| |
| |||||||
Log-Analyse und Auswertung: Firefox bereitet Probleme, Malware vermutetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
14.06.2012, 22:27
| #1 |
  |  Firefox bereitet Probleme, Malware vermutet Windows 7, SP1 , Prof, 64 bit, Updates aktuell Firefox ESR 10.0.5 , aktuell Ich habe Probleme mit dem Firefox, er friert bei manchen Anwendungen ein und beim abschalten erscheint der Absturzmelder. Im Forum Camp-Firefox hat man jetzt auch einen Malware-Verdacht geäußert, deshalb möchte ich euch hier mal um Rat fragen. Beim Defogger habe ich nur folgendes Log bekommen, aber da stimmt wohl was nicht, oder?? Wollte ohne Nachfrage nicht noch mal aufrufen. Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 23:09 on 14/06/2012 (Uwe)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter OTL logfile created on: 14.06.2012 23:10:43 - Run 1 OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Uwe\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 56,43% Memory free 7,99 Gb Paging File | 6,00 Gb Available in Paging File | 75,04% Paging File free Paging file location(s): h:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 119,24 Gb Total Space | 76,91 Gb Free Space | 64,50% Space Free | Partition Type: NTFS Drive D: | 100,00 Mb Total Space | 70,29 Mb Free Space | 70,29% Space Free | Partition Type: NTFS Drive E: | 465,66 Gb Total Space | 461,56 Gb Free Space | 99,12% Space Free | Partition Type: NTFS Drive G: | 111,76 Gb Total Space | 23,54 Gb Free Space | 21,06% Space Free | Partition Type: FAT32 Drive H: | 465,76 Gb Total Space | 412,41 Gb Free Space | 88,55% Space Free | Partition Type: NTFS Drive I: | 463,87 Gb Total Space | 357,96 Gb Free Space | 77,17% Space Free | Partition Type: NTFS Drive J: | 463,87 Gb Total Space | 443,80 Gb Free Space | 95,67% Space Free | Partition Type: NTFS Drive K: | 463,87 Gb Total Space | 463,77 Gb Free Space | 99,98% Space Free | Partition Type: NTFS Drive L: | 471,41 Gb Total Space | 206,13 Gb Free Space | 43,73% Space Free | Partition Type: NTFS Drive N: | 7,39 Gb Total Space | 7,34 Gb Free Space | 99,38% Space Free | Partition Type: FAT32 Computer Name: UWESEIN-PC | User Name: Uwe | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.14 23:04:26 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Uwe\Desktop\OTL.exe PRC - [2012.06.14 23:02:36 | 000,050,477 | ---- | M] () -- C:\Users\Uwe\Desktop\Defogger.exe PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.02.23 12:40:40 | 002,886,528 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2011.12.23 18:26:44 | 000,347,792 | ---- | M] (Expert System S.p.A.) -- C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe PRC - [2011.11.25 17:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2011.10.14 08:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe PRC - [2011.10.14 08:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe PRC - [2011.10.14 08:01:46 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe PRC - [2011.07.01 11:27:00 | 010,200,240 | ---- | M] (Bibliographisches Institut GmbH) -- C:\Program Files (x86)\Duden\Duden-Bibliothek\dudenbib.exe PRC - [2010.08.04 23:19:14 | 000,799,552 | ---- | M] (Interactive Brands Inc.) -- C:\Program Files (x86)\PDF Suite 2010\ConversionService.exe PRC - [2010.03.08 10:38:42 | 000,517,416 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe PRC - [2009.09.24 11:11:36 | 000,200,704 | R--- | M] () -- C:\Windows\SysWOW64\HsMgr.exe PRC - [2009.04.27 16:20:46 | 000,074,408 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe PRC - [2009.04.27 16:19:38 | 000,058,024 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files (x86)\Lexmark 1200 Series\lxczbmon.exe PRC - [2007.01.05 13:37:00 | 000,061,440 | ---- | M] (Vimicro) -- C:\Windows\VM305_STI.EXE ========== Modules (No Company Name) ========== MOD - [2012.06.14 23:02:36 | 000,050,477 | ---- | M] () -- C:\Users\Uwe\Desktop\Defogger.exe MOD - [2012.05.13 12:33:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll MOD - [2012.05.13 12:33:50 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012.05.13 12:33:50 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll MOD - [2012.05.13 12:33:19 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012.05.13 12:33:16 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012.05.13 12:33:11 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012.04.24 00:35:09 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2012.03.22 00:32:36 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2011.10.05 11:32:28 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\MBControls.dll MOD - [2010.11.13 02:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.11.05 03:57:46 | 000,610,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll MOD - [2009.09.24 11:11:36 | 000,200,704 | R--- | M] () -- C:\Windows\SysWOW64\HsMgr.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012.04.06 04:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2012.04.05 21:57:34 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2007.04.19 16:43:56 | 000,566,192 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxczcoms.exe -- (lxcz_device) SRV - [2012.06.11 12:25:54 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.02.23 12:40:40 | 002,886,528 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2011.11.25 17:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86) SRV - [2011.10.14 08:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent) SRV - [2011.10.14 08:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2011.08.12 01:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE) SRV - [2011.04.25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP) SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.08.04 23:19:14 | 000,799,552 | ---- | M] (Interactive Brands Inc.) [Auto | Running] -- C:\Program Files (x86)\PDF Suite 2010\ConversionService.exe -- (PDF Suite 2010 Service) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.08 10:38:42 | 000,517,416 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe -- (NeroMediaHomeService.4) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007.04.19 16:43:42 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxczcoms.exe -- (lxcz_device) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.05.30 22:32:32 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt) DRV:64bit: - [2012.04.06 07:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.04.06 03:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.03.08 21:04:51 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.23 14:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011.12.13 19:44:16 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2011.12.12 22:52:44 | 000,082,048 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:64bit: - [2011.12.12 22:52:44 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:64bit: - [2011.07.13 14:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol) DRV:64bit: - [2011.07.13 14:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.10 19:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:64bit: - [2011.03.04 14:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2) DRV:64bit: - [2011.03.04 14:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.09.01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI) DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2009.11.02 21:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:64bit: - [2009.09.24 11:12:28 | 001,155,072 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudax3.sys -- (cmuda3) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.02 00:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2007.03.08 13:03:58 | 001,541,120 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbVM305.sys -- (ZSMC0305) DRV:64bit: - [2007.02.02 14:47:18 | 000,300,800 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vvftav.sys -- (vvftav) DRV - [2012.03.05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1) DRV - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8E D2 E7 8E 7C 08 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGNI_deES476 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 122.225.68.125:8181 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Google.de" FF - prefs.js..browser.search.defaultenginename: "Google.de" FF - prefs.js..browser.search.order.1: "Google.de" FF - prefs.js..browser.search.order.2: "Google" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox?client=firefox-a&rlz=1R0GGLL_de" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655 FF - prefs.js..extensions.enabledItems: {c666c018-6409-4479-afa3-68e4129e7eff}:1.0.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0 FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.556 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556 FF - prefs.js..extensions.enabledItems: FFPDFConverter@ib.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "http://www.google.de/search?q=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.05.03 15:03:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.05.03 15:03:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.05.03 15:03:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFConverter@ib.com: C:\Program Files (x86)\PDF Suite 2010\firefoxextension [2012.03.08 23:02:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.05 22:16:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.05.24 18:21:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.03.08 20:52:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uwe\AppData\Roaming\mozilla\Extensions [2012.06.14 18:29:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uwe\AppData\Roaming\mozilla\Firefox\Profiles\vt4hwcmr.default\extensions [2012.04.08 00:27:28 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Uwe\AppData\Roaming\mozilla\Firefox\Profiles\vt4hwcmr.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2012.03.08 21:38:05 | 000,000,000 | ---D | M] (Clippings) -- C:\Users\Uwe\AppData\Roaming\mozilla\Firefox\Profiles\vt4hwcmr.default\extensions\{91aa5abe-9de4-4347-b7b5-322c38dd9271} [2012.05.18 11:38:00 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Uwe\AppData\Roaming\mozilla\Firefox\Profiles\vt4hwcmr.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2012.03.08 21:38:05 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Uwe\AppData\Roaming\mozilla\Firefox\Profiles\vt4hwcmr.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.03.14 23:22:02 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Uwe\AppData\Roaming\mozilla\Firefox\Profiles\vt4hwcmr.default\extensions\firefox@ghostery.com [2011.07.26 19:19:58 | 000,002,333 | ---- | M] () -- C:\Users\Uwe\AppData\Roaming\Mozilla\Firefox\Profiles\vt4hwcmr.default\searchplugins\askcom.xml [2011.09.21 22:48:14 | 000,001,708 | ---- | M] () -- C:\Users\Uwe\AppData\Roaming\Mozilla\Firefox\Profiles\vt4hwcmr.default\searchplugins\es-fcil-verbos-espaoles.xml [2012.03.08 20:52:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.03.08 23:02:00 | 000,000,000 | ---D | M] (PDF Suite Converter For Firefox) -- C:\PROGRAM FILES (X86)\PDF SUITE 2010\FIREFOXEXTENSION [2011.11.02 14:38:26 | 000,007,532 | ---- | M] () (No name found) -- C:\USERS\UWE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VT4HWCMR.DEFAULT\EXTENSIONS\{27C60876-B5C9-4335-B4F3-52B26782220C}.XPI [2012.03.01 16:59:24 | 000,033,619 | ---- | M] () (No name found) -- C:\USERS\UWE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VT4HWCMR.DEFAULT\EXTENSIONS\{578E7CAA-210F-4967-A0D3-88FE5B59A39F}.XPI [2012.06.12 22:53:01 | 000,525,301 | ---- | M] () (No name found) -- C:\USERS\UWE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VT4HWCMR.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI [2012.06.05 22:16:37 | 000,061,219 | ---- | M] () (No name found) -- C:\USERS\UWE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VT4HWCMR.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI [2012.03.20 15:24:07 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\UWE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VT4HWCMR.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012.02.24 12:50:42 | 000,164,722 | ---- | M] () (No name found) -- C:\USERS\UWE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VT4HWCMR.DEFAULT\EXTENSIONS\COMPATIBILITY@ADDONS.MOZILLA.ORG.XPI [2011.10.18 13:38:40 | 000,174,405 | ---- | M] () (No name found) -- C:\USERS\UWE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VT4HWCMR.DEFAULT\EXTENSIONS\GUICONFIG@SLOSD.NET.XPI [2012.06.05 22:16:29 | 000,134,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.02.17 00:16:01 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.02.17 00:01:58 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.02.17 00:16:01 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.02.17 00:16:01 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.17 00:16:01 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.17 00:16:01 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (PDF Suite Helper) - {1AD61D5B-58A3-4592-9B34-DC84688FF805} - C:\Program Files (x86)\PDF Suite 2010\PDFIEHelper.dll (Interactive Brands Inc.) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (no name) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - No CLSID value found. O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (PDF Suite Toolbar) - {261F6A8B-7AAF-4BF5-8552-6610F4D67819} - C:\Program Files (x86)\PDF Suite 2010\PDFIEPlugin.dll (Interactive Brands Inc.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Cmaudio8768GX] C:\Windows\syswow64\HsMgr.exe () O4:64bit: - HKLM..\Run: [Cmaudio8768GX64] C:\Windows\system\HsMgr64.exe () O4:64bit: - HKLM..\Run: [CmPCIaudio] C:\Windows\Syswow64\CMICNFG3.dll (C-Media Corporation) O4:64bit: - HKLM..\Run: [lxczbmgr.exe] C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [BigDog305] C:\Windows\VM305_STI.EXE (Vimicro) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [Duden Korrektor SysTray] C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe (Expert System S.p.A.) O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Uwe\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Uwe\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.58.61.250 80.58.61.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC37A775-B021-4B1D-9B36-3B956399D880}: DhcpNameServer = 80.58.61.250 80.58.61.254 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.03.11 16:42:21 | 000,024,064 | ---- | M] () - H:\Autorización General.doc -- [ NTFS ] O32 - AutoRun File - [2012.03.11 16:42:21 | 000,024,064 | ---- | M] () - K:\Autorización General.doc -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.06.14 23:04:24 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Uwe\Desktop\OTL.exe [2012.06.14 11:49:57 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{3E78D47E-D9CB-4BBA-ACA2-ECE2358CE516} [2012.06.14 11:49:46 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{86A7DD94-3ED0-4935-B20C-60D59E70CC26} [2012.06.14 00:28:16 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.06.14 00:28:16 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.06.14 00:28:16 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.06.14 00:28:15 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.06.14 00:28:15 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.06.14 00:28:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.06.14 00:28:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.06.14 00:28:14 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.06.14 00:28:13 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.06.14 00:28:13 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.06.14 00:28:13 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.06.14 00:28:13 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.06.14 00:28:12 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.06.14 00:27:48 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012.06.14 00:27:48 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012.06.13 23:49:20 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{23F31114-A9AA-478F-B859-F0651C8CE4D4} [2012.06.13 23:49:01 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{08530354-52EB-478E-B734-ABC52C6DFF5F} [2012.06.13 11:53:25 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012.06.13 11:53:25 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012.06.13 11:53:25 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012.06.13 11:53:22 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.06.13 11:53:21 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.06.13 11:53:21 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.06.13 11:53:18 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012.06.13 11:53:17 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012.06.13 11:53:16 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012.06.13 11:48:48 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{4D0B9842-01B5-445E-91D8-6AD89584C993} [2012.06.13 11:48:37 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{CD76F96E-9F1C-4450-A4BB-DEAB07D201BE} [2012.06.12 12:17:30 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{BAA207AA-18FC-490E-8104-8ACDCB97DF36} [2012.06.12 12:17:19 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{F5D6B93B-8843-4240-96F7-4EA9FACC7DBB} [2012.06.11 12:19:50 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{E7930114-0DFF-47A9-8CFE-7A77ADAE4D15} [2012.06.11 12:19:39 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{17FF7C19-F40F-47DA-8442-3C2EA870B458} [2012.06.10 12:18:36 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{01537576-B0CE-4F53-9E5F-3D0D9C5519F6} [2012.06.10 12:18:19 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{C597DB50-028A-4C55-9B02-566C775ED488} [2012.06.09 12:12:51 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\Macromedia [2012.06.09 12:11:52 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{0D82F97B-7E01-4C3D-A86E-D6D4844125F1} [2012.06.09 12:11:40 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{42C6AAB9-9D64-4DBE-B88F-37315E0F725E} [2012.06.08 23:14:47 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{8857EE90-F9DB-4CAC-88B7-B4AC43F3ACE6} [2012.06.08 11:14:24 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{B4E0F331-58D8-43BD-BB30-80B690335C7F} [2012.06.08 11:14:13 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{65975ED1-C1E2-4863-B06C-D9294A4791EE} [2012.06.07 23:13:48 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{EDF5357C-95ED-465C-84A8-8B9AE4EA4BE0} [2012.06.07 11:13:13 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{9B9AD720-A6BD-4A6C-9D95-D39235636A6E} [2012.06.07 11:13:02 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{BB8D7582-995B-4A59-B271-D4EDC7F70E5F} [2012.06.06 21:50:16 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{A90DB73E-954E-458B-A692-E3A0F3E38508} [2012.06.06 21:50:04 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{7DC339BD-0E00-439A-8551-B73BAC28AB80} [2012.06.06 09:49:40 