Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 16.07.2012, 09:51   #1
Th0mas
 
Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk - Standard

Problem: Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk



Hallo zusammen,

ich hoffe Ihr könnt mir helfen. Ich kann meinen Laptop zwar starten, aber sobald sich Windows hochgefahren hatvgehts schon los mit den Fehlermeldungen und es geht nichts mehr. Ich kann keine Datei ausführen, da immer verschiedene Fehlermeldungen auftauchen.

Sry, dass ich hier alle Ergebnisse der Scans reinkopiere. Aber ich kann aus unerklärlichen Gründen keine Datei hochladen.


Hier die Ergebisse des Scans:

OTL.txt :OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 16.07.2012 09:42:32 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Thomas\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,90 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 76,42% Memory free
6,01 Gb Paging File | 5,58 Gb Available in Paging File | 92,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,70 Gb Total Space | 19,44 Gb Free Space | 13,08% Space Free | Partition Type: NTFS
Drive D: | 137,38 Gb Total Space | 20,81 Gb Free Space | 15,15% Space Free | Partition Type: NTFS
 
Computer Name: THOMAS | User Name: Thomas | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.16 09:36:10 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Thomas\Downloads\OTL.exe
PRC - [2012.07.16 09:28:10 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.07.16 09:28:10 | 002,042,848 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2009.12.12 16:12:03 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Windows\system32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - File not found [Auto | Stopped] -- C:\Windows\system32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2012.07.16 09:28:10 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.05.03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.12.01 21:55:08 | 000,069,632 | ---- | M] () [Auto | Stopped] -- C:\Programme\Connectify\ConnectifyService.exe -- (Connectify)
SRV - [2011.09.22 20:43:28 | 000,645,048 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2010.09.08 17:45:10 | 001,034,752 | ---- | M] () [Auto | Stopped] -- C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010.09.08 17:44:50 | 000,484,352 | ---- | M] () [Auto | Stopped] -- C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2010.09.08 17:41:36 | 000,237,056 | ---- | M] (WDC) [Auto | Stopped] -- C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.05.15 22:39:46 | 000,703,008 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009.05.14 23:03:30 | 000,305,448 | ---- | M] () [Auto | Stopped] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009.04.10 12:11:20 | 000,117,256 | ---- | M] (Dritek System Inc.) [Auto | Stopped] -- C:\Programme\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2009.04.01 21:06:02 | 000,054,528 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Stopped] -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.02.11 17:38:40 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009.02.05 08:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Programme\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008.10.28 18:05:58 | 000,251,248 | ---- | M] (SAP AG) [Auto | Stopped] -- C:\Programme\SAP\SapSetup\setup\Updater\NwSapAutoWorkstationUpdateService.exe -- (NWSAPAutoWorkstationUpdateSvc)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.08.24 06:59:20 | 000,068,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2007.08.24 03:19:12 | 000,443,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 18:21:53 | 000,057,656 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.02.27 01:15:05 | 000,062,528 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LMFD1286.sys -- (LMGXII)
DRV - [2012.01.22 19:47:40 | 000,031,344 | ---- | M] (Connectify) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cnnctfy2.sys -- (cnnctfy2MP)
DRV - [2012.01.22 19:47:40 | 000,031,344 | ---- | M] (Connectify) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cnnctfy2.sys -- (cnnctfy2)
DRV - [2011.09.22 20:29:18 | 000,019,192 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpnva.sys -- (vpnva)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.01 20:48:44 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009.06.29 18:59:02 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.06.29 18:59:02 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009.04.27 10:16:06 | 000,050,176 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C60x86.sys -- (L1C)
DRV - [2009.04.09 14:38:26 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.02.13 19:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008.12.04 20:25:38 | 000,112,640 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2008.12.04 18:34:34 | 000,059,952 | ---- | M] (Egis Incorporated.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2008.12.04 18:34:34 | 000,019,504 | ---- | M] (Egis Incorporated.) [File_System | System | Stopped] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV - [2008.12.04 18:34:34 | 000,016,432 | ---- | M] (Egis Incorporated.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2008.11.17 01:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.01.21 04:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_3810t
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_3810t
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_3810t
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\InprocServer32 File not found
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE343DE343
IE - HKCU\..\SearchScopes\{E681EB3E-AA54-4FFB-BF0A-77B1C82A9D92}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig"
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {B922D405-6D13-4A2B-AE89-08A030DA4402}:1.1.1
FF - prefs.js..extensions.enabledItems: search@searchsettings.com:1.2.2
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=971163&p="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.02.25 05:05:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.02.25 05:05:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.15 19:56:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.16 09:28:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.16 11:32:20 | 000,000,000 | ---D | M]
 
