Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Probleme nach Windows Update mit Desktop, Tastatur etc. Trojaner?

Probleme nach Windows Update mit Desktop, Tastatur etc. Trojaner?


Log-Analyse und Auswertung: Probleme nach Windows Update mit Desktop, Tastatur etc. Trojaner?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 22.11.2012, 21:38   #1
Andi73
 
Probleme nach Windows Update mit Desktop, Tastatur etc. Trojaner? - Standard

Probleme nach Windows Update mit Desktop, Tastatur etc. Trojaner?


Hallo zusammen,

ich brauche dringend Eure Hilfe.

Nach einem Windows XP Update habe ich massive Probleme...

- Desktop icons sind zum Grossteil verschwunden, auch im Ordner nicht zu finden.
- Die Tastatur ist amerikanisch geworden, nicht korrigierbar.
- Mein Mailprogramm Outlook express ist weg.
-Firefox und IE verhalten sich seltsam, sind auch viel zu langsam
- OTL und defogger waren auch nicht zu downloaden, habs ueber nen Stick vom Laptop geholt.

Weiss nicht, was noch alles kaputt ist...
Auf dem Rechner ist meine Tochter als zweiter Benutzer angelegt, dort ist evtl. noch alles in Ordnung, hat aber auch nur ein paar Spiele drauf.

Habe ich einen Trojaner?

Bin fuer jede Hilfe dankbar, wenns geht in einfachen Worten...
Habe die logfiles laut Anweisung unten reinkopiert.

Schonmal vielen Dank
Gruss Andi





defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:31 on 22/11/2012 (ANDI)

Checking for autostart values...
Unable to open HKCU\~\Run key (5)
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-




OTL logfile created on: 22.11.2012 18:48:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: | Country: | Language: | Date Format:

511,48 Mb Total Physical Memory | 343,11 Mb Available Physical Memory | 67,08% Memory free
1,22 Gb Paging File | 0,88 Gb Available in Paging File | 72,64% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,55 Gb Total Space | 1,28 Gb Free Space | 1,72% Space Free | Partition Type: NTFS
Drive D: | 68,64 Gb Total Space | 2,07 Gb Free Space | 3,01% Space Free | Partition Type: NTFS
Drive E: | 5,85 Gb Total Space | 2,21 Gb Free Space | 37,74% Space Free | Partition Type: FAT32
Drive L: | 3,91 Gb Total Space | 3,89 Gb Free Space | 99,46% Space Free | Partition Type: FAT32

Computer Name: PC-ANDI | User Name: ANDI | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.11.22 18:39:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Desktop\OTL.exe
PRC - [2012.10.07 12:58:36 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2012.07.18 17:04:42 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.07.18 17:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.07.18 17:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2008.09.05 02:01:00 | 000,364,544 | ---- | M] (AVM Berlin) -- C:\Programme\avmwlanstick\WlanNetService.exe
PRC - [2008.04.14 06:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2002.09.20 15:29:30 | 000,053,248 | ---- | M] (Computer Associates) -- C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
PRC - [2001.02.23 09:07:30 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe


========== Modules (No Company Name) ==========

MOD - [2012.10.17 15:45:54 | 000,058,880 | ---- | M] () -- C:\Programme\Claro LTD\claro\1.8.3.10\escortShld.dll
MOD - [2012.07.18 17:04:34 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010.01.30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009.02.27 15:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2009.02.27 11:56:34 | 000,016,768 | ---- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\ViewerPS.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (MSDTC)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.11.02 20:54:58 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.07 12:58:36 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.07.18 17:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.07.18 17:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.03.25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Programme\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2008.09.05 02:01:00 | 000,364,544 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2004.04.28 08:07:22 | 000,196,666 | ---- | M] (AVM Berlin) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe -- (de_serv)
SRV - [2002.09.20 15:41:02 | 000,077,824 | ---- | M] (Computer Associates) [On_Demand | Stopped] -- C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe -- (CA_LIC_SRVR)
SRV - [2002.09.20 15:29:30 | 000,053,248 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe -- (LogWatch)
SRV - [2002.09.20 15:27:06 | 000,077,824 | ---- | M] (Computer Associates) [On_Demand | Stopped] -- C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe -- (CA_LIC_CLNT)
SRV - [2001.11.12 12:31:48 | 000,020,480 | ---- | M] (X10) [On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- (x10nets)
SRV - [2001.02.23 09:07:30 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.07.18 17:04:42 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\DRIVERS\avipbb.sys -- (avipbb)
DRV - [2012.07.18 17:04:42 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\DRIVERS\avgntflt.sys -- (avgntflt)
DRV - [2012.07.18 17:04:42 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\DRIVERS\avkmgr.sys -- (avkmgr)
DRV - [2011.07.07 15:13:46 | 000,015,896 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV - [2011.06.02 06:47:22 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ssadmdm.sys -- (ssadmdm)
DRV - [2011.06.02 06:47:22 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ssadbus.sys -- (ssadbus)
DRV - [2011.06.02 06:47:22 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011.03.28 14:34:42 | 000,113,432 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ghsmdm.sys -- (ghsmdm)
DRV - [2010.08.21 09:19:32 | 000,108,768 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ACEDRV08.sys -- (ACEDRV08)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys -- (ssmdrv)
DRV - [2009.07.12 14:19:06 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2009.03.21 00:37:06 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\DRIVERS\atksgt.sys -- (atksgt)
DRV - [2009.03.21 00:37:06 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys -- (lirsgt)
DRV - [2009.02.25 23:58:57 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2008.04.13 23:06:42 | 000,063,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\mf.sys -- (mf)
DRV - [2008.01.23 09:19:44 | 000,501,560 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2006.10.06 02:00:00 | 000,014,976 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\avmunet.sys -- (AVMUNET)
DRV - [2006.07.31 01:02:00 | 000,264,704 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\fwlanusb.sys -- (FWLANUSB)
DRV - [2005.09.23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\MarvinBus.sys -- (MarvinBus)
DRV - [2004.04.28 07:58:44 | 000,027,648 | ---- | M] (AVM Berlin) [Kernel | Auto | Running] -- C:\WINDOWS\System32\DRIVERS\aadev.sys -- (aadev)
DRV - [2004.03.09 11:18:09 | 000,065,504 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.03.09 10:45:49 | 000,077,184 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.22 22:00:15 | 000,028,276 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2003.09.06 13:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003.08.07 15:36:48 | 000,362,688 | ---- | M] (Intersil Americas Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\PRISMA00.sys -- (PRISM_A00)
DRV - [2003.06.12 07:47:42 | 000,024,704 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\PhTVTune.sys -- (PhTVTune)
DRV - [2003.06.05 07:04:22 | 000,350,752 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\Cap7134.sys -- (Cap7134)
DRV - [2003.05.22 16:44:44 | 000,670,203 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ctxs51.sys -- (Intels51)
DRV - [2003.03.20 14:01:46 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\pfc.sys -- (pfc)
DRV - [2002.12.17 17:36:22 | 000,730,880 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\WDMCAPI.sys -- (WDMCAPI)
DRV - [2002.12.09 17:21:28 | 000,026,112 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DRIVERS\wdmwanmp.sys -- (WDMWANMP)
DRV - [2002.07.15 10:43:06 | 000,073,660 | ---- | M] (elmeg Kommunikationstechnik) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\ElgTaDrv.sys -- (ElgTaDrv)
DRV - [2002.04.17 19:27:02 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\ASAPIW2K.sys -- (ASAPIW2K)
DRV - [2001.11.14 17:07:42 | 000,010,761 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\x10uif.sys -- (X10UIF)
DRV - [2001.08.17 14:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 12:12:22 | 000,010,368 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\BrUsbScn.sys -- (BrUsbScn)
DRV - [2001.08.17 12:12:12 | 000,002,944 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\Brfilt.sys -- (brfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}