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{4D276867-40BB-44B5-9B4A-ED2E022A92F9} [2012.06.06 09:49:28 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{4DEEE0E2-F253-433E-A308-E889FB2A987C} [2012.06.05 12:25:31 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{E347CED8-1EFA-47FD-9F1A-CA6ED2FF6E00} [2012.06.05 12:25:15 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{D894CE7A-6263-40FC-A315-60D45978659A} [2012.06.04 13:11:16 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{5E8B2774-1AF0-4CD6-BBF9-1C0103170000} [2012.06.04 13:11:05 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{A248590B-FAE7-4FD1-AC60-25C480CECB3D} [2012.06.03 12:12:55 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{9FAF76CE-4BD3-472E-A38B-63AACD3874C8} [2012.06.03 12:12:44 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{8CC12D50-8AA7-42AD-AA0A-FEDB4AFD55F2} [2012.06.02 12:16:50 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{175E944F-9998-4841-B172-159F53D6DF02} [2012.06.02 12:16:34 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{88E4EC9E-55C8-4115-A293-418124930BA7} [2012.06.01 12:14:21 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{55BB213E-75E4-455C-8042-2CB0063C59C9} [2012.06.01 12:14:10 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{3B2311DF-2F9A-4FE5-8A09-ADEA31F5CC12} [2012.05.31 12:16:17 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{F2AB7E07-0A97-4FF5-9458-D2D9B5C0898B} [2012.05.31 12:16:06 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{1DB292CD-DC0E-4398-BA77-531783999748} [2012.05.31 00:15:29 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{7B1E8537-8510-4B1D-B3AD-00B8AA080A13} [2012.05.31 00:15:18 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{A8CCAA14-969D-43A3-B41C-3FEDDFAEC571} [2012.05.30 22:34:57 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Roaming\TrueCrypt [2012.05.30 22:32:32 | 000,231,376 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys [2012.05.30 22:32:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt [2012.05.30 22:32:15 | 000,000,000 | ---D | C] -- C:\Program Files\TrueCrypt [2012.05.30 12:15:06 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{FD31B5E2-C99E-44E4-B704-0720AF06F150} [2012.05.30 12:14:55 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{CB8C1DA5-7B43-424E-9FEE-B058165C91E1} [2012.05.30 00:06:18 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{6663366B-42BE-4082-A591-F278682CE7C7} [2012.05.30 00:06:03 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{C28535D9-76C5-4BFF-AE14-633B3DEF68E8} [2012.05.29 12:05:50 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{8CAF28A1-50D4-4C2C-9050-C67BF0EE4AC6} [2012.05.29 12:05:35 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{45A17EB6-19A4-47D7-8BC7-63023D158AF9} [2012.05.28 12:31:28 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{923C6588-8827-407F-A97C-10D79FD846A5} [2012.05.28 12:31:13 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{1B8AFD07-9F36-441B-B263-BF00947CA06C} [2012.05.27 12:24:32 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{65D03188-929F-49FA-A199-DE4EB7F79618} [2012.05.27 12:24:20 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{26A04B67-E95C-4360-B9E4-E7F551F9C6AB} [2012.05.26 12:25:06 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{37A46D26-4CF2-4563-95BA-5D5627DF39D1} [2012.05.26 12:24:53 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{71254047-5AFB-4369-8C09-2A2763451496} [2012.05.25 12:41:00 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{547FA520-826C-47AC-AC04-BADBECAF8BAA} [2012.05.25 12:40:49 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{7C2FCAD4-482F-43DE-BED9-A9C5DF0F2C30} [2012.05.24 18:21:18 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Roaming\Thunderbird [2012.05.24 18:21:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2012.05.24 12:29:59 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{074CC885-6827-478B-B0BD-D0983DF74D68} [2012.05.24 12:29:48 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{93D0D493-81A8-48FC-8F96-8AA3729514A0} [2012.05.23 12:38:07 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{ABA1D10D-5FEE-42B2-8EF9-0BB550170DA7} [2012.05.23 12:37:51 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{804B10D6-F5A1-4EBC-A746-8B59A99E3F27} [2012.05.22 12:27:17 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012.05.22 12:26:37 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{EAD37A08-B12E-4A12-9EEE-5F0CAC738230} [2012.05.22 12:26:26 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{D0504D5A-255E-450C-8AF9-563DD07C34B8} [2012.05.21 15:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2012.05.21 15:03:51 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2012.05.21 15:00:21 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{241D7A01-328E-4953-AA16-82F83B7B7C22} [2012.05.21 15:00:04 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{A819F99E-1AE8-49E5-B920-208DDCBFE782} [2012.05.20 12:28:35 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{9C268E40-8F93-455F-B333-297086905782} [2012.05.20 12:28:24 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{C2D13A6E-9568-4CFA-B0FD-9538734D8D6A} [2012.05.19 12:31:08 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{4FAC0DD9-8F88-4277-BFBE-F35C7E0B91CD} [2012.05.19 12:30:57 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{FBB08FA1-1ADA-4F52-A4C3-1FB1A02AF223} [2012.05.18 23:38:34 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{218FC2B2-A21F-4700-A4A9-0337CCE59FF8} [2012.05.18 23:38:12 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{9C823DF8-B28C-4DCB-8C4D-044215788969} [2012.05.18 11:37:59 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{2913348B-CA92-4C8F-876C-5A5C100C39BD} [2012.05.18 11:37:44 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{D5E854C4-8AE5-402E-BC16-643DCD9C937B} [2012.05.17 13:38:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012.05.17 13:38:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2012.05.17 13:38:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012.05.17 13:38:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012.05.17 12:36:30 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{7B282815-55EE-4127-A393-1368A7D27A89} [2012.05.17 12:36:13 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{879B8522-2126-448F-A930-F04CBE209CFE} [2012.05.16 