[2009.09.05 20:51:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions
[2012.06.25 22:22:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\vhoi2bx0.default\extensions
[2012.03.06 10:15:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.05.30 17:49:33 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2009.10.21 19:53:03 | 000,000,000 | ---D | M] (pdfforge Toolbar Plugin) -- C:\Programme\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[2009.10.21 19:53:03 | 000,000,000 | ---D | M] (Search Settings Plugin) -- C:\Programme\Mozilla Firefox\extensions\search@searchsettings.com
[2012.07.16 09:28:11 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.22 10:42:45 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.05.14 20:07:24 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.05.14 20:07:24 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.05.14 20:07:24 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.05.14 20:07:24 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.05.14 20:07:24 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.05.14 20:07:24 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.215\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.215\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\8.0.552.215\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.2 (Enabled) = C:\Users\Thomas\AppData\Local\Yahoo!\BrowserPlus\2.9.2\Plugins\npybrowserplus_2.9.2.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Reg Error: Value error.) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mwlDaemon] C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Connectify] C:\Programme\Connectify\Connectify.exe (Connectify)
O4 - HKCU..\Run: [WindowsWelcomeCenter] File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Inhaltsverzeichnis.onetoc2 ()
O4 - Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk = C:\Programme\Stickies\stickies.exe (Zhorn Software)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F32A5A58-E48E-4D46-A9DD-948EE98CEC02}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Programme\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Programme\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O24 - Desktop BackupWallPaper: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4ca3e32c-e421-11de-8a8c-001e33223640}\Shell - "" = AutoRun
O33 - MountPoints2\{4ca3e32c-e421-11de-8a8c-001e33223640}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{8183466d-0a2c-11e1-b2e4-001e33223640}\Shell - "" = AutoRun
O33 - MountPoints2\{8183466d-0a2c-11e1-b2e4-001e33223640}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{8741448a-1ccf-11e0-9ba1-001e33223640}\Shell - "" = AutoRun
O33 - MountPoints2\{8741448a-1ccf-11e0-9ba1-001e33223640}\Shell\AutoRun\command - "" = F:\unlock.exe autoplay=true
O33 - MountPoints2\{992a9dc5-08a8-11e1-b440-001e33223640}\Shell - "" = AutoRun
O33 - MountPoints2\{992a9dc5-08a8-11e1-b440-001e33223640}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{bca0611d-78a5-11df-82bd-001e33223640}\Shell - "" = AutoRun
O33 - MountPoints2\{bca0611d-78a5-11df-82bd-001e33223640}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{bca06123-78a5-11df-82bd-001e33223640}\Shell - "" = AutoRun
O33 - MountPoints2\{bca06123-78a5-11df-82bd-001e33223640}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{c8e087bb-78ba-11df-8197-001e33223640}\Shell - "" = AutoRun
O33 - MountPoints2\{c8e087bb-78ba-11df-8197-001e33223640}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ebce8d46-096e-11e1-8bec-001e33223640}\Shell - "" = AutoRun
O33 - MountPoints2\{ebce8d46-096e-11e1-8bec-001e33223640}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ebce8d57-096e-11e1-8bec-ad2090d7a183}\Shell - "" = AutoRun
O33 - MountPoints2\{ebce8d57-096e-11e1-8bec-ad2090d7a183}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{f5c2dd58-5d05-11df-b2e1-001e33223640}\Shell - "" = AutoRun
O33 - MountPoints2\{f5c2dd58-5d05-11df-b2e1-001e33223640}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{f5c2dd5e-5d05-11df-b2e1-001e33223640}\Shell - "" = AutoRun
O33 - MountPoints2\{f5c2dd5e-5d05-11df-b2e1-001e33223640}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.15 22:25:45 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2012.07.15 19:56:42 | 000,353,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.07.15 19:56:42 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.07.15 19:56:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.07.15 19:56:41 | 000,721,000 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.07.15 19:56:41 | 000,057,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.07.15 19:56:41 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.07.15 19:56:41 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.07.15 19:56:18 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.07.15 19:56:18 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.07.15 19:55:57 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.07.15 19:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.07.03 22:52:55 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Roaming\Avira
[2012.07.03 22:52:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.07.03 22:51:53 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.07.03 22:51:52 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.07.03 22:51:52 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.07.03 22:51:52 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.07.03 22:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.07.03 22:51:51 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.06.28 09:51:36 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\Rüschi
[2012.06.28 09:48:37 | 000,000,000 | ---D | C] -- C:\Applikationen
[2012.06.23 15:27:10 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\MercedesBenzMixedTape44
[2009.10.22 21:06:15 | 003,125,248 | ---- | C] (SAP Technology,Inc) -- C:\Program Files\Common Files\sapxlhelper.dll
[2009.10.22 21:06:14 | 000,626,688 | ---- | C] (SAP AG) -- C:\Program Files\Common Files\sapconsaccess.dll
[2009.10.22 21:06:14 | 000,192,512 | ---- | C] (SAP Tech Inc.) -- C:\Program Files\Common Files\sapconsr3.dll
[2009.10.22 21:06:13 | 000,040,960 | ---- | C] (SAP-TECHNOLOGY) -- C:\Program Files\Common Files\DigitalSignature.ocx
[2 C:\Users\Thomas\Desktop\*.tmp files -> C:\Users\Thomas\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.16 09:42:23 | 000,001,356 | ---- | M] () -- C:\Users\Thomas\AppData\Local\d3d9caps.dat
[2012.07.16 09:31:28 | 000,000,176 | ---- | M] () -- C:\Users\Thomas\defogger_reenable
[2012.07.16 09:26:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.16 09:23:09 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.16 09:23:09 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.15 19:56:42 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.07.15 19:56:41 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.07.15 19:56:41 | 000,000,350 | -H-- | M] () -- C:\Windows\tasks\avast! Emergency Update.job
[2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.07.03 18:21:53 | 000,057,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.07.03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.07.03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.06.30 14:45:29 | 000,346,345 | ---- | M] () -- C:\Users\Thomas\Desktop\Entwurf Deutscher Rechnungslegungs Standard E-DRS 3 Segmentberichterstattung.pdf
[2012.06.28 10:22:36 | 000,004,879 | ---- | M] () -- C:\Users\Thomas\Desktop\Rückenschild -(1 Kopie-).pdf
[2 C:\Users\Thomas\Desktop\*.tmp files -> C:\Users\Thomas\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.07.16 09:30:45 | 000,000,176 | ---- | C] () -- C:\Users\Thomas\defogger_reenable
[2012.07.15 19:56:42 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.07.15 19:56:41 | 000,000,350 | -H-- | C] () -- C:\Windows\tasks\avast! Emergency Update.job
[2012.06.30 14:45:28 | 000,346,345 | ---- | C] () -- C:\Users\Thomas\Desktop\Entwurf Deutscher Rechnungslegungs Standard E-DRS 3 Segmentberichterstattung.pdf
[2012.06.28 10:22:35 | 000,004,879 | ---- | C] () -- C:\Users\Thomas\Desktop\Rückenschild -(1 Kopie-).pdf
[2012.04.06 16:13:44 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2012.04.06 16:13:30 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2012.04.06 16:13:30 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012.01.22 14:16:41 | 000,000,340 | ---- | C] () -- C:\Windows\wininit.ini
[2011.09.29 11:51:48 | 000,296,879 | ---- | C] () -- C:\Users\Thomas\AppData\Local\census.cache
[2011.09.29 11:50:16 | 000,204,918 | ---- | C] () -- C:\Users\Thomas\AppData\Local\ars.cache
[2011.09.29 11:37:52 | 000,000,036 | ---- | C] () -- C:\Users\Thomas\AppData\Local\housecall.guid.cache
[2011.08.08 09:40:40 | 000,004,096 | -H-- | C] () -- C:\Users\Thomas\AppData\Local\keyfile3.drm
[2011.05.17 19:53:50 | 000,036,363 | ---- | C] () -- C:\Windows\CSTBox.INI
[2010.08.26 02:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010.08.26 02:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010.08.26 02:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010.08.26 01:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2010.08.26 01:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010.08.26 01:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010.08.26 01:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010.05.17 16:38:53 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.05.16 12:27:13 | 000,000,402 | -H-- | C] () -- C:\Users\Thomas\BackupManager.list
[2009.10.23 21:11:26 | 000,000,094 | ---- | C] () -- C:\Users\Thomas\AppData\Local\fusioncache.dat
[2009.10.23 15:41:50 | 000,002,124 | ---- | C] () -- C:\Users\Thomas\AppData\Roaming\wklnhst.dat
[2009.10.08 14:01:33 | 000,001,356 | ---- | C] () -- C:\Users\Thomas\AppData\Local\d3d9caps.dat
[2009.09.01 13:49:49 | 000,065,536 | ---- | C] () -- C:\Users\Thomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== LOP Check ==========
 