========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.11.02 20:55:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.11.02 20:54:23 | 000,000,000 | ---D | M]

[2012.11.18 19:50:19 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.11.02 20:55:01 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.06.25 22:04:04 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.18 20:11:40 | 000,006,522 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml
[2012.09.10 22:45:23 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.25 22:04:04 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.25 22:04:04 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.18 19:48:07 | 000,002,515 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search_Results.xml
[2012.06.25 22:04:04 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.25 22:04:04 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2002.08.29 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Claro LTD Helper Object) - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Programme\Claro LTD\claro\1.8.3.10\bh\claro.dll (Montera Technologeis LTD)
O2 - BHO: (Savings Sidekick) - {11111111-1111-1111-1111-110011501160} - C:\Programme\Savings Sidekick\Savings Sidekick.dll (215 Apps)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programme\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (Claro LTD Toolbar) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Programme\Claro LTD\claro\1.8.3.10\claroTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [avast5] "C:\Programme\Alwil Software\Avast5\avastUI.exe" /nogui File not found
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [BCSSync] D:\Programme\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.EXE (Bandoo Media, inc)
O4 - HKLM..\Run: [Dit] C:\WINDOWS\Dit.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LexwareInfoService] C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [PCMService] C:\Programme\Medion Home Cinema XL II\PowerCinema\PCMService.exe ()
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [PRISMSTA.EXE] C:\WINDOWS\System32\PRISMSTA.exe (Intersil Americas Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\RunOnce: [KB976002-v5] C:\WINDOWS\System32\browserchoice.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programme\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programme\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programme\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programme\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab (IGDTester Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37884.393599537 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CD40BBD-E388-47EE-AAB5-BD466777B897}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programme\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003.09.20 15:50:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012.11.20 22:00:49 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Eigene Dateien
[2012.11.20 18:41:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Lokale Einstellungen\Anwendungsdaten\PCHealth
[2012.11.20 18:37:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Lokale Einstellungen\Anwendungsdaten\Adobe
[2012.11.20 09:51:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012.11.20 07:50:26 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2012.11.19 16:43:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Anwendungsdaten
[2012.11.19 16:43:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Lokale Einstellungen\Anwendungsdaten\Mozilla
[2012.11.19 16:40:13 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Recent
[2012.11.19 16:40:13 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Favoriten
[2012.11.19 16:40:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Startmenü
[2012.11.19 16:40:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Desktop
[2012.11.19 16:33:34 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Vorlagen
[2012.11.19 16:33:34 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Cookies
[2012.11.19 16:33:30 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Lokale Einstellungen
[2012.11.19 16:33:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012.11.19 07:04:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2012.11.18 20:12:38 | 000,000,000 | ---D | C] -- C:\Programme\Claro LTD
[2012.11.18 20:10:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2012.11.18 20:10:22 | 000,000,000 | ---D | C] -- C:\Programme\Savings Sidekick
[2012.11.18 20:09:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IBUpdaterService
[2012.11.18 20:08:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Browser Manager
[2012.11.18 20:08:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Software
[2012.11.18 20:08:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\NCH Software Produktpalette
[2012.11.18 20:08:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Audioverwandte Programme
[2012.11.18 20:07:59 | 000,000,000 | ---D | C] -- C:\Programme\NCH Software
[2012.11.18 19:47:47 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioInfos.dll
[2012.11.18 19:47:47 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioVisu.dll
[2012.11.18 19:47:47 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudPlayer.dll
[2012.11.18 19:47:47 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioRecord.dll
[2012.11.18 19:47:47 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\WMAFile.dll
[2012.11.18 19:47:47 | 000,000,000 | ---D | C] -- C:\Programme\Windows Searchqu Toolbar
[2012.11.18 19:47:46 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudDesign.dll
