hast du noch einen Vorschlag?

Gruß Michael

Chris4You · 30.01.2012, 12:28

Hi,

du kannst probieren ob die Popups verschwinden, wenn Du NoScript und WOT als Pluigins bei Firefox verwendest...

Ansonsten wäre wir durch...

Wenn Du Zeit hast poste nochmal ein OTL-Log von Deinem Rechner (du hattest damals den Fix laufen lassen... ;o)...

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe

Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen

Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output

Unter Extra Registry, wähle bitte Use SafeList

Klicke nun auf Run Scan links oben

Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)

Poste die Logfiles hier in den Thread

chris

Schakatak · 30.01.2012, 14:02

Hi Chris

Ich bin Dank dir ja FAST Profi. Aber jetzt überforderst du mich doch ein wenig. Wie meinst du,,,,, Pulinns noscript oder WOT verwendest....

Danach googlen und dann als Plugin einbinden?

Code:

ATTFilter

OTL logfile created on: 1/30/2012 2:11:41 PM - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Laptop Papa\Downloads\Trojaner
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.97 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 54.87% Memory free
5.93 Gb Paging File | 4.61 Gb Available in Paging File | 77.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.72 Gb Total Space | 91.98 Gb Free Space | 61.85% Space Free | Partition Type: NTFS
Drive D: | 301.95 Gb Total Space | 159.62 Gb Free Space | 52.86% Space Free | Partition Type: NTFS
Drive E: | 3.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: LAPTOPPAPA-PC | User Name: Laptop Papa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Laptop Papa\Downloads\Trojaner\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Program Files\Synology Data Replicator  3\SynoDrService.exe ()
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe ()
PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Iris.Mapi.MessageSt#\a3f149cc41f01ea355bfd6002a0d0b81\Iris.Mapi.MessageStore.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\BusinessLayer\bc9c845ea9353021378308e1c755c02b\BusinessLayer.ni.dll ()
MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.BusinessS#\2615f3b70244116a41336d06746c89b4\Microsoft.BusinessSolutions.eCRM.DataSync.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.In#\7a938c74567a4d911908009c35358777\Microsoft.Office.Interop.Outlook.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\1b4ee5f72049eb671c422b5c83896117\Microsoft.Interop.Mapi.Impl.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\bad645e10037a53cb4a78932b6f39005\Microsoft.Interop.Mapi.PropTags.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\BCMRes\73c29ccf6a763156229de9d6c0aeef31\BCMRes.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\office\1afafeb102463e853246f2297e679944\office.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\BCMCommon\df78f68a3d201582605031b26d39b5b8\BCMCommon.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Interop.M#\0ab3f1e3838ae7cecbc5258398a4d296\Microsoft.Interop.Mapi.Interfaces.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf ()
MOD - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ()
MOD - C:\Program Files\Adobe\Reader 9.0\Reader\viewerps.dll ()
MOD - C:\windows\assembly\GAC_32\Microsoft.BusinessSolutions.eCRM.OutlookAddIn\3.0.0.0__31bf3856ad364e35\Microsoft.BusinessSolutions.eCRM.OutlookAddIn.dll ()
MOD - C:\windows\assembly\GAC_32\BCMCommon\3.0.0.0__31bf3856ad364e35\BCMCommon.dll ()
MOD - C:\windows\assembly\GAC_32\Microsoft.Interop.Mapi.Impl\3.0.0.0__31bf3856ad364e35\Microsoft.Interop.Mapi.Impl.dll ()
MOD - C:\Program Files\Microsoft Small Business\Business Contact Manager\de-DE\BCMRes.resources.dll ()
MOD - C:\Program Files\Microsoft Small Business\Business Contact Manager\de-DE\Microsoft.Interop.Mapi.Interfaces.resources.dll ()
MOD - C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll ()
MOD - C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe ()
MOD - C:\Program Files\Visagesoft\eXPert PDF\vspdfdialogs100.bpl ()
MOD - C:\Program Files\Visagesoft\eXPert PDF\expertpdf4core.bpl ()
MOD - C:\Program Files\Visagesoft\eXPert PDF\vspdfcore100.bpl ()
MOD - C:\Program Files\Visagesoft\eXPert PDF\vsvector100.bpl ()
MOD - C:\Program Files\Visagesoft\eXPert PDF\vspdfeditor100.bpl ()
MOD - C:\Program Files\Visagesoft\eXPert PDF\TMSlite100.bpl ()
MOD - C:\Program Files\Visagesoft\eXPert PDF\te100.bpl ()
MOD - C:\Program Files\Visagesoft\eXPert PDF\VirtualTree100.bpl ()
MOD - C:\Program Files\Visagesoft\eXPert PDF\uoolep100.bpl ()
MOD - C:\Program Files\Visagesoft\eXPert PDF\VSDesktop100.bpl ()
MOD - C:\Program Files\Visagesoft\eXPert PDF\visage100.bpl ()
MOD - C:\Program Files\Visagesoft\eXPert PDF\vsmisc100.bpl ()
MOD - C:\Program Files\Visagesoft\eXPert PDF\PKIECtrl100.bpl ()
MOD - C:\Program Files\Visagesoft\eXPert PDF\sqlite.dll ()
MOD - C:\Program Files\WinRAR\rarext.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (SynoDrService) -- C:\Program Files\Synology Data Replicator  3\SynoDrService.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (OberonGameConsoleService) -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe ()
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ACEDRV09) -- C:\Windows\System32\drivers\ACEDRV09.sys (Protect Software GmbH)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (LUsbFilt) -- C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (acedrv10) -- C:\Windows\System32\drivers\ACEDRV10.sys (Protect Software GmbH)
DRV - (acehlp10) -- C:\Windows\System32\drivers\acehlp10.sys (Protect Software GmbH)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2012/01/15 11:25:03 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Program Files\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/02 09:16:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/13 18:52:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/22 09:59:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/02 09:16:40 | 000,000,000 | ---D | M]
 