[2009.09.02 22:00:59 | 000,000,000 | -HSD | M] -- C:\Users\Thomas\AppData\Roaming\.#
[2009.10.28 17:51:46 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Acer
[2009.06.11 13:58:57 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Acer GameZone Console
[2011.11.07 00:18:11 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Bytemobile
[2010.02.01 20:53:37 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\DAEMON Tools Lite
[2012.07.02 20:38:14 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Dropbox
[2011.07.02 20:39:59 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\ICQ
[2010.05.09 10:45:49 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\IrfanView
[2009.11.13 19:42:45 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Langenscheidt
[2012.03.24 21:40:17 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\SmartTools
[2012.07.02 20:29:05 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\stickies
[2009.10.23 21:11:26 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Strokes 4.0
[2010.05.30 12:23:02 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Template
[2010.05.11 19:36:26 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Vodafone
[2012.07.15 19:56:41 | 000,000,350 | -H-- | M] () -- C:\Windows\Tasks\avast! Emergency Update.job
[2012.07.16 09:23:52 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:BB24555F
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:8750DCE4
 
< End of report >
         
--- --- ---






und hier extras.Txt

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 16.07.2012 09:42:32 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Thomas\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,90 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 76,42% Memory free
6,01 Gb Paging File | 5,58 Gb Available in Paging File | 92,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,70 Gb Total Space | 19,44 Gb Free Space | 13,08% Space Free | Partition Type: NTFS
Drive D: | 137,38 Gb Total Space | 20,81 Gb Free Space | 15,15% Space Free | Partition Type: NTFS
 