[2012.11.18 19:47:46 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudFile.dll
[2012.11.18 19:47:46 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudDisplay.dll
[2012.11.18 19:47:31 | 000,000,000 | ---D | C] -- C:\Programme\Free mp3 Wma Converter
[2012.11.18 09:06:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012.11.15 18:41:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2012.11.15 18:40:52 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2012.11.12 22:29:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SharePoint
[2012.11.12 22:29:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office
[2012.11.12 22:13:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2012.11.12 22:11:18 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Sync Framework
[2012.11.12 22:11:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Microsoft
[2012.11.12 21:40:45 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio 8
[2012.11.12 21:36:58 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Analysis Services
[2012.11.12 21:35:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help
[2012.11.06 20:26:22 | 000,000,000 | ---D | C] -- C:\Programme\IrfanView
[2012.11.02 20:54:12 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2012.10.28 14:51:52 | 000,000,000 | ---D | C] -- C:\HDW40_TMP
[2012.10.28 14:51:52 | 000,000,000 | ---D | C] -- \HDW40_TMP
[2012.10.28 14:05:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panasonic
[2012.10.28 13:45:18 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Panasonic
[2012.10.28 13:44:36 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Synchronization Services
[2012.10.28 13:44:36 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server Compact Edition
[2012.10.28 13:33:00 | 000,000,000 | ---D | C] -- C:\Programme\Panasonic
[2012.10.28 13:33:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Panasonic
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.11.22 18:31:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.11.22 18:04:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.22 15:31:46 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.22 15:31:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.11.22 15:31:20 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.21 20:10:05 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\WavePadReminder.job
[2012.11.20 18:38:45 | 000,002,327 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Handbuch LuP.lnk
[2012.11.20 16:51:56 | 000,413,472 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.11.20 11:38:58 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.11.20 08:46:11 | 000,497,432 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.11.20 08:46:11 | 000,476,666 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.11.20 08:46:11 | 000,093,546 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.11.20 08:46:11 | 000,078,124 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.11.19 21:31:01 | 000,003,584 | ---- | M] () -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.18 20:10:27 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\WavePadSevenDays.job
[2012.11.18 20:09:00 | 000,001,683 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\WavePad Audiobearbeitungs-Software.lnk
[2012.11.18 20:07:59 | 000,000,779 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Switch Audiodatei-Konverter.lnk
[2012.11.18 19:38:40 | 000,006,211 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2012.11.17 18:06:27 | 000,004,096 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\00000316.LCS
[2012.11.17 18:05:42 | 000,000,170 | ---- | M] () -- C:\WINDOWS\Lilli.ini
[2012.11.17 18:05:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Lado.ini
[2012.11.10 21:33:22 | 000,000,026 | ---- | M] () -- C:\WINDOWS\Zone.Identifier
[2012.11.04 12:01:55 | 000,002,653 | ---- | M] () -- C:\WINDOWS\BRMFBIDI.INI
[2012.10.28 13:47:53 | 000,001,726 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\HD Writer AE 4.0.lnk
[2012.10.28 13:47:40 | 000,001,843 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HD Writer.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.11.19 21:31:00 | 000,003,584 | ---- | C] () -- C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.18 20:10:22 | 000,000,266 | ---- | C] () -- C:\WINDOWS\tasks\WavePadSevenDays.job
[2012.11.18 20:10:09 | 000,000,266 | ---- | C] () -- C:\WINDOWS\tasks\WavePadReminder.job
[2012.11.18 20:08:58 | 000,001,683 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\WavePad Audiobearbeitungs-Software.lnk
[2012.11.18 20:08:49 | 000,002,343 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\WavePad Audiobearbeitungs-Software.lnk
[2012.11.18 20:07:59 | 000,000,785 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Switch Audiodatei-Konverter.lnk
[2012.11.18 20:07:59 | 000,000,779 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Switch Audiodatei-Konverter.lnk
[2012.11.18 19:47:47 | 000,116,296 | ---- | C] () -- C:\WINDOWS\System32\NCTWMAProfiles.prx
[2012.11.17 21:53:58 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.11.17 21:53:58 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012.11.17 18:06:20 | 000,004,096 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\00000316.LCS
[2012.11.17 18:05:42 | 000,000,170 | ---- | C] () -- C:\WINDOWS\Lilli.ini
[2012.11.17 18:05:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Lado.ini
[2012.10.28 13:47:53 | 000,001,726 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\HD Writer AE 4.0.lnk
[2012.10.28 13:47:40 | 000,001,843 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HD Writer.lnk
[2012.10.17 23:40:35 | 000,000,056 | ---- | C] () -- C:\WINDOWS\Bibi9.ini