[2009/12/21 19:49:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop Papa\AppData\Roaming\mozilla\Extensions
[2011/12/24 13:03:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop Papa\AppData\Roaming\mozilla\Firefox\Profiles\x5gcfm2n.default\extensions
[2011/11/23 18:45:38 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Laptop Papa\AppData\Roaming\mozilla\Firefox\Profiles\x5gcfm2n.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011/12/24 13:03:57 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Laptop Papa\AppData\Roaming\mozilla\Firefox\Profiles\x5gcfm2n.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/11/21 09:28:51 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Laptop Papa\AppData\Roaming\mozilla\Firefox\Profiles\x5gcfm2n.default\extensions\DeviceDetection@logitech.com
[2012/01/14 15:12:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
() (No name found) -- C:\USERS\LAPTOP PAPA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X5GCFM2N.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2012/01/13 18:52:59 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/02/22 16:24:06 | 000,095,832 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPPDLicenseHelper.dll
[2012/01/13 18:52:57 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/01/13 18:52:57 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/13 18:52:57 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/01/13 18:52:57 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/01/13 18:52:57 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/01/13 18:52:57 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe ()
O4 - Startup: C:\Users\Laptop Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Laptop Papa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Preispiraten 2.1.2 - {86DE8B3B-1EB7-4386-84BD-EBE94348A913} - C:\Program Files\Preispiraten\Preispiraten2\preispiraten2ie.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1DFAB547-85C8-41E6-90AD-5DB35FFA349F}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/09/22 16:23:16 | 001,196,032 | R--- | M] () - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006/09/22 16:23:07 | 000,000,108 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{a4b19c11-95c2-11e0-8bac-0a607657dfcb}\Shell - "" = AutoRun
O33 - MountPoints2\{a4b19c11-95c2-11e0-8bac-0a607657dfcb}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{c4b4d030-b540-11de-b49f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c4b4d030-b540-11de-b49f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2006/09/22 16:23:16 | 001,196,032 | R--- | M] ()
O33 - MountPoints2\{c4b4d030-b540-11de-b49f-806e6f6e6963}\Shell\install\command - "" = E:\autorun.exe -- [2006/09/22 16:23:16 | 001,196,032 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/01/30 13:24:06 | 000,000,000 | ---D | C] -- C:\Users\Laptop Papa\Desktop\Forum
[2012/01/29 15:37:31 | 000,000,000 | R--D | C] -- C:\Users\Laptop Papa\Documents\Scanned Documents
[2012/01/29 15:37:31 | 000,000,000 | ---D | C] -- C:\Users\Laptop Papa\Documents\Fax
[2012/01/29 10:46:11 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/01/27 17:55:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/26 18:13:20 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webio.dll
[2012/01/26 18:13:20 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sspisrv.dll
[2012/01/24 10:46:13 | 000,000,000 | ---D | C] -- C:\Users\Laptop Papa\AppData\Roaming\Malwarebytes
[2012/01/24 10:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/24 10:46:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/01/24 10:46:05 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012/01/24 10:46:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/18 11:11:09 | 000,000,000 | ---D | C] -- C:\Users\Laptop Papa\AppData\Roaming\BBBS_ActivityCalendar
[2012/01/15 11:28:26 | 000,000,000 | ---D | C] -- C:\Users\Laptop Papa\AppData\Local\assembly
[2012/01/15 11:24:36 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual Earth 3D
[2012/01/11 11:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2012/01/11 09:43:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\packager.dll
[2012/01/11 09:43:46 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\quartz.dll
[2012/01/11 09:43:45 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qdvd.dll
[2012/01/01 11:19:31 | 000,000,000 | ---D | C] -- C:\Users\Laptop Papa\AppData\Roaming\CalculatedFieldsPlugin
[2011/12/31 16:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zone Five Software
 