Computer Name: THOMAS | User Name: Thomas | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1569539278-354797854-28064153-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01155269-5542-47BD-8083-EBC7EF9A1A49}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{17A5046E-0348-4ECB-B9C7-A145E3E43B89}" = lport=1303 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{2748174B-1CE5-41D8-A95A-6B64DC8C94F9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{29475002-469E-4825-88FB-9D88C28C5E66}" = lport=1303 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{41379CBA-B512-4C6E-8F4C-C790EF700A12}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{449E66EF-0109-402F-A820-5DE12B7D2530}" = rport=445 | protocol=6 | dir=out | app=system | 
"{471DF287-4997-406A-AAD8-6312F104D99D}" = lport=68 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{4A4A9914-1D48-49FE-B8A1-BE465A8EFCB0}" = lport=137 | protocol=17 | dir=in | app=system | 
"{4AB50208-EDB4-4397-B234-E4774E9BC55F}" = rport=138 | protocol=17 | dir=out | app=system | 
"{5244294E-C07C-467C-99FE-7521CB8442B7}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe | 
"{52D94891-DCF3-441D-AAF3-177AB938E2D3}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{53A992DC-A1DA-4328-A871-F8BC05212D2E}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe | 
"{561BD2D6-6091-48C8-8839-821F801D7E80}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe | 
"{5D10D603-9869-49D2-9031-33DA47C2EF46}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5E824658-AAB9-4838-9F8F-BA3A13D69DE7}" = lport=53 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{5EDE1DC6-A8BB-42CE-A529-5B531F00B0B2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{620751DA-7344-4E63-AF9D-48976400F3D2}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{670FF4FC-B338-45A0-9A41-6EC5111742C6}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{68A4E788-9103-4782-8F65-6A99B19D0964}" = lport=67 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{79B4D0CF-6E6D-4FDD-8387-527833478E4B}" = lport=67 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{8041FC2F-56F8-4781-8DE5-F8574AB9439E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8733DE30-B548-4699-86B1-9FB8A96D5A10}" = lport=139 | protocol=6 | dir=in | app=system | 
"{8B60BD4B-25EC-46CF-B018-45FC6910B4A4}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe | 
"{8F9345B9-B1B6-4475-88CA-C78FC3603167}" = lport=53 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{8FBCFA9A-A542-48F2-8BFF-6F0CC59809AA}" = rport=137 | protocol=17 | dir=out | app=system | 
"{9AC223B8-D473-4C65-A83B-8E3201455D06}" = lport=138 | protocol=17 | dir=in | app=system | 
"{AE273DB4-743F-4FE0-82EA-146FE0F1E647}" = rport=139 | protocol=6 | dir=out | app=system | 
"{B01964E9-2F5A-4CAD-BF12-182F6D715315}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{B194963C-658D-477B-966E-1730B9178FE9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B1EB83C5-5F52-4B47-BB67-10214A3118DA}" = lport=1317 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{B6C36514-B57F-44C7-B821-D23AE622BB87}" = lport=68 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{BB679BD7-6353-4C55-A530-86B29AF4593D}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C58BA50B-BC84-41BC-AC8B-5A136C5E13D0}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe | 
"{C9C99B41-044F-42F8-A1EC-52EE9863E485}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{C9F43F2F-E5AD-4921-99EA-CCB111AEF908}" = lport=445 | protocol=6 | dir=in | app=system | 
"{D412B915-865B-4BC5-B233-89212C47B363}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{D6CDBD87-48C8-4D69-82DD-4B8E80711A1E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{DA1B526A-2F11-4716-B1F7-C04262645428}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe | 
"{DE27FAB4-D748-4379-9D85-9F582AF9DE49}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F2243C00-0645-449C-B0D7-9F62CADAB864}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{FFB03747-862A-45A1-A633-7191FF82F6A1}" = lport=1317 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06DD55CD-754C-4333-A322-14E13B5E6350}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe | 
"{0890DEE7-F9C3-4D00-8EA7-3ABA8FD9855F}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) | 
"{167F9745-B1F3-416B-BB42-F94A7FA2143D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{1700BA54-F98B-425F-A50B-D34DEAEC432E}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{1753EEB3-4CE8-446D-9098-BE93B6D12FD3}" = protocol=17 | dir=in | app=c:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe | 
"{1D87D1C0-F7A0-4BDF-9161-B8A8C0D9D8A0}" = dir=out | app=c:\windows\system32\svchost.exe | 
"{27B7B214-3569-4A56-9C63-8FD80B783A20}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) | 
"{2B8290CD-754B-40ED-8180-FF7EA3C2829C}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe | 
"{3A8858E9-67EA-45C6-A221-CD0FA54EF3CD}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe | 
"{48AE3D51-A0BB-426D-B430-A8BF6E87A165}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{4FBACE3B-233D-4AF4-9154-731F70C2CE1F}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{5FEA26ED-A9FF-4BDC-B3F8-3ABA26DA89E6}" = protocol=17 | dir=in | app=c:\windows\system32\lxczcoms.exe | 
"{74914D7E-1B32-4F44-ABBC-87B045B7A41D}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{7496DCAE-13E8-4C70-BEAD-4E59F4E196FE}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{7697B237-EA0E-40C5-888F-9AE5D08EB2BC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{77711B78-A2BB-432B-B211-490CC82624B1}" = protocol=6 | dir=in | app=c:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe | 
"{78080800-D7E1-4707-BB6D-F94BE873EBCC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{78B8DA0F-F93B-4376-A7CA-7228AA46C27A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8A52C1A9-21B6-4F1C-8CD7-8C0E43206F69}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{8ABCB2AC-64F1-48DE-97DA-756B82DAFB40}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{8FEAE0B8-364D-42E8-B47E-CB06328C1F07}" = dir=in | app=c:\program files\acer\acer vcm\rs_service.exe | 
"{8FFC5F85-FFA1-406E-BCDC-CED29FC8BD9A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{96079D3E-7B20-491E-9B8E-CE01894C85F0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{A77CE145-8B52-40E8-9488-400E79C4FE9D}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe | 
"{A7B07D59-9D39-4D8E-9C51-C9831E26EB33}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{ACEC62BF-B8FE-47FF-BBCC-52BC1E012142}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{B1D2BBD9-D35A-47CB-980B-0FCE388EB580}" = protocol=17 | dir=in | app=c:\users\thomas\downloads\mflpro\data\disk1\setup.exe | 
"{B4B69A81-414A-4ECD-B097-6DB1B3BB256E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{B651E4C9-3FCC-486F-814E-B7973F37B32B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{C1BA64EA-93D0-4276-97F6-62813A182429}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{C4FEB5F7-36DE-4A2E-8F7E-96A08CB96704}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{CF2B78F7-75D8-4B18-A9FC-DC677FAC6C78}" = dir=out | app=c:\windows\system32\svchost.exe | 
"{D5A120F2-E7B1-416D-B54F-E5441907DDE4}" = protocol=6 | dir=in | app=c:\windows\system32\lxczcoms.exe | 
"{E48DF278-A492-4AC6-BA77-31E2206B95EC}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{E8F2F82B-FB48-42E1-A953-F94D9E520DEB}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{EDED9871-B34B-46A5-9C2D-C0FA1A7434CA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{F86DCA78-BE32-4F34-A407-29278D433483}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{FAF9167E-7D36-472D-ADF7-CDCA699DA2D3}" = protocol=6 | dir=in | app=c:\users\thomas\downloads\mflpro\data\disk1\setup.exe | 
"{FDB81B03-0FC0-4E7D-8809-88F2315C8CA7}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe | 
"{FF72930B-B75E-439F-B3D1-57391E9D44BD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"TCP Query User{39C73A0C-2B4E-4B92-B169-D9EF22E39D1B}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"TCP Query User{814A4377-79EC-40E4-898A-277458F29D76}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{9DFDECD2-F51B-4E8C-AE0D-073449AEA67D}C:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{C04123DC-A4A1-4B70-9827-76CD900254DD}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{ED378066-CEF4-4A4D-BE8B-D9CD79728C92}C:\program files\microsoft office\office12\groove.exe" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"TCP Query User{F58352CC-7B62-4CA6-A139-73557B8DBCBC}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"TCP Query User{FA73289D-9D0E-467A-8A26-CB655F74E427}C:\program files\gretech\gomplayer\gom.exe" = protocol=6 | dir=in | app=c:\program files\gretech\gomplayer\gom.exe | 
"UDP Query User{0734BACB-A599-42AE-99B6-A55BDA4511AE}C:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{5237B1E0-7506-48E3-8AC1-D5C84995A26B}C:\program files\gretech\gomplayer\gom.exe" = protocol=17 | dir=in | app=c:\program files\gretech\gomplayer\gom.exe | 
"UDP Query User{67B884BD-6BEA-4774-8730-C8F7247E2F5A}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"UDP Query User{B012D8A6-54D1-40FE-A798-DEAA2DFDF82C}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{C46F81F3-533F-46C6-BB3B-BC3181C1E51B}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"UDP Query User{E1144F05-DA5C-4A7E-96E1-332B0C006A83}C:\program files\microsoft office\office12\groove.exe" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"UDP Query User{FC100D4B-1C13-4539-B070-EB71B87D328B}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java(TM) 7 Update 1
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{44D66AD9-AE19-4AFD-BE7E-A1B44C856697}" = MSXML4.0 redistributable
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4EF8BE6A-899C-4196-94E7-297C5F7A203E}" = pdfforge Toolbar v1.1.1
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = MFL-Pro Suite
"{7240A69A-AC53-46A1-9039-1281DDBBE452}" = Cisco AnyConnect VPN Client
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8E770F99-CF23-4BF9-BF4E-E3A2924FEB27}" = Microsoft redistributable runtime DLLs VS2005 SP1(x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98D451C4-4ACA-4273-BB47-57CFE46B048E}" = WD SmartWare
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.0 - Deutsch
"{B5BCBD49-202F-4238-8398-D83D423A48B4}" = Windows Live Anmelde-Assistent
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.85.525
"{D6FBA785-DF2D-48C5-B238-40ABBD8EB780}" = Langenscheidt Vokabeltrainer 4.0 Englisch
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{DF71EB8A-6E59-4249-BCB8-38EC406E4353}" = CIB pdf brewer
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acer Screensaver" = Acer ScreenSaver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"avast" = avast! Free Antivirus
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner (remove only)
"Connectify" = Connectify
"DivX Setup.divx.com" = DivX-Setup
"ElsterFormular 2007 - 2008 NE 2007-2008" = ElsterFormular 2007 - 2008 NE
"ElsterFormular 2008 - 2009 2008-2009" = ElsterFormular 2008 - 2009
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript" = GPL Ghostscript
"GridVista" = Acer GridVista
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Hidden and Dangerous Deluxe" = Hidden and Dangerous Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"IrfanView" = IrfanView (remove only)
"LManager" = Launch Manager
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2000 PivotTable Services" = Microsoft SQL Server 2000 PivotTable Services
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NeroMultiInstaller!UninstallKey" = Nero Suite
"PDF-XChange PDF Viewer_is1" = PDF-XChange PDF Viewer
"Picasa 3" = Picasa 3
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SAP_WUS" = SAPSetup Automatic Workstation Update Service
"SAPBI" = SAP Business Explorer
"SAPGUI710" = SAP GUI 7.10
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TVWiz" = Intel(R) TV Wizard
"VLC media player" = VLC media player 1.0.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"ZhornStickies" = Stickies 7.1d
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 16.07.2012 03:21:11 | Computer Name = Thomas | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.07.2012 03:27:33 | Computer Name = Thomas | Source = EventSystem | ID = 4609
Description = 
 