[2012.09.12 01:06:37 | 000,584,584 | ---- | C] () -- C:\WINDOWS\adb.exe
[2012.09.02 22:43:21 | 000,676,192 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat~
[2012.08.13 23:30:43 | 000,286,522 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1104822298-1577598727-3632224209-1008-0.dat
[2012.07.18 01:07:51 | 000,356,618 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.06.26 15:02:40 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2012.06.26 15:02:38 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012.06.26 15:02:38 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012.06.26 15:02:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012.06.26 15:02:38 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011.12.04 15:40:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\screen_bibi_und_tina.ini
[2009.12.20 19:05:30 | 000,000,960 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ss.ini
[2009.03.31 21:21:46 | 536,399,872 | -HS- | C] () -- \hiberfil.sys
[2009.03.16 14:36:48 | 013,264,160 | ---- | C] () -- \dxnt.cab
[2009.03.16 14:36:48 | 004,162,622 | ---- | C] () -- \Apr2006_MDX1_x86_Archive.cab
[2009.03.16 14:36:48 | 001,973,694 | ---- | C] () -- \Mar2009_d3dx9_41_x64.cab
[2009.03.16 14:36:48 | 001,906,870 | ---- | C] () -- \Nov2008_d3dx9_40_x64.cab
[2009.03.16 14:36:48 | 001,800,152 | ---- | C] () -- \AUG2007_d3dx9_35_x64.cab
[2009.03.16 14:36:48 | 001,794,076 | ---- | C] () -- \Aug2008_d3dx9_39_x64.cab
[2009.03.16 14:36:46 | 001,802,050 | ---- | C] () -- \Nov2007_d3dx9_36_x64.cab
[2009.03.16 14:36:46 | 001,792,600 | ---- | C] () -- \JUN2008_d3dx9_38_x64.cab
[2009.03.16 14:36:46 | 001,769,854 | ---- | C] () -- \Mar2008_d3dx9_37_x64.cab
[2009.03.16 14:36:44 | 001,709,352 | ---- | C] () -- \Nov2007_d3dx9_36_x86.cab
[2009.03.16 14:36:44 | 001,155,483 | ---- | C] () -- \BDANT.cab
[2009.03.16 14:36:44 | 001,115,221 | ---- | C] () -- \Apr2006_d3dx9_30_x86.cab
[2009.03.16 14:36:44 | 001,084,712 | ---- | C] () -- \Feb2006_d3dx9_29_x86.cab
[2009.03.16 14:36:42 | 001,350,534 | ---- | C] () -- \Aug2005_d3dx9_27_x64.cab
[2009.03.16 14:36:42 | 001,127,209 | ---- | C] () -- \OCT2006_d3dx9_31_x86.cab
[2009.03.16 14:36:42 | 001,079,456 | ---- | C] () -- \Dec2005_d3dx9_28_x86.cab
[2009.03.16 14:36:42 | 001,078,954 | ---- | C] () -- \Apr2005_d3dx9_25_x86.cab
[2009.03.16 14:36:42 | 001,077,644 | ---- | C] () -- \Aug2005_d3dx9_27_x86.cab
[2009.03.16 14:36:42 | 001,067,160 | ---- | C] () -- \Mar2009_d3dx10_41_x64.cab
[2009.03.16 14:36:42 | 001,064,917 | ---- | C] () -- \Jun2005_d3dx9_26_x86.cab
[2009.03.16 14:36:42 | 001,040,745 | ---- | C] () -- \Mar2009_d3dx10_41_x86.cab
[2009.03.16 14:36:42 | 001,013,217 | ---- | C] () -- \Feb2005_d3dx9_24_x86.cab
[2009.03.16 14:36:42 | 000,994,146 | ---- | C] () -- \Nov2008_d3dx10_40_x64.cab
[2009.03.16 14:36:40 | 001,607,766 | ---- | C] () -- \JUN2007_d3dx9_34_x64.cab
[2009.03.16 14:36:40 | 001,607,286 | ---- | C] () -- \JUN2007_d3dx9_34_x86.cab
[2009.03.16 14:36:40 | 001,347,346 | ---- | C] () -- \Apr2005_d3dx9_25_x64.cab
[2009.03.16 14:36:38 | 001,708,144 | ---- | C] () -- \AUG2007_d3dx9_35_x86.cab
[2009.03.16 14:36:38 | 001,612,446 | ---- | C] () -- \Mar2009_d3dx9_41_x86.cab
[2009.03.16 14:36:38 | 001,607,358 | ---- | C] () -- \APR2007_d3dx9_33_x64.cab
[2009.03.16 14:36:38 | 001,606,039 | ---- | C] () -- \APR2007_d3dx9_33_x86.cab
[2009.03.16 14:36:38 | 001,574,376 | ---- | C] () -- \DEC2006_d3dx9_32_x86.cab
[2009.03.16 14:36:38 | 001,571,154 | ---- | C] () -- \DEC2006_d3dx9_32_x64.cab
[2009.03.16 14:36:38 | 001,550,796 | ---- | C] () -- \Nov2008_d3dx9_40_x86.cab
[2009.03.16 14:36:38 | 001,464,664 | ---- | C] () -- \Aug2008_d3dx9_39_x86.cab
[2009.03.16 14:36:38 | 001,463,878 | ---- | C] () -- \JUN2008_d3dx9_38_x86.cab
[2009.03.16 14:36:38 | 001,443,282 | ---- | C] () -- \Mar2008_d3dx9_37_x86.cab
[2009.03.16 14:36:38 | 001,412,894 | ---- | C] () -- \OCT2006_d3dx9_31_x64.cab
[2009.03.16 14:36:38 | 001,397,830 | ---- | C] () -- \Apr2006_d3dx9_30_x64.cab
[2009.03.16 14:36:38 | 001,362,788 | ---- | C] () -- \Feb2006_d3dx9_29_x64.cab
[2009.03.16 14:36:38 | 001,357,976 | ---- | C] () -- \Dec2005_d3dx9_28_x64.cab
[2009.03.16 14:36:38 | 001,335,994 | ---- | C] () -- \Jun2005_d3dx9_26_x64.cab
[2009.03.16 14:36:38 | 001,247,499 | ---- | C] () -- \Feb2005_d3dx9_24_x64.cab
[2009.03.16 14:36:38 | 000,975,148 | ---- | C] () -- \BDAXP.cab
[2009.03.16 14:36:38 | 000,965,413 | ---- | C] () -- \Nov2008_d3dx10_40_x86.cab
[2009.03.16 14:36:38 | 000,916,422 | ---- | C] () -- \Apr2006_MDX1_x86.cab
[2009.03.16 14:36:38 | 000,867,828 | ---- | C] () -- \JUN2008_d3dx10_38_x64.cab
[2009.03.16 14:36:38 | 000,867,604 | ---- | C] () -- \Aug2008_d3dx10_39_x64.cab
[2009.03.16 14:36:36 | 000,864,592 | ---- | C] () -- \Nov2007_d3dx10_36_x64.cab
[2009.03.16 14:36:36 | 000,852,278 | ---- | C] () -- \AUG2007_d3dx10_35_x64.cab
[2009.03.16 14:36:36 | 000,849,919 | ---- | C] () -- \JUN2008_d3dx10_38_x86.cab
[2009.03.16 14:36:36 | 000,849,159 | ---- | C] () -- \Aug2008_d3dx10_39_x86.cab
[2009.03.16 14:36:34 | 000,844,884 | ---- | C] () -- \Mar2008_d3dx10_37_x64.cab
[2009.03.16 14:36:34 | 000,818,252 | ---- | C] () -- \Mar2008_d3dx10_37_x86.cab
[2009.03.16 14:36:34 | 000,803,884 | ---- | C] () -- \Nov2007_d3dx10_36_x86.cab
[2009.03.16 14:36:34 | 000,796,859 | ---- | C] () -- \AUG2007_d3dx10_35_x86.cab
[2009.03.16 14:36:34 | 000,698,612 | ---- | C] () -- \APR2007_d3dx10_33_x64.cab
[2009.03.16 14:36:34 | 000,698,472 | ---- | C] () -- \JUN2007_d3dx10_34_x86.cab
[2009.03.16 14:36:34 | 000,273,990 | ---- | C] () -- \Nov2008_XAudio_x64.cab
[2009.03.16 14:36:32 | 000,699,036 | ---- | C] () -- \JUN2007_d3dx10_34_x64.cab
[2009.03.16 14:36:32 | 000,695,857 | ---- | C] () -- \APR2007_d3dx10_33_x86.cab