========== Files - Modified Within 30 Days ==========
 
[2012/01/30 13:37:00 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/30 12:58:50 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/01/30 10:23:36 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/29 15:41:01 | 000,081,006 | ---- | M] () -- C:\Users\Laptop Papa\Documents\http___web.bbs-winsen.de_index.php_eID=tx_nawsecuredl&u=0&file=fileadmin_user_upload_Bildungsangebote_Schulformen_BFS_2Jahr_Form_Anmeld_2j_BFS_berufqu.pdf
[2012/01/29 14:38:00 | 000,001,022 | ---- | M] () -- C:\windows\tasks\Google Software Updater.job
[2012/01/28 09:20:37 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/28 09:20:37 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/28 09:12:13 | 2388,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/26 18:35:44 | 000,714,880 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2012/01/26 18:35:44 | 000,665,854 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/01/26 18:35:44 | 000,154,776 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2012/01/26 18:35:44 | 000,124,988 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/01/26 18:32:13 | 000,002,076 | ---- | M] () -- C:\Users\Laptop Papa\Desktop\WebUpdater.lnk
[2012/01/24 10:46:07 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/01/18 12:27:18 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\0000055F.LCS
[2012/01/11 11:12:53 | 000,001,946 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2012/01/01 21:56:10 | 000,000,298 | ---- | M] () -- C:\windows\tasks\Synology Data Replicator 3-LaptopPapa-PC-Laptop Papa.job
[2011/12/31 16:22:22 | 000,002,126 | ---- | M] () -- C:\Users\Laptop Papa\Desktop\SportTracks 3.1.lnk
 