Error - 16.07.2012 03:28:03 | Computer Name = Thomas | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
 
Error - 16.07.2012 03:28:04 | Computer Name = Thomas | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
 
Error - 16.07.2012 03:28:04 | Computer Name = Thomas | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
 
Error - 16.07.2012 03:28:04 | Computer Name = Thomas | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
 
Error - 16.07.2012 03:28:04 | Computer Name = Thomas | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
 
Error - 16.07.2012 03:28:04 | Computer Name = Thomas | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
 
Error - 16.07.2012 03:28:04 | Computer Name = Thomas | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
 
Error - 16.07.2012 03:28:29 | Computer Name = Thomas | Source = WinMgmt | ID = 10
Description = 
 
[ Cisco AnyConnect VPN Client Events ]
Error - 16.07.2012 03:07:40 | Computer Name = Thomas | Source = vpnagent | ID = 67108866
Description = Function: CDNSRequest::OnSocketReadComplete File: .\IP\DNSRequest.cpp
Line:
1069 Invoked Function: CDNSRequest::processResponse Return Code: -29229043 (0xFE42000D)
Description:
DNSREQUEST_ERROR_NO_SUCH_NAME Failed to resolve 162.62.197.193.in-addr.arpa via 
DNS server 192.168.178.1
 
Error - 16.07.2012 03:12:05 | Computer Name = Thomas | Source = vpnagent | ID = 67110873
Description = Termination reason code 9: Client PC is shutting down.
 