[2009.03.16 14:36:32 | 000,273,203 | ---- | C] () -- \Nov2008_XAudio_x86.cab
[2009.03.16 14:36:32 | 000,271,360 | ---- | C] () -- \Aug2008_XAudio_x64.cab
[2009.03.16 14:36:32 | 000,269,842 | ---- | C] () -- \Aug2008_XAudio_x86.cab
[2009.03.16 14:36:32 | 000,269,620 | ---- | C] () -- \JUN2008_XAudio_x64.cab
[2009.03.16 14:36:32 | 000,269,016 | ---- | C] () -- \JUN2008_XAudio_x86.cab
[2009.03.16 14:36:30 | 000,275,036 | ---- | C] () -- \Mar2009_XAudio_x64.cab
[2009.03.16 14:36:30 | 000,273,010 | ---- | C] () -- \Mar2009_XAudio_x86.cab
[2009.03.16 14:36:30 | 000,251,194 | ---- | C] () -- \Mar2008_XAudio_x64.cab
[2009.03.16 14:36:30 | 000,226,242 | ---- | C] () -- \Mar2008_XAudio_x86.cab
[2009.03.16 14:36:30 | 000,212,799 | ---- | C] () -- \DEC2006_d3dx10_00_x64.cab
[2009.03.16 14:36:30 | 000,191,720 | ---- | C] () -- \DEC2006_d3dx10_00_x86.cab
[2009.03.16 14:36:28 | 000,198,088 | ---- | C] () -- \AUG2007_XACT_x64.cab
[2009.03.16 14:36:28 | 000,197,122 | ---- | C] () -- \JUN2007_XACT_x64.cab
[2009.03.16 14:36:28 | 000,196,754 | ---- | C] () -- \NOV2007_XACT_x64.cab
[2009.03.16 14:36:28 | 000,182,361 | ---- | C] () -- \OCT2006_XACT_x64.cab
[2009.03.16 14:36:28 | 000,180,777 | ---- | C] () -- \JUN2006_XACT_x64.cab
[2009.03.16 14:36:28 | 000,179,125 | ---- | C] () -- \Apr2006_XACT_x64.cab
[2009.03.16 14:36:28 | 000,178,351 | ---- | C] () -- \Feb2006_XACT_x64.cab
[2009.03.16 14:36:26 | 000,195,758 | ---- | C] () -- \APR2007_XACT_x64.cab
[2009.03.16 14:36:26 | 000,194,675 | ---- | C] () -- \FEB2007_XACT_x64.cab
[2009.03.16 14:36:26 | 000,192,475 | ---- | C] () -- \DEC2006_XACT_x64.cab
[2009.03.16 14:36:26 | 000,182,895 | ---- | C] () -- \AUG2006_XACT_x64.cab
[2009.03.16 14:36:26 | 000,151,225 | ---- | C] () -- \APR2007_XACT_x86.cab
[2009.03.16 14:36:24 | 000,153,004 | ---- | C] () -- \AUG2007_XACT_x86.cab
[2009.03.16 14:36:24 | 000,152,909 | ---- | C] () -- \JUN2007_XACT_x86.cab
[2009.03.16 14:36:24 | 000,147,975 | ---- | C] () -- \FEB2007_XACT_x86.cab
[2009.03.16 14:36:22 | 000,148,264 | ---- | C] () -- \NOV2007_XACT_x86.cab
[2009.03.16 14:36:22 | 000,145,591 | ---- | C] () -- \DEC2006_XACT_x86.cab
[2009.03.16 14:36:22 | 000,138,017 | ---- | C] () -- \OCT2006_XACT_x86.cab
[2009.03.16 14:36:22 | 000,137,227 | ---- | C] () -- \AUG2006_XACT_x86.cab
[2009.03.16 14:36:20 | 000,133,663 | ---- | C] () -- \JUN2006_XACT_x86.cab
[2009.03.16 14:36:20 | 000,133,095 | ---- | C] () -- \Apr2006_XACT_x86.cab
[2009.03.16 14:36:20 | 000,132,409 | ---- | C] () -- \Feb2006_XACT_x86.cab
[2009.03.16 14:36:20 | 000,122,328 | ---- | C] () -- \Mar2008_XACT_x64.cab
[2009.03.16 14:36:20 | 000,121,824 | ---- | C] () -- \Aug2008_XACT_x64.cab
[2009.03.16 14:36:20 | 000,121,746 | ---- | C] () -- \Nov2008_XACT_x64.cab
[2009.03.16 14:36:20 | 000,121,498 | ---- | C] () -- \Mar2009_XACT_x64.cab
[2009.03.16 14:36:20 | 000,121,046 | ---- | C] () -- \JUN2008_XACT_x64.cab
[2009.03.16 14:36:20 | 000,096,817 | ---- | C] () -- \APR2007_xinput_x64.cab
[2009.03.16 14:36:20 | 000,093,726 | ---- | C] () -- \Mar2008_XACT_x86.cab
[2009.03.16 14:36:20 | 000,093,120 | ---- | C] () -- \JUN2008_XACT_x86.cab
[2009.03.16 14:36:20 | 000,093,004 | ---- | C] () -- \Aug2008_XACT_x86.cab
[2009.03.16 14:36:18 | 000,095,296 | ---- | C] () -- \dxupdate.cab
[2009.03.16 14:36:18 | 000,092,688 | ---- | C] () -- \Nov2008_XACT_x86.cab
[2009.03.16 14:36:16 | 001,691,464 | ---- | C] () -- \dsetup32.dll
[2009.03.16 14:36:16 | 000,092,732 | ---- | C] () -- \Mar2009_XACT_x86.cab
[2009.03.16 14:36:16 | 000,087,134 | ---- | C] () -- \AUG2006_xinput_x64.cab
[2009.03.16 14:36:16 | 000,087,093 | ---- | C] () -- \Apr2006_xinput_x64.cab
[2009.03.16 14:36:16 | 000,086,029 | ---- | C] () -- \Oct2005_xinput_x64.cab
[2009.03.16 14:36:14 | 000,055,154 | ---- | C] () -- \JUN2008_X3DAudio_x64.cab
[2009.03.16 14:36:14 | 000,055,058 | ---- | C] () -- \Mar2008_X3DAudio_x64.cab
[2009.03.16 14:36:14 | 000,053,302 | ---- | C] () -- \APR2007_xinput_x86.cab
[2009.03.16 14:36:12 | 000,055,110 | ---- | C] () -- \Nov2008_X3DAudio_x64.cab
[2009.03.16 14:36:12 | 000,054,592 | ---- | C] () -- \Mar2009_X3DAudio_x64.cab
[2009.03.16 14:36:12 | 000,046,144 | ---- | C] () -- \NOV2007_X3DAudio_x64.cab
[2009.03.16 14:36:12 | 000,046,050 | ---- | C] () -- \AUG2006_xinput_x86.cab
[2009.03.16 14:36:12 | 000,046,002 | ---- | C] () -- \Apr2006_xinput_x86.cab
[2009.03.16 14:36:12 | 000,045,359 | ---- | C] () -- \Oct2005_xinput_x86.cab
[2009.03.16 14:36:12 | 000,044,444 | ---- | C] () -- \dxdllreg_x86.cab
[2009.03.16 14:36:12 | 000,021,897 | ---- | C] () -- \JUN2008_X3DAudio_x86.cab
[2009.03.16 14:36:12 | 000,021,867 | ---- | C] () -- \Mar2008_X3DAudio_x86.cab
[2009.03.16 14:36:12 | 000,021,836 | ---- | C] () -- \Nov2008_X3DAudio_x86.cab
[2009.03.16 14:36:12 | 000,018,488 | ---- | C] () -- \NOV2007_X3DAudio_x86.cab
[2009.03.16 14:36:10 | 000,021,298 | ---- | C] () -- \Mar2009_X3DAudio_x86.cab
[2009.03.16 14:35:46 | 000,525,128 | ---- | C] () -- \DXSETUP.exe
[2009.03.16 14:35:34 | 000,094,024 | ---- | C] () -- \DSETUP.dll
[2003.09.22 21:55:19 | 000,040,960 | ---- | C] () -- C:\Programme\Uninstall_PCM.exe
[2003.09.21 00:42:11 | 000,000,211 | RHS- | C] () -- \boot.ini
[2003.09.21 00:42:04 | 000,251,712 | RHS- | C] () -- \ntldr
[2003.09.21 00:42:04 | 000,047,564 | RHS- | C] () -- \NTDETECT.COM
[2003.09.21 00:42:01 | 000,004,952 | RHS- | C] () -- \bootfont.bin
[2003.09.20 18:11:34 | 000,000,499 | -H-- | C] () -- \IPH.PH
[2003.09.20 15:50:07 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2003.09.20 15:50:07 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2003.09.20 15:50:07 | 000,000,000 | ---- | C] () -- \CONFIG.SYS
[2003.09.20 15:50:07 | 000,000,000 | ---- | C] () -- \AUTOEXEC.BAT