========== Files Created - No Company Name ==========
 
[2012/01/29 20:03:13 | 000,859,619 | ---- | C] () -- C:\Users\Laptop Papa\Desktop\Scannen0015.jpg
[2012/01/29 15:40:01 | 000,081,006 | ---- | C] () -- C:\Users\Laptop Papa\Documents\http___web.bbs-winsen.de_index.php_eID=tx_nawsecuredl&u=0&file=fileadmin_user_upload_Bildungsangebote_Schulformen_BFS_2Jahr_Form_Anmeld_2j_BFS_berufqu.pdf
[2012/01/26 18:32:13 | 000,002,076 | ---- | C] () -- C:\Users\Laptop Papa\Desktop\WebUpdater.lnk
[2012/01/24 10:46:07 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/01/15 11:25:04 | 000,001,992 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Maps 3D.lnk
[2011/12/31 16:22:22 | 000,002,126 | ---- | C] () -- C:\Users\Laptop Papa\Desktop\SportTracks 3.1.lnk
[2011/04/20 16:45:09 | 000,446,464 | ---- | C] () -- C:\windows\System32\Tx32.dll
[2011/04/20 16:45:09 | 000,016,070 | ---- | C] () -- C:\windows\German2.ini
[2011/04/20 16:45:09 | 000,000,151 | ---- | C] () -- C:\windows\System32\ic32.ini
[2010/12/27 20:09:23 | 000,002,560 | ---- | C] () -- C:\windows\_MSRSTRT.EXE
[2010/12/27 19:54:37 | 000,003,584 | ---- | C] () -- C:\Users\Laptop Papa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/16 08:54:48 | 000,008,746 | -HS- | C] () -- C:\Users\Laptop Papa\AppData\Local\opRSK
[2010/11/03 15:09:12 | 000,120,200 | ---- | C] () -- C:\windows\System32\DLLDEV32i.dll
[2010/11/03 15:08:54 | 000,007,119 | ---- | C] () -- C:\windows\mgxoschk.ini
[2010/08/17 16:09:29 | 000,000,072 | ---- | C] () -- C:\windows\EurekaLog.ini
[2010/06/24 13:24:42 | 000,159,744 | ---- | C] () -- C:\windows\System32\GBGraphics.dll
[2010/05/08 10:56:10 | 000,000,162 | ---- | C] () -- C:\Users\Laptop Papa\AppData\Roaming\.ptbt1
[2010/03/09 19:31:27 | 001,868,868 | ---- | C] () -- C:\windows\System32\RSA32_16.DLL
[2010/03/02 09:16:17 | 000,023,689 | ---- | C] () -- C:\windows\hpqins15.dat
[2010/01/26 10:55:37 | 000,014,336 | ---- | C] () -- C:\windows\System32\vsmon1.dll
[2010/01/16 18:15:04 | 000,073,728 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2010/01/10 10:22:47 | 000,320,000 | ---- | C] () -- C:\windows\System32\roboex32.dll
[2010/01/10 10:22:36 | 000,000,712 | RH-- | C] () -- C:\windows\System32\ttri.dat
[2010/01/02 17:04:10 | 000,015,873 | ---- | C] () -- C:\windows\System32\Inetde.dll
[2009/12/23 12:30:13 | 000,281,760 | ---- | C] () -- C:\windows\System32\drivers\atksgt.sys
[2009/12/23 12:30:04 | 000,025,888 | ---- | C] () -- C:\windows\System32\drivers\lirsgt.sys
[2009/12/22 10:23:35 | 000,226,514 | ---- | C] () -- C:\windows\hpoins18.dat
[2009/12/22 10:23:35 | 000,005,355 | ---- | C] () -- C:\windows\hpomdl18.dat
[2009/12/08 20:56:24 | 000,000,002 | ---- | C] () -- C:\windows\HotFixList.ini
[2009/12/08 20:40:56 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/09/22 23:05:23 | 000,714,880 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2009/09/22 23:05:23 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2009/09/22 23:05:23 | 000,154,776 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2009/09/22 23:05:23 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2009/09/22 06:45:54 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 05:33:53 | 001,790,112 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,665,854 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,124,988 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/07/13 23:09:19 | 000,982,196 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2009/07/13 23:09:19 | 000,417,344 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2009/07/13 23:09:19 | 000,139,824 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/07/13 23:09:19 | 000,097,448 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2008/07/09 17:23:54 | 000,024,376 | ---- | C] () -- C:\windows\System32\TALDM32A.dll
[2008/07/09 17:23:52 | 000,052,536 | ---- | C] () -- C:\windows\System32\TAL12832.DLL
[2008/07/09 17:23:52 | 000,022,832 | ---- | C] () -- C:\windows\System32\TALDM32.DLL
[2008/07/09 17:23:10 | 000,042,296 | ---- | C] () -- C:\windows\System32\SBSPAINT.DLL
[2008/07/09 17:23:08 | 000,255,288 | ---- | C] () -- C:\windows\System32\SBSPAIN3.DLL
[2008/07/09 17:23:06 | 000,050,488 | ---- | C] () -- C:\windows\System32\SBSPAIN2.DLL
[2008/07/09 17:22:28 | 000,075,576 | ---- | C] () -- C:\windows\System32\ENCODE32.DLL
[2008/01/15 03:31:00 | 000,000,530 | ---- | C] () -- C:\windows\System32\tx14_ic.ini
[2001/04/01 07:00:00 | 000,013,778 | ---- | C] () -- C:\windows\System32\SELF32.INI

< End of report >

Code:

ATTFilter

OTL Extras logfile created on: 1/30/2012 2:11:41 PM - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Laptop Papa\Downloads\Trojaner
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.97 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 54.87% Memory free
5.93 Gb Paging File | 4.61 Gb Available in Paging File | 77.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.72 Gb Total Space | 91.98 Gb Free Space | 61.85% Space Free | Partition Type: NTFS
Drive D: | 301.95 Gb Total Space | 159.62 Gb Free Space | 52.86% Space Free | Partition Type: NTFS
Drive E: | 3.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: LAPTOPPAPA-PC | User Name: Laptop Papa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [edit] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{13BD3885-C7E7-421A-82F1-A0A868579730}" = Preispiraten 2.1.2
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}" = AnyPC Client
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 29
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D
"{2DFAC810-6DD8-4E23-96A4-BEB118408203}" = Mask Pro 4.1
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{4037A2B9-A976-4538-8B08-A0D95B637F35}" = C5100
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}" = Samsung Support Center
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5943B7F7-678B-477E-9AEE-6E4C6962322B}" = Sparwelt.de Gutschein Alarm
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}" = Logitech Harmony Remote Software
"{63eafc52-b963-4297-a7eb-d412944e7065}_is1" = Game Pack
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D2D289F-007D-419C-871C-B8555B1ACB0B}" = Garmin BaseCamp Beta
"{6D80B6D8-C7FC-C635-B3D2-1DFE9BEE890D}" = TiltShiftGenerator: artandmobile.com
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{74E69F8A-BCBB-4A0A-9361-32225755D8C3}" = Garmin BaseCamp
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115246907}" = Elf Bowling Hawaiian Vacation
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E310838-457C-4269-B177-3EFB300CBDDC}" = Synology Data Replicator  3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8ED02445-D491-414C-A56D-2ED6BBB7239A}" = Garmin Communicator Plugin
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9036076A-1473-48A2-AB08-6C765754DCF1}" = SportTracks 3.1
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A5436728-2DFD-4221-B4D7-F49F740134C9}" = c5100_Help
"{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}" = eXPert PDF 4
"{A7581D39-EA20-4883-A480-80C21047052B}" = Easy Network Manager
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}" = Mobipocket Creator 4.2
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA2F05A3-080A-4371-AAC1-F15404605982}" = Microsoft Camera Codec Pack
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCB71FF8-DE82-469C-8641-44378F4443EB}" = Garmin WebUpdater
"{CE7CB214-DB11-4B5D-A6AF-3B4ED47C68B7}" = Microsoft Game Studios Common Redistributables Pack 1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3A80508-CD83-4CA3-8671-914A1BC78B61}" = Microsoft Sync Framework 2.0 Provider Services (x86) ENU 
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1" = FotoSketcher 1.95
"{EA1641E2-B005-4E24-96A3-43866A4C6935}_is1" = 1click Fotorahmen
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF63121D-91C6-42CC-B341-F1AA729728E7}" = Microsoft Sync Framework 2.0 Core Components (x86) ENU 
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"aio-dach" = aio-dach
"Aleo 3D Flash Slideshow Creator_is1" = Aleo 3D Flash Slideshow Creator 1.8
"Artensoft Photo Mosaic Wizard_is1" = Artensoft Photo Mosaic Wizard
"Ashampoo Photo Optimizer 2_is1" = Ashampoo Photo Optimizer 2.01
"Avira AntiVir Desktop" = Avira Free Antivirus
"Biet-O-Matic v2.1.00" = Biet-O-Matic v2.1.00
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"CSCLIB" = Canon Camera Support Core Library
"DPP" = Canon Utilities Digital Photo Professional 3.9
"ElsterFormular  ***unknown variable buildnummer***" = ElsterFormular 
"EOS Utility" = Canon Utilities EOS Utility
"Equipment Plugin V3_is1" = Equipment Plugin V3
"ESET Online Scanner" = ESET Online Scanner v3
"FastStone Image Viewer" = FastStone Image Viewer 4.3
"FileZilla Client" = FileZilla Client 3.5.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.14.1206
"Freelancer 1.0" = Freelancer
"Freizeitkarte_Deutschland" = Freizeitkarte_Deutschland (Ausgabe 12.01)
"Google Updater" = Google Updater
"GPS2PowerTrack Plugin_is1" = GPS2PowerTrack Plugin
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"LANGMaster eduExplorer" = LANGMaster eduExplorer
"MAGIX Xtreme Druck Center D" = MAGIX Xtreme Druck Center 5.0.0.7399 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"Neat Image_is1" = Neat Image v5.0 Pro+
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Passbild-Generator_is1" = Bewerbungsfoto-/Passbild-Generator v3.3c
"PhotomatixPro4.0x32_is1" = Photomatix Pro version 4.0.2
"PhotoResampling_is1" = PhotoResampling 9.2
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"Portrait Professional Studio 8_is1" = Portrait Professional Studio 8.1
"Protect Disc License Helper" = Protect Disc License Helper 1.0.118
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"sd7e60d6fb575dea21c09236409da77e26_is1" = Secure Diary 2.1
"ShiftN_is1" = ShiftN 2.7.1
"Shop for HP Supplies" = Shop for HP Supplies
"Synology Assistant" = Synology Assistant (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TiltShift.E66C440A17F1D70FFD66FDB4568328647297CFDC.1" = TiltShiftGenerator: artandmobile.com
"tintii" = indii.org/tintii
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"virtualPhotographer_is1" = virtualPhotographer 1.5.6
"VLC media player" = VLC media player 1.0.2
"Weather Plugin V3_is1" = Weather Plugin V3
"web2date" = DATA BECKER shop to date 5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"Wondershare Photo Collage Studio_is1" = Wondershare Photo Collage Studio 4.2.9.2
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 1/28/2012 4:17:36 AM | Computer Name = LaptopPapa-PC | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 1/28/2012 4:17:36 AM | Computer Name = LaptopPapa-PC | Source = MsiInstaller | ID = 1024
Description = 
 