Error - 16.07.2012 03:12:05 | Computer Name = Thomas | Source = vpnagent | ID = 67108866
Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:
_tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei
nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw
Error:
No such file or directory
 
Error - 16.07.2012 03:14:24 | Computer Name = Thomas | Source = vpnagent | ID = 67108866
Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:
_tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei
nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw
Error:
No such file or directory
 
Error - 16.07.2012 03:14:24 | Computer Name = Thomas | Source = vpnagent | ID = 67108866
Description = Function: CDNSRequest::OnSocketReadComplete File: .\IP\DNSRequest.cpp
Line:
1069 Invoked Function: CDNSRequest::processResponse Return Code: -29229043 (0xFE42000D)
Description:
DNSREQUEST_ERROR_NO_SUCH_NAME Failed to resolve 162.62.197.193.in-addr.arpa via 
DNS server 192.168.178.1
 
Error - 16.07.2012 03:20:33 | Computer Name = Thomas | Source = vpnagent | ID = 67108866
Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:
_tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei
nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw
Error:
No such file or directory
 
Error - 16.07.2012 03:20:34 | Computer Name = Thomas | Source = vpnagent | ID = 67108866
Description = Function: CDNSRequest::OnSocketReadComplete File: .\IP\DNSRequest.cpp
Line:
1069 Invoked Function: CDNSRequest::processResponse Return Code: -29229043 (0xFE42000D)
Description:
DNSREQUEST_ERROR_NO_SUCH_NAME Failed to resolve 162.62.197.193.in-addr.arpa via 
DNS server 192.168.178.1
 
Error - 16.07.2012 03:21:50 | Computer Name = Thomas | Source = vpnagent | ID = 67110873
Description = Termination reason code 9: Client PC is shutting down.
 
Error - 16.07.2012 03:21:50 | Computer Name = Thomas | Source = vpnagent | ID = 67108866
Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:
_tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei
nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw
Error:
No such file or directory
 
Error - 16.07.2012 03:23:47 | Computer Name = Thomas | Source = vpnagent | ID = 67108866
Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function:
_tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei
nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw
Error:
No such file or directory
 
[ OSession Events ]
Error - 30.11.2010 00:10:57 | Computer Name = Thomas | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2323
seconds with 0 seconds of active time. This session ended with a crash.
 
Error - 26.10.2011 12:31:18 | Computer Name = Thomas | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 17199
seconds with 180 seconds of active time. This session ended with a crash.
 
Error - 05.12.2011 13:12:09 | Computer Name = Thomas | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 66
seconds with 0 seconds of active time. This session ended with a crash.
 
Error - 10.01.2012 16:20:28 | Computer Name = Thomas | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 157
seconds with 60 seconds of active time. This session ended with a crash.
 
Error - 20.02.2012 14:45:09 | Computer Name = Thomas | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 980
seconds with 120 seconds of active time. This session ended with a crash.
 
Error - 20.03.2012 12:17:10 | Computer Name = Thomas | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session 
lasted 40 seconds with 0 seconds of active time. This session ended with a crash.
 
Error - 12.04.2012 11:38:06 | Computer Name = Thomas | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1497
seconds with 1260 seconds of active time. This session ended with a crash.
 
Error - 07.06.2012 12:39:21 | Computer Name = Thomas | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 12354
seconds with 540 seconds of active time. This session ended with a crash.
 
Error - 12.06.2012 09:58:21 | Computer Name = Thomas | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session 
lasted 937 seconds with 540 seconds of active time. This session ended with a crash.
 
Error - 12.06.2012 09:58:40 | Computer Name = Thomas | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session 
lasted 12 seconds with 0 seconds of active time. This session ended with a crash.
 
[ System Events ]
Error - 16.07.2012 03:21:31 | Computer Name = Thomas | Source = Service Control Manager | ID = 7023
Description = 
 
Error - 16.07.2012 03:21:31 | Computer Name = Thomas | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 16.07.2012 03:26:31 | Computer Name = Thomas | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
 
Error - 16.07.2012 03:27:26 | Computer Name = Thomas | Source = DCOM | ID = 10005
Description = 
 
Error - 16.07.2012 03:27:33 | Computer Name = Thomas | Source = DCOM | ID = 10005
Description = 
 
Error - 16.07.2012 03:27:34 | Computer Name = Thomas | Source = DCOM | ID = 10005
Description = 
 
Error - 16.07.2012 03:28:24 | Computer Name = Thomas | Source = DCOM | ID = 10005
Description = 
 
Error - 16.07.2012 03:28:29 | Computer Name = Thomas | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 16.07.2012 03:28:29 | Computer Name = Thomas | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 16.07.2012 03:29:07 | Computer Name = Thomas | Source = Service Control Manager | ID = 7001
Description = 
 
 
< End of report >
         
--- --- ---




GMer.txt:

GMER Logfile:
Code:
ATTFilter
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-07-16 10:44:12
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD32 rev.11.0
Running: gmer.exe; Driver: C:\Users\Thomas\AppData\Local\Temp\kxtdipoc.sys
 
 
---- User code sections - GMER 1.0.15 ----
 
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[152] USER32.dll!GetWindowInfo 763D428E 5 Bytes JMP 6BD3AEF3 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[152] USER32.dll!TrackPopupMenu 763E14F3 5 Bytes JMP 6BD3B50D C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[1656] ntdll.dll!LdrLoadDll 77539378 5 Bytes JMP 6BBBFA35 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[1656] kernel32.dll!MapViewOfFile 776A6B10 5 Bytes JMP 6BE6079E C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[1656] kernel32.dll!VirtualAlloc 776AAF75 5 Bytes JMP 6BE607C5 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[1656] GDI32.dll!CreateDIBSection 75E37461 5 Bytes JMP 6BE60728 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Windows\Explorer.EXE[1696] SHELL32.dll!SHGetFolderPathAndSubDirW + 81C5 7660B37C 4 Bytes [20, 28, 85, 00] {AND [EAX], CH; TEST [EAX], EAX}
 
---- User IAT/EAT - GMER 1.0.15 ----
 
IAT C:\Windows\Explorer.EXE[1696] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [00852A00] C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll (PSD DragDrop Protection/Egis Technology Inc.)
IAT C:\Windows\Explorer.EXE[1696] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibraryAndExitThread] [00851E00] C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll (PSD DragDrop Protection/Egis Technology Inc.)
IAT C:\Windows\Explorer.EXE[1696] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00852D50] C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll (PSD DragDrop Protection/Egis Technology Inc.)
IAT C:\Windows\Explorer.EXE[1696] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [008511D0] C:\Program Files\EgisTec\MyWinLocker 3\x86\psdprotect.dll (PSD DragDrop Protection/Egis Technology Inc.)
 