========== ZeroAccess Check ==========

[2003.09.20 15:54:22 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008.04.14 06:52:26 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2008.04.14 06:52:12 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 06:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========


========== Purity Check ==========



< End of report >




OTL Extras logfile created on: 22.11.2012 18:48:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\ANDI.PC-ANDI.010\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: | Country: | Language: | Date Format:

511,48 Mb Total Physical Memory | 343,11 Mb Available Physical Memory | 67,08% Memory free
1,22 Gb Paging File | 0,88 Gb Available in Paging File | 72,64% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,55 Gb Total Space | 1,28 Gb Free Space | 1,72% Space Free | Partition Type: NTFS
Drive D: | 68,64 Gb Total Space | 2,07 Gb Free Space | 3,01% Space Free | Partition Type: NTFS
Drive E: | 5,85 Gb Total Space | 2,21 Gb Free Space | 37,74% Space Free | Partition Type: FAT32
Drive L: | 3,91 Gb Total Space | 3,89 Gb Free Space | 99,46% Space Free | Partition Type: FAT32

Computer Name: PC-ANDI | User Name: ANDI | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Programme\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programme\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Real\RealPlayer\realplay.exe" = C:\Programme\Real\RealPlayer\realplay.exe:*:Enabled:RealOne Player -- (RealNetworks, Inc.)
"C:\Programme\Pinnacle\Studio 14\Programs\RM.exe" = C:\Programme\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager
"C:\Programme\Pinnacle\Studio 14\Programs\Studio.exe" = C:\Programme\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio
"C:\Programme\Pinnacle\Studio 14\Programs\umi.exe" = C:\Programme\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi
"C:\Programme\Yahoo!\Messenger\YahooMessenger.exe" = C:\Programme\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Dokumente und Einstellungen\ANDI\Lokale Einstellungen\Temp\WZSE0.TMP\fsetup.exe" = C:\Dokumente und Einstellungen\ANDI\Lokale Einstellungen\Temp\WZSE0.TMP\fsetup.exe:*:Enabled:AVM FSetup Application
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"D:\Programme\Office14\GROOVE.EXE" = D:\Programme\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"D:\Programme\Office14\ONENOTE.EXE" = D:\Programme\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"D:\Programme\Office14\OUTLOOK.EXE" = D:\Programme\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe:*:EnabledTX broker -- (Visicom Media Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01D42BF0-ED08-463f-8A28-99EB6FEE962B}" = ZTE Handset USB Driver
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FABA7C7-6DC0-11D6-9EAB-0050BAE317E1}" = VideoLive Mail
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = PowerCinema 2.0
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{30C10EE3-EFB3-4B7A-9CDC-50790C2B5200}" = CA Licensing
"{31CB0D80-1866-462A-9455-88614410971F}" = Driver: Parallel Lines
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D1A6B70-3E02-49BC-88B0-916C80274632}" = Informationen über Ihren PC
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{406A89D6-09E6-4550-B370-8D376DDB56BE}" = Adobe Flash Player 10 ActiveX
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows-Journal-Viewer
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH(R) Jukebox
"{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}" = SPEEDLINK Strike 2 Gamepad
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EAD2E21-1D4A-4E2B-A082-8D08961539C9}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.30
"{541FFA8F-2772-4FA7-A63E-F98493A1EEE1}" = T-Concept XI420 TAPI
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B680750-760B-49E4-81E7-21B2B337F9F7}" = Microsoft Works
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B103F43-069C-11D6-9EA2-0050BAE317E1}" = Home Cinema XL II
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows-Sicherungsprogramm
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 14
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{927AE974-7B5B-463B-A672-D3B048664D6B}" = T-Concept XI420