13:04:48 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{18A8DFDD-ADE7-4F9B-996A-0A994567D23B} [2012.05.16 13:04:26 | 000,000,000 | ---D | C] -- C:\Users\Uwe\AppData\Local\{09FEEA3B-83C8-4175-87A1-36DDE5796A85} [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.14 23:09:10 | 000,000,000 | ---- | M] () -- C:\Users\Uwe\defogger_reenable [2012.06.14 23:04:26 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Uwe\Desktop\OTL.exe [2012.06.14 23:02:36 | 000,050,477 | ---- | M] () -- C:\Users\Uwe\Desktop\Defogger.exe [2012.06.14 22:55:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.06.14 22:29:20 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.14 22:29:20 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.14 22:29:20 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.14 22:29:20 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.14 22:29:20 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.06.14 22:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.14 12:55:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.06.14 10:05:02 | 000,015,184 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.14 10:05:02 | 000,015,184 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.14 09:57:50 | 000,309,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.06.14 09:57:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.14 09:57:29 | 3219,890,176 | -HS- | M] () -- C:\hiberfil.sys [2012.06.11 12:25:53 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.06.11 12:25:53 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.05.30 22:32:32 | 000,231,376 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys [2012.05.18 04:06:48 | 002,311,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.05.18 03:58:39 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.05.18 03:58:15 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.05.18 03:55:22 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.05.18 03:55:06 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.05.18 03:51:49 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.05.18 03:47:42 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.05.18 00:35:39 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.05.18 00:33:08 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.05.18 00:29:45 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.05.18 00:29:30 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.05.18 00:25:17 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.05.18 00:20:42 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.14 23:09:10 | 000,000,000 | ---- | C] () -- C:\Users\Uwe\defogger_reenable [2012.06.14 23:02:35 | 000,050,477 | ---- | C] () -- C:\Users\Uwe\Desktop\Defogger.exe [2012.05.24 18:21:15 | 000,002,098 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012.03.09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.03.08 23:34:13 | 000,122,880 | ---- | C] () -- C:\Windows\rm305.exe [2012.03.08 23:34:13 | 000,000,900 | ---- | C] () -- C:\Windows\rm305.ini [2012.03.08 22:07:15 | 000,000,165 | ---- | C] () -- C:\Windows\Lexstat.ini [2012.03.08 22:07:03 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczserv.dll [2012.03.08 22:07:03 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczusb1.dll [2012.03.08 22:07:03 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczhbn3.dll [2012.03.08 22:07:03 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczcomc.dll [2012.03.08 22:07:03 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczpmui.dll [2012.03.08 22:07:03 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczlmpm.dll [2012.03.08 22:07:03 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczcoms.exe [2012.03.08 22:07:03 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczcomm.dll [2012.03.08 22:07:03 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxczutil.dll [2012.03.08 22:07:03 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczinpa.dll [2012.03.08 22:07:03 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcziesc.dll [2012.03.08 22:07:03 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczih.exe [2012.03.08 22:07:03 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczcfg.exe [2012.03.08 22:07:03 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXCZinst.dll [2012.03.08 22:07:03 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczppls.exe [2012.03.08 22:07:03 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczprox.dll [2012.03.08 22:07:03 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxczpplc.dll [2012.03.08 21:23:42 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2012.03.08 21:05:57 | 000,017,408 | ---- | C] () -- C:\Users\Uwe\AppData\Local\WebpageIcons.db [2012.03.08 20:47:51 | 000,200,704 | R--- | C] () -- C:\Windows\SysWow64\HsMgr.exe [2012.03.08 20:47:51 | 000,143,360 | R--- | C] () -- C:\Windows\SysWow64\VmixP6.dll [2012.03.08 20:47:48 | 000,000,353 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl [2012.03.08 20:47:42 | 000,003,518 | R--- | C] () -- C:\Windows\Cmicnfg3.ini.cfg [2012.03.08 20:47:42 | 000,000,538 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi [2012.03.08 20:19:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.02.15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.02.15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat < End of report > Code:
ATTFilter OTL Extras logfile created on: 14.06.2012 23:10:43 - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Uwe\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 56,43% Memory free
7,99 Gb Paging File | 6,00 Gb Available in Paging File | 75,04% Paging File free
Paging file location(s): h:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 76,91 Gb Free Space | 64,50% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 70,29 Mb Free Space | 70,29% Space Free | Partition Type: NTFS
Drive E: | 465,66 Gb Total Space | 461,56 Gb Free Space | 99,12% Space Free | Partition Type: NTFS
Drive G: | 111,76 Gb Total Space | 23,54 Gb Free Space | 21,06% Space Free | Partition Type: FAT32
Drive H: | 465,76 Gb Total Space | 412,41 Gb Free Space | 88,55% Space Free | Partition Type: NTFS
Drive I: | 463,87 Gb Total Space | 357,96 Gb Free Space | 77,17% Space Free | Partition Type: NTFS
Drive J: | 463,87 Gb Total Space | 443,80 Gb Free Space | 95,67% Space Free | Partition Type: NTFS