Error - 1/28/2012 4:47:50 AM | Computer Name = LaptopPapa-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: CALMAIN.exe, Version: 8.1.0.14, Zeitstempel:
 0x433d11f9  Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7600.16385, Zeitstempel:
 0x4a5bda6f  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00009966  ID des fehlerhaften Prozesses:
 0xdf8  Startzeit der fehlerhaften Anwendung: 0x01ccdd94a1d990e3  Pfad der fehlerhaften
 Anwendung: C:\Program Files\Canon\CAL\CALMAIN.exe  Pfad des fehlerhaften Moduls: 
C:\windows\system32\msvcrt.dll  Berichtskennung: c1d9c8f4-498c-11e1-a4c7-0a607657dfcb
 
Error - 1/29/2012 5:21:22 AM | Computer Name = LaptopPapa-PC | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 1/29/2012 5:21:22 AM | Computer Name = LaptopPapa-PC | Source = MsiInstaller | ID = 1024
Description = 
 
Error - 1/29/2012 9:17:47 AM | Computer Name = LaptopPapa-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\Samsung
 Support Center\Drv\drv2x64\KStartMem.exe.Manifest".  Die abhängige Assemblierung 
"Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 1/29/2012 9:18:29 AM | Computer Name = LaptopPapa-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 1/29/2012 2:00:03 PM | Computer Name = LaptopPapa-PC | Source = Windows Backup | ID = 4103
Description = 
 
Error - 1/30/2012 5:12:54 AM | Computer Name = LaptopPapa-PC | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 1/30/2012 5:12:54 AM | Computer Name = LaptopPapa-PC | Source = MsiInstaller | ID = 1024
Description = 
 
[ System Events ]
Error - 1/26/2012 5:04:07 PM | Computer Name = LaptopPapa-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Office PowerPoint
 2007 (KB2596764)
 
Error - 1/27/2012 12:55:40 PM | Computer Name = LaptopPapa-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 1/27/2012 1:10:02 PM | Computer Name = LaptopPapa-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 1/27/2012 1:13:37 PM | Computer Name = LaptopPapa-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Update" wurde mit folgendem Fehler beendet:   %%-2147467243
 
Error - 1/28/2012 4:17:46 AM | Computer Name = LaptopPapa-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Office PowerPoint
 2007 (KB2596764)
 
Error - 1/28/2012 4:47:51 AM | Computer Name = LaptopPapa-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Canon Camera Access Library 8" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 1/29/2012 5:20:54 AM | Computer Name = LaptopPapa-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst Wlansvc erreicht.
 
Error - 1/29/2012 5:21:04 AM | Computer Name = LaptopPapa-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{1DFAB547-85C8-41E6-90AD-5DB35FFA349F} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 1/29/2012 5:21:42 AM | Computer Name = LaptopPapa-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Office PowerPoint
 2007 (KB2596764)
 
Error - 1/30/2012 5:13:26 AM | Computer Name = LaptopPapa-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Office PowerPoint
 2007 (KB2596764)
 
 
< End of report >

Chris4You · 30.01.2012, 17:04

Hi,

die Logs schaue ich mir heute Abend an...
WebOfTrust, NoScript.
Bei NoScript werden einige Seiten nicht mehr richtig angezeigt werden (weil sie z. B. JavaScript verwenden und nicht auf der positivliste stehen), die dann über das Menü von NoScript zulassen (temporär oder für immer wenn Du Dir sicher bist, dass die Seite OK ist)... aber das wirst Du sehen...

chris

Ebenfalls Trojaner drauf, ABER CD Laufwerk NICHT vorhanden!

Plagegeister aller Art und deren Bekämpfung: Ebenfalls Trojaner drauf, ABER CD Laufwerk NICHT vorhanden!