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTAIII
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ACEBC7B-4D46-462A-929C-99177EC5BEA6}" = InstantCopy
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C538AA5E-2F9C-48DC-AD5C-B21CE34EA10B}" = Löwenzahn und Pusteblume
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1955A3A-EA24-4682-8641-43B5B688B09A}" = USB Wireless Keyboard Driver Ver1.24M
"{D2D77DC2-8299-11D1-8949-444553540000}_is1" = Handset USB Driver
"{D474A0E8-4421-43C0-BE8E-F454F91E2E2A}" = Race Driver 2
"{DAC69A3A-89E6-4B70-B486-B974C2C95BE9}" = HD Writer AE 4.0
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Foto Premium 9
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EA1CB7AC-E221-4822-A789-0ADB051DC498}" = Medion Flash XL
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}" = Lexware Info Service
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA3FDB06-3368-4579-B2F2-5AE8AD6E7871}" = TAXMAN 2012
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMFBox" = FRITZ!Box
"AVMWLANCLI" = AVM FRITZ!WLAN
"claro" = Claro LTD toolbar
"C-Media Audio" = C-Media 3D Audio
"C-Media Audio Driver" = C-Media WDM Audio Driver
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Exact Audio Copy" = Exact Audio Copy 0.99pb5
"FRITZ!DSL" = AVM FRITZ!DSL
"ie8" = Windows Internet Explorer 8
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{93656878-FF8B-4935-99BB-F3F260037C57}" = Lara Croft Tomb Raider: The Angel Of Darkness
"InstallShield_{D474A0E8-4421-43C0-BE8E-F454F91E2E2A}" = Race Driver 2
"IrfanView" = IrfanView (remove only)
"MediaShow" = Medi@Show
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nero - Burning Rom!UninstallKey" = Ahead Nero OEM
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PictureIt_v9" = Microsoft Picture It! Foto Premium 9
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"RealPlayer 12.0" = RealPlayer
"Savings Sidekick" = Savings Sidekick
"screen_bibi_und_tina_is1" = screen_bibi_und_tina
"Searchqu Toolbar" = Windows Searchqu Toolbar
"Shockwave" = Shockwave
"Switch" = Switch Audiodatei-Konverter
"Tivola Lauras Stern" = Tivola Lauras Stern
"ViewpointMediaPlayer" = Viewpoint Media Player
"WavePad" = WavePad Audiobearbeitungs-Software
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"X10Hardware" = X10 Hardware(TM)
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Zahlenzauber 1_is1" = Zahlenzauber 1

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 20.11.2012 09:03:44 | Computer Name = PC-ANDI | Source = MsiInstaller | ID = 11711
Description = Produkt: Microsoft .NET Framework 2.0 Service Pack 2 -- Error 1711.Beim
Versuch, Installationsinformationen auf die Festplatte zu schreiben, ist ein Fehler
aufgetreten. Überprüfen Sie, ob genügend Speicherplatz verfügbar ist, und klicken
Sie auf "Wiederholen". Oder klicken Sie auf "Abbrechen", um die Installation zu
abzubrechen.

Error - 20.11.2012 09:03:50 | Computer Name = PC-ANDI | Source = MsiInstaller | ID = 11711
Description = Produkt: Microsoft .NET Framework 2.0 Service Pack 2 -- Error 1711.Beim
Versuch, Installationsinformationen auf die Festplatte zu schreiben, ist ein Fehler
aufgetreten. Überprüfen Sie, ob genügend Speicherplatz verfügbar ist, und klicken
Sie auf "Wiederholen". Oder klicken Sie auf "Abbrechen", um die Installation zu
abzubrechen.

Error - 20.11.2012 09:03:56 | Computer Name = PC-ANDI | Source = MsiInstaller | ID = 11711
Description = Produkt: Microsoft .NET Framework 2.0 Service Pack 2 -- Error 1711.Beim
Versuch, Installationsinformationen auf die Festplatte zu schreiben, ist ein Fehler
aufgetreten. Überprüfen Sie, ob genügend Speicherplatz verfügbar ist, und klicken
Sie auf "Wiederholen". Oder klicken Sie auf "Abbrechen", um die Installation zu
abzubrechen.

Error - 20.11.2012 09:04:02 | Computer Name = PC-ANDI | Source = MsiInstaller | ID = 11711
Description = Produkt: Microsoft .NET Framework 2.0 Service Pack 2 -- Error 1711.Beim
Versuch, Installationsinformationen auf die Festplatte zu schreiben, ist ein Fehler
aufgetreten. Überprüfen Sie, ob genügend Speicherplatz verfügbar ist, und klicken
Sie auf "Wiederholen". Oder klicken Sie auf "Abbrechen", um die Installation zu
abzubrechen.