Drive K: | 463,87 Gb Total Space | 463,77 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive L: | 471,41 Gb Total Space | 206,13 Gb Free Space | 43,73% Space Free | Partition Type: NTFS
Drive N: | 7,39 Gb Total Space | 7,34 Gb Free Space | 99,38% Space Free | Partition Type: FAT32
Computer Name: UWESEIN-PC | User Name: Uwe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0735FD7A-E73E-4AF7-9C85-D28BB0BB5D10}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{0762B52B-BF7A-4E40-A7C0-C5828D05C95D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{15100D43-A70A-4ED4-B45B-9F2178447859}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{19880DE7-005D-4A48-85D5-C3A986B842D7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1FA6A3A2-367A-4DE4-9249-6C17A1004BC6}" = rport=139 | protocol=6 | dir=out | app=system |
"{2054430A-7D05-4B38-96F0-BE1030858AB8}" = rport=138 | protocol=17 | dir=out | app=system |
"{2816CAFF-DB87-4D1C-AAAE-BB3D051B5AF2}" = lport=137 | protocol=17 | dir=in | app=system |
"{32233981-58CC-4C79-A8C6-797A31F7537D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3B7F4212-8636-4A39-BE92-ED1BB812ACAD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{547E82D4-0BFA-4E9F-9AEF-D099D94A38FB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{697E008A-AB59-4645-AC19-2BC6DAE2A21D}" = lport=445 | protocol=6 | dir=in | app=system |
"{7447CE14-F240-47AE-80FF-C16F7E3124D1}" = rport=137 | protocol=17 | dir=out | app=system |
"{96112D4D-FCF0-4135-978F-D20168DC2041}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{99C5A373-1D1D-416C-B61F-462E2D73923E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9C725D5E-3D65-405B-9FB9-A7D9F02AE3FB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B37D2B40-A6F8-4BB9-99BB-8C08E8CB9249}" = rport=445 | protocol=6 | dir=out | app=system |
"{B561D60C-5B1F-43D6-9AFA-EA4006573F4B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BCC6A485-FF3B-42F0-99CA-953A5594F7AC}" = lport=139 | protocol=6 | dir=in | app=system |
"{C49E2EEE-D2D6-4777-805E-0DADCBEF375B}" = lport=138 | protocol=17 | dir=in | app=system |
"{C83A30A8-AC54-4766-86AC-4673BAA4FCC0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C9519961-AA5A-4480-81D0-C21D89E82948}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DCE7865B-8937-4261-82FC-25AC4D9D2CDC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E823FF85-878B-4FC8-858D-6C5F06476FFE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{051E464C-5341-485A-ABB8-4F3CE0060519}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1B158D3D-7D90-4C9D-9780-1D648B1DFF4E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{22CEDE06-58C4-4F40-B909-41DE2FD5A5A3}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxczpswx.exe |
"{2DDA6B42-06B5-4C68-A0D4-BCDCD2CFF22B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3FABFCC4-C5DA-428F-8A92-BAA98857E611}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{41FC3F8F-51B9-43B1-A27D-062FEC29FF4E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4D28B40A-0E99-4E29-9A44-DED9A3CB5F20}" = protocol=6 | dir=out | app=system |
"{5622CD2B-A849-4335-8074-B3E60CA79E8D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{60145433-AB59-41A5-BB63-A318391990F4}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{6142164E-B4E4-4172-8F61-98A39105C3A4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{64320D1E-0FFB-45FD-A5D5-6DB1D703BC9A}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxczcoms.exe |
"{64B66718-C837-488A-9412-BBE64DA4EB7A}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxczcoms.exe |
"{6688D856-46BA-41FE-8DA6-F00EF9359909}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{681DD46E-23D1-4104-AA8D-9C4908E2FB1B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{68F91DA5-042C-4612-B4BD-002CC268A123}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxczpswx.exe |
"{6F51C476-5176-4A43-9ECA-57C95D3C33CB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{72294A48-8299-4FA3-AB1E-F36EF732D330}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{74E8A23C-94CE-411B-ABBC-5E9CD89C200B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8713D04A-4E0E-42BD-A9AE-B693F7A26030}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{9C27DA03-9307-46FF-9B35-9CF50FC7202C}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero mediahome 4\nmmediaserverservice.exe |
"{BE71047C-062F-4429-9447-7070F26BEA14}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C74BCE0B-686D-4CA2-93B2-EF9D7C8BB6FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC54E51B-50FB-4FAF-AD88-FEB147BA975D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CDD89D84-64AE-43A9-A70E-E2BE55A41459}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E145ECD0-BF54-4996-9B41-53CE3FD67101}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E29C5CA2-0C99-4F95-A5E0-03F9E350116F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E4490262-809B-44BE-A069-926FF6083927}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F07BCD93-D488-42F5-A923-08D441577352}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F3F87603-1D48-4AA0-A873-D368BE4872EB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{F69C7CCB-4CE4-412B-8FEF-0E64092A5CE2}" = protocol=17 | dir=in | app=c:\windows\system32\lxczcoms.exe |
"{FB6A073C-A683-41A7-8E8F-B245D5E0D893}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{FC69604E-2592-4A48-A1D7-2F7B16166E97}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{FD9E5D01-4803-4A63-8668-0B8BC2104548}" = protocol=6 | dir=in | app=c:\windows\system32\lxczcoms.exe |
"{FFE699CA-ECD3-45AC-8022-3BC648C79063}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero mediahome 4\nmmediaserverservice.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0CC4F67D-D41D-8C1A-C605-39154DDEAC63}" = AMD Fuel
"{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{251481E4-723F-492F-F5C1-3424FB2EF44E}" = AMD Drag and Drop Transcoding
"{2E8D6204-D656-8355-1ED3-2988AC52EB0F}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5831C6D6-309D-DBB5-14F7-FEE57086CEE7}" = AMD Catalyst Install Manager
"{63CE6C32-1EB3-4C51-89FC-9FD96A661A9C}" = AMD Media Foundation Decoders
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}" = AMD Steady Video Plug-In
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"C-Media PCI Audio Driver" = Theatron Agrippa