---- Devices - GMER 1.0.15 ----
 
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp AswRdr.SYS (avast! TDI Redirect Driver/AVAST Software)
 
---- Registry - GMER 1.0.15 ----
 
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) 
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xF1 0xBB 0x48 0xB0 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) 
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xF4 0x95 0x53 0xD9 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x12 0x70 0xA6 0x41 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) 
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x18 0x67 0xE0 0xDC ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) 
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xF4 0x95 0x53 0xD9 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) 
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x12 0x70 0xA6 0x41 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC 
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x18 0x67 0xE0 0xDC ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xF4 0x95 0x53 0xD9 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x12 0x70 0xA6 0x41 ...
 
---- EOF - GMER 1.0.15 ----
         
--- --- ---




VIELEN DANK IM VORAUS FÜR EURE HILFE!!

Alt 16.07.2012, 10:35   #2
KhaosKatze
 
Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk - Standard

Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk Anleitung / Hilfe



Hallo!

Ohne mir jetzt die Scans anzusehen,
Zitat:
aber sobald sich Windows hochgefahren hatvgehts schon los mit den Fehlermeldungen und es geht nichts mehr. Ich kann keine Datei ausführen, da immer verschiedene Fehlermeldungen auftauchen.
Kannst Du Beispiele für diese Fehlermeldungen geben?

Zitat:
sobald sich Windows hochgefahren hatvgehts schon los mit den Fehlermeldungen
Es fährt also problemlos hoch? Die Fehler beginnen erst, wenn Win komplett hochgefahren ist?
__________________

__________________

Alt 16.07.2012, 12:14   #3
Th0mas
 
Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk - Standard

Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk Details



Danke für die schnelle Rückmeldung.


Windows fährt normal hoch, aber dann kommen direkt folgende Fehlermeldungen:

- MSASCui.exe - Fehler in Anmeldung
Die Anwendung konnte nicht richtig initialisiert werden (0xc00000022).

- IAAnotif.exe - Fehler in Anmeldung
Die Anwendung konnte nicht richtig initialisiert werden (0xc00000022).

- RtHDVCpl.exe - Fehler in Anmeldung
Die Anwendung konnte nicht richtig initialisiert werden (0xc00000022).

- LManager. exe - Fehler in Anmeldung
Die Anwendung konnte nicht richtig initialisiert werden (0xc00000022).

-SynTPEnh.exe - Fehler in Anmeldung
Die Anwendung konnte nicht richtig initialisiert werden (0xc00000022).

-stickies.exe - Fehler in Anmeldung
Die Anwendung konnte nicht richtig initialisiert werden (0xc00000022).

- AvastUI.exe - Fehler in Anmeldung
Die Anwendung konnte nicht richtig initialisiert werden (0xc00000022).

- WDDMStatus. exe - Fehler in Anmeldung
Die Anwendung konnte nicht richtig initialisiert werden (0xc00000022).

-ePowerTray.exe - Fehler in Anmeldung
Die Anwendung konnte nicht richtig initialisiert werden (0xc00000022).

- GfxUI.exe - Fehler in Anmeldung
Auf das angegebene Gerät, bzw. Pfad oder die Datei kann nicht zugegriffen werden. Sie verfügen eventuell nicht über ausreichende Berechtigungen, um auf das Element zugreifen zu können.

zum Schluß kommt dann noch ERROR 7 von meinem ITunesHelper.


Achja, ich kann den Laptop seit dem Virenbefall auch nur noch mit Stromkabel laufen lassen, der Akku geht nicht mehr.

Wie ihr seht ist hier eine Menge los. Danke für eure Unterstützung!
__________________

Alt 16.07.2012, 13:13   #4
KhaosKatze
 
Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk - Standard

Lösung: Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk



Zitat:
Achja, ich kann den Laptop seit dem Virenbefall auch nur noch mit Stromkabel laufen lassen, der Akku geht nicht mehr.
Das wäre jetzt meine nächste Frage gewesen, nämlich ob es einen Befall in der letzten Zeit gab, denn das sieht, für mich, derzeit so aus.
Ok, was hattest Du Dir denn eingefangen und wie/womit bekamst Du es weg?
Gibt es einen aktuellen AV Scan und Log?

Das wäre dann eher etwas für das Kompetenzteam und Punkt 1. oben in der Infobox.

Ansonsten, startest Du Windows mit einem Adminkonto?
Hast Du die Meldungen bei Programmen auch wenn Du sie über Rechtsklick als Administrator ausführen startest?

Was passiert im abgesicherten Modus? Hast Du dort auch diese Probleme?
__________________
LG
KhaosKatze

Hilfestellung erfolgt nach bestem Wissen und Gewissen! Die Durchführungsverantwortung liegt letztlich jedoch beim Fragesteller!

Letzter Wunsch des Programmierers: "Bitte ein Bit."

Alt 16.07.2012, 13:24   #5
Th0mas
 
Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk - Standard

Wie Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk



Hallo KhaosKatze,

hab mir das Teil vor 2 Wochen eingefangen. Aufgrund meiner Klausuren hab ich den Laptop einfach aus gelassen.. Der Virenscanner findet nur Warungen und sonst nichts.
Das Problem besteht nach wie vor.

Bin ich im falschen Unterforum gelandet, eigtl. wollte ich Hilfe von euch. Ich habe keine Lösung des Problems.?