"Defraggler" = Defraggler
"Lexmark 1200 Series" = Lexmark 1200 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{011E92F1-AF76-4983-8707-79F8F1956439}" = Nero Prerequisite Installer 1.0
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{0320AB41-0926-4218-A8A6-68AC84E6BB93}" = Nero Recode 11
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0F022A2E-7022-497D-90A5-0F46746D8275}" = Macromedia Extension Manager
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19D614EB-D62A-AEE7-2391-E74126601D59}" = CCC Help Italian
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C373820-B9C8-0F7F-8F84-FC1B76A85F27}" = CCC Help Portuguese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{2D35BC33-7D08-D529-DF91-8A15FBF2600E}" = CCC Help Polish
"{31832C70-2FA4-4C99-BA99-94A5EF7A1184}" = PDF Suite 2010
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{337788D1-43D1-9A0F-9787-DD00DB512D41}" = Catalyst Control Center Localization All
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3B418709-D688-4E3A-BE0E-7D71FA84C948}" = Nero 11 PiP Effects 1
"{40AE01BE-A290-4FFB-8DAB-C624C17DC87E}" = Vegas Movie Studio HD Platinum 10.0
"{4382FC76-8100-4951-8658-31834E625E88}" = Nero 11 Video Transitions 1
"{44025BD7-AD10-4769-99AE-6378FD0303D6}" = Macromedia Dreamweaver 8
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{4725833D-4325-5C34-57D4-1FE23E5AE578}" = CCC Help Chinese Standard
"{4B271648-43CB-DD31-FF24-E7B06D3EE72A}" = Catalyst Control Center InstallProxy
"{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}" = Macromedia Fireworks 8
"{4DC37F33-7AEC-A4CB-56B1-69A402828763}" = CCC Help Japanese
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{5710DAC2-8F2A-503C-CFC2-A973ADE0EA4C}" = CCC Help Czech
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{5870DF31-7BF8-4635-B708-7695CBCD5D48}" = DesignCAD 20
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5C763682-4C40-86DA-9C46-31924D7D2C34}" = CCC Help Thai
"{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3
"{60E5022D-FA4B-C6A2-1E80-B46EC39096F3}" = CCC Help Chinese Traditional
"{60F34FDF-267C-408F-290E-EC90D841C8CB}" = CCC Help German
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66B79AE1-C6E2-B958-689C-D0812DE86BAB}" = CCC Help Greek
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FC3B9A-4149-43DB-A557-6ED0C8D8BA44}" = Nero MediaHome 4 Help
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6B39BE0F-0F5E-A8FA-33E4-8481AE39D96C}" = CCC Help Russian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71c64b8b-67a6-4d9a-8f60-56a148bf46ee}" = Nero MediaHome 4
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{8292F88E-2DB7-456B-A8F1-9079B7432A1E}" = DVD Architect Studio 5.0
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E19F2AF-7145-51DE-E395-7729A9374973}" = Catalyst Control Center Graphics Previews Common
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{91CB5B8B-4EC8-DBA1-A88D-99FD480567B0}" = CCC Help English
"{924FBAC4-60D2-7981-3C3E-979DF9CBB346}" = CCC Help Finnish
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{99EF387E-633E-4CFB-BFA3-AB961B685DDF}" = Nero MediaHome 4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DC939DC-B7A4-D0E2-C582-A442DF1B3EBE}" = CCC Help Spanish
"{9FC86590-AC98-4845-80D4-3EB37B51947B}" = Nero 11
"{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1
"{A1BD938B-F006-6E6D-70B2-47E1DD56F7DE}" = CCC Help Swedish
"{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples
"{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{ACD6B383-EC5B-4000-A455-CCB308B447FE}" = Nero 11 Kwik Themes 4
"{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0305}" = USB PC Camera VC305
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BA499CC0-12C0-4BA5-9007-76844B721158}" = Nero 11 Kwik Themes 3
"{BABF7852-C2DD-6A8A-9956-101720C715C7}" = CCC Help Turkish
"{BB7C2A56-9706-43B8-5A8C-210AF5816106}" = CCC Help French
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{BF420B0C-DD5B-4ACD-AD7A-CB8F25CA0D2F}" = Duden-Rechtschreibprüfung
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}" = WinZip 15.0
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFC2CB60-5654-05A7-4D30-C661800A3A92}" = CCC Help Korean
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D04CE005-D1D2-80F3-84C8-B3524FCD39C3}" = CCC Help Norwegian
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D544AE4C-4152-225B-A897-6756C8986B14}" = AMD VISION Engine Control Center
"{D81E9069-3CCC-4405-3751-71E4AFEACC52}" = CCC Help Hungarian
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E93FF166-DF14-2537-8FB4-96BB5810A96C}" = CCC Help Danish
"{E97C937C-AE21-453D-86A0-A231507543D1}" = ACID Music Studio 8.0
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA9827E1-8A8E-C176-4923-0840A67ED4DE}" = CCC Help Dutch
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
"FileHippo.com" = FileHippo.com Update Checker
"FileZilla Client" = FileZilla Client 3.5.3
"Free DVD Video Converter_is1" = Free DVD Video Converter version 2.0.2.221
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.17.221
"HijackThis" = HijackThis 2.0.2
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MozBackup" = MozBackup 1.4.9
"Mozilla Firefox 10.0.5 (x86 de)" = Mozilla Firefox 10.0.5 (x86 de)
"Mozilla Thunderbird 13.0 (x86 de)" = Mozilla Thunderbird 13.0 (x86 de)
"MS-Buchhalter Start" = MS-Buchhalter Start 3.0
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"OpenAL" = OpenAL
"Secunia PSI" = Secunia PSI (2.0.0.4003)
"TeamViewer 7" = TeamViewer 7
"TrueCrypt" = TrueCrypt
"WinLiveSuite" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14.06.2012 04:11:57 | Computer Name = Uwesein-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 14.06.2012 04:12:06 | Computer Name = Uwesein-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 14.06.2012 04:13:42 | Computer Name = Uwesein-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 14.06.2012 04:14:35 | Computer Name = Uwesein-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 14.06.2012 04:23:34 | Computer Name = Uwesein-PC | Source = SideBySide | ID = 16842761
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Duden\Duden-Rechtschreibprüfung\adxloader.dll.Manifest". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\adxloader.dll.Manifest"
in Zeile 2. Das Stammelement der Manifestdatei muss assembliert sein.
Error - 14.06.2012 04:25:06 | Computer Name = Uwesein-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\mozbackup\dll\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
files (x86)\mozbackup\dll\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 14.06.2012 08:27:04 | Computer Name = Uwesein-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 10.0.5.4534,
Zeitstempel: 0x4fc84ad9 Name des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4fc821fc Ausnahmecode: 0xc0000005 Fehleroffset:
0x61e59903 ID des fehlerhaften Prozesses: 0x3b8 Startzeit der fehlerhaften Anwendung:
0x01cd4a28e9fa1c0b Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Pfad des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll Berichtskennung:
3f6c241c-b61c-11e1-8758-00252206585a
Error - 14.06.2012 12:30:02 | Computer Name = Uwesein-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 10.0.5.4534,
Zeitstempel: 0x4fc84ad9 Name des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4fc821fc Ausnahmecode: 0xc0000005 Fehleroffset:
0x633e2fe6 ID des fehlerhaften Prozesses: 0x16e4 Startzeit der fehlerhaften Anwendung:
0x01cd4a4abf739943 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Pfad des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll Berichtskennung:
309b53f6-b63e-11e1-8758-00252206585a
Error - 14.06.2012 12:30:57 | Computer Name = Uwesein-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 10.0.5.4534,
Zeitstempel: 0x4fc84ad9 Name des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4fc821fc Ausnahmecode: 0xc0000005 Fehleroffset:
0x61e59903 ID des fehlerhaften Prozesses: 0x1b10 Startzeit der fehlerhaften Anwendung:
0x01cd4a4aff18d38b Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Pfad des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll Berichtskennung:
50f8d215-b63e-11e1-8758-00252206585a
Error - 14.06.2012 16:54:19 | Computer Name = Uwesein-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 10.0.5.4534,
Zeitstempel: 0x4fc84ad9 Name des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4fc821fc Ausnahmecode: 0xc0000005 Fehleroffset:
0x61cc9903 ID des fehlerhaften Prozesses: 0xc60 Startzeit der fehlerhaften Anwendung:
0x01cd4a6fc2065d8d Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Pfad des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll Berichtskennung:
1bf546c7-b663-11e1-8758-00252206585a
[ System Events ]
Error - 13.06.2012 18:35:40 | Computer Name = Uwesein-PC | Source = DCOM | ID = 10016
Description =
Error - 14.06.2012 03:57:28 | Computer Name = Uwesein-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 14.06.2012 03:58:16 | Computer Name = Uwesein-PC | Source = DCOM | ID = 10016
Description =
Error - 14.06.2012 03:58:18 | Computer Name = Uwesein-PC | Source = DCOM | ID = 10016
Description =
Error - 14.06.2012 03:58:18 | Computer Name = Uwesein-PC | Source = DCOM | ID = 10016
Description =
Error - 14.06.2012 03:58:34 | Computer Name = Uwesein-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: %%2
Error - 14.06.2012 04:40:35 | Computer Name = Uwesein-PC | Source = DCOM | ID = 10016
Description =
Error - 14.06.2012 16:27:13 | Computer Name = Uwesein-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR7 gefunden.
Error - 14.06.2012 16:27:14 | Computer Name = Uwesein-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR7 gefunden.
Error - 14.06.2012 16:27:15 | Computer Name = Uwesein-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR7 gefunden.
< End of report >
__________________ Con saludos Uwe |
| Themen zu Firefox bereitet Probleme, Malware vermutet |
| aufrufe, avp.exe, bho, error, excel, fehler, firefox, flash player, frage, helper, hijack, install.exe, kaspersky, langs, logfile, malware, mp3, plug-in, prozessor, realtek, registry, richtlinie, rundll, scan, searchscopes, secunia psi, security, software, svchost.exe, tastatur, updates, version=1.0, windows |
Baum-Darstellung