Zum Admin Konto: Ich habe nur ein Konto auf dem PC.
Nach dem letzten Virenscan von heut morgen kann ich jetzt wieder Dateien öffenen und sogar im normalen Modus den Virenscanner laufen lassen (vorher nur im abgesicherten Modus, bei dem es keine Probleme gab).

Was soll ich tun, damit das Teil wieder richtig läuft?

"1. Starte einen vollständigen Scan mit Anleitung: Malwarebytes Anti-Malware - Funde bitte in Quarantäne und nichts löschen. Am besten nichts selbst machen sondern Thema starten." ??

Ich hab gedacht durch die Protokolle oben wäre das besser?!

Danke für eure Hilfe!

Gruß Th0mas


Alt 16.07.2012, 14:05   #6
KhaosKatze
 
Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk - Standard

Wo Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk Lösung!



Zitat:
eigtl. wollte ich Hilfe von euch
Sollst Du auch bekommen!

Mein Verdacht ist einfach, dass sich noch Reste irgendwo befinden bzw. beim Entfernen eventuell etwas nicht so gelaufen ist, wie es sollte.

Zitat:
Der Virenscanner findet nur Warungen und sonst nichts.
Das Problem besteht nach wie vor.
Gut, der erstellt aber auch Logs von seinem Scan und die sind gar nicht mal so unwichtig.
Was heißt denn "nur" Warnungen?

Zitat:
Nach dem letzten Virenscan von heut morgen kann ich jetzt wieder Dateien öffenen und sogar im normalen Modus den Virenscanner laufen lassen (vorher nur im abgesicherten Modus, bei dem es keine Probleme gab).
Das klingt für mich jetzt z.B. so, als ob da etwas war, was jetzt gelöscht oder in Quarantäne gesetzt wurde und somit jetzt wieder zu einem etwas stabileren System geführt hat.
Gibt es Scanlogs?

Ich bin noch der Meinung, dass sich etwas auf Deinem System befindet und verwies Dich deshalb auf das Kompetenzteam und die InfoBox, weil alles andere nur Mutmaßungen wären, da derzeit niemand weiß
a) was auf Deinem System vor zwei Wochen drauf war
b) wie Du es entfernt hast

Ich kann Dir so akut jetzt hier nicht weiterhelfen.
(vermutlich mit Avast??)
__________________
--> Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk

Antwort

Themen zu Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk
acer timline ohne laufwerk, alternate, antivirus, avira, bho, bonjour, canon, desktop, error, excel, failed, feedback, fehlermeldungen, firefox, flash player, getwindowinfo, helper, home, install.exe, launch, lenovo, locker, logfile, microsoft office 2003, microsoft office word, mozilla, mywinlocker, ntdll.dll, object, pdfforge toolbar, plug-in, realtek, registry, searchscopes, security, senden, software, starten, svchost.exe, thomas, usb 2.0, vista, windows, windows vista




Ähnliche Themen: Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk


  1. Windows 7 / langsames System / Abstürze ohne Fehlermeldungen
    Log-Analyse und Auswertung - 08.03.2015 (19)
  2. BKA Trojaner unter Windows 7 ohne CD-Rom-Laufwerk
    Plagegeister aller Art und deren Bekämpfung - 04.02.2015 (15)
  3. Windows Vista, Acer Aspire 9305AWSMI, fährt kurz hoch dann Bildschirm schwarz
    Alles rund um Windows - 19.07.2014 (1)
  4. Windows Vista - "RunDLL"-Fehlermeldungen bei Start von Windows
    Log-Analyse und Auswertung - 20.04.2014 (9)
  5. Formatieren ohne Windows-CD, Ursprungsbetriebsystem Vista, jetzt aber Win7
    Alles rund um Windows - 01.12.2013 (2)
  6. Windows Vista: Wie neu aufsetzen ohne DVD?
    Alles rund um Windows - 21.11.2013 (6)
  7. Windows Vista - GVU-Trojaner / weißer Bildschrim ohne Internet
    Plagegeister aller Art und deren Bekämpfung - 05.03.2013 (5)
  8. Neuaufsetzen von Netbook Asus - ohne CD Laufwerk - Windows 7 Starter
    Alles rund um Windows - 24.07.2012 (2)
  9. Probleme mit Bluescreen Acer Notebook und Vista
    Alles rund um Windows - 31.05.2011 (17)
  10. Trojaner noch da? C Laufwerk noch unsichtbar
    Log-Analyse und Auswertung - 16.05.2011 (11)
  11. Wiederherstellung von Windows ohne Recovery Partition und DVD Laufwerk Problemen :/
    Netzwerk und Hardware - 02.02.2011 (5)
  12. Acer Laptop-Rechner arbeitet auf Hochtouren ohne jeglichen Grund
    Plagegeister aller Art und deren Bekämpfung - 09.01.2011 (11)
  13. Ron ads revenuebuster/Sparkassenseite fragt tan ab/ netbook ohne Laufwerk-windows neu drauf machen?
    Plagegeister aller Art und deren Bekämpfung - 07.09.2010 (17)
  14. Windows Vista mit der Recovery Cd formatieren. [Acer,Aspire,7730G]
    Alles rund um Windows - 28.02.2010 (3)
  15. CD-/DVD-Laufwerk ohne Zugriff
    Log-Analyse und Auswertung - 29.08.2009 (40)
  16. Problem mit Laufwerk unter Windows vista
    Netzwerk und Hardware - 03.04.2009 (2)

Zum Thema Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk - Hallo zusammen, ich hoffe Ihr könnt mir helfen. Ich kann meinen Laptop zwar starten, aber sobald sich Windows hochgefahren hatvgehts schon los mit den Fehlermeldungen und es geht nichts mehr. - Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk...
Archiv
Du betrachtest: Windows Vista nur noch Fehlermeldungen; SOS; Acer Timline ohne Laufwerk auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.