Error - 20.11.2012 11:54:41 | Computer Name = PC-ANDI | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 20.11.2012 13:28:20 | Computer Name = PC-ANDI | Source = MsiInstaller | ID = 11704
Description = Produkt: Apple Software Update -- Fehler 1704. Eine Installation von
Microsoft .NET Framework 2.0 Service Pack 2 ist im Augenblick unterbrochen. Sie
müssen die von dieser Installation vorgenommenen Änderungen rückgängig machen,
bevor Sie den Vorgang fortsetzen können. Möchten Sie diese Änderungen rückgängig
machen?

Error - 20.11.2012 13:37:44 | Computer Name = PC-ANDI | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung acrord32.exe, Version 9.1.0.163, fehlgeschlagenes
Modul msvcr80.dll, Version 8.0.50727.6195, Fehleradresse 0x000046b4.

Error - 20.11.2012 13:38:51 | Computer Name = PC-ANDI | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung acrord32.exe, Version 9.1.0.163, fehlgeschlagenes
Modul msvcr80.dll, Version 8.0.50727.6195, Fehleradresse 0x000046b4.

Error - 20.11.2012 17:09:45 | Computer Name = PC-ANDI | Source = Microsoft Office 14 | ID = 1000
Description = Faulting application groove.exe, version 14.0.4761.1000, stamp 4bab9a34,
faulting module kernel32.dll, version 5.1.2600.5512, stamp 4802bfc0, debug? 0,
fault address 0x00012aeb.

Error - 21.11.2012 13:13:53 | Computer Name = PC-ANDI | Source = Microsoft Office 14 | ID = 1000
Description = Faulting application groove.exe, version 14.0.4761.1000, stamp 4bab9a34,
faulting module kernel32.dll, version 5.1.2600.5512, stamp 4802bfc0, debug? 0,
fault address 0x00012aeb.

[ System Events ]
Error - 20.11.2012 13:33:06 | Computer Name = PC-ANDI | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126

Error - 20.11.2012 13:33:06 | Computer Name = PC-ANDI | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126

Error - 20.11.2012 13:33:07 | Computer Name = PC-ANDI | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126

Error - 20.11.2012 13:33:07 | Computer Name = PC-ANDI | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126

Error - 20.11.2012 13:33:07 | Computer Name = PC-ANDI | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Anwendungsverwaltung" wurde mit folgendem Fehler beendet:
%%126

Error - 20.11.2012 15:22:39 | Computer Name = PC-ANDI | Source = VolSnap | ID = 393226
Description = Die Schattenkopie von Volume "C:" hat das Installationszeitlimit überschritten.

Error - 20.11.2012 17:10:23 | Computer Name = PC-ANDI | Source = DCOM | ID = 10010
Description = Der Server "{323AE3F4-DBC8-4E77-9E5C-97F31EE2CD63}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error - 21.11.2012 13:14:28 | Computer Name = PC-ANDI | Source = DCOM | ID = 10010
Description = Der Server "{323AE3F4-DBC8-4E77-9E5C-97F31EE2CD63}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error - 21.11.2012 16:38:25 | Computer Name = PC-ANDI | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 00040EFE1A70 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.

Error - 21.11.2012 16:44:36 | Computer Name = PC-ANDI | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 00040EFE1A70 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.


< End of report >

 

Themen zu Probleme nach Windows Update mit Desktop, Tastatur etc. Trojaner?
amerika, antivir, avira, bandoo, bho, browser, desktop, dringend, error, excel, festplatte, flash player, fontcache, grand theft auto, helper, home, mozilla, mp3, msiinstaller, msvcr80.dll, object, plug-in, registry, rückgängig, savings, scan, security, senden, sidekick, stick, tastatur, trojaner, trojaner?, visual studio, windows, windows internet, windows xp


« Virus "Deutsche Post" Aufforderung zur Sendungsabholung | OTL-Scan auswerten »


Ähnliche Themen: Probleme nach Windows Update mit Desktop, Tastatur etc. Trojaner?


  1. Probleme mit NVIDEA Systemsteuerung nach Windows 10 update
    Netzwerk und Hardware - 06.08.2015 (1)
  2. Win8, DHL-mail geöffnet nach Win-Update HDI-Tastatur keine funktion (Code 19)
    Log-Analyse und Auswertung - 27.05.2015 (12)
  3. Windows 8.1: Probleme nach Update
    Log-Analyse und Auswertung - 12.03.2015 (13)
  4. Nach Windows 7 "Update" nicht mehr bootfähig (Tastatur blockiert)
    Plagegeister aller Art und deren Bekämpfung - 19.12.2014 (3)
  5. Tastatur ohne Funktion bei Update auf Windows 8.1
    Alles rund um Windows - 30.10.2014 (46)
  6. Windows 8: Tastatur spielt verrückt und andere Probleme
    Log-Analyse und Auswertung - 09.06.2014 (9)
  7. Win 8 : Probleme und Windows Verson Installer 2011-2014 nach Java Update
    Plagegeister aller Art und deren Bekämpfung - 08.06.2014 (9)
  8. Nach GDATA Update ohne Maus/Tastatur aus dem System ausgesperrt! Dringend!
    Antiviren-, Firewall- und andere Schutzprogramme - 27.05.2014 (1)
  9. Windows Vista 32Bit: Probleme nach Reparatur von Fake Java Update mit MalwareBytes
    Alles rund um Windows - 13.05.2014 (9)
  10. Probleme nach Java Update
    Plagegeister aller Art und deren Bekämpfung - 01.05.2014 (19)
  11. XP Laptop: Probleme nach trash.gen australianbrewingcompany Trojaner / keine Tastatur oder schwarzer Bildschirm
    Log-Analyse und Auswertung - 01.02.2014 (19)
  12. Tastatur funktioniert nicht mehr nach Update auf Windows 8.1
    Alles rund um Windows - 14.12.2013 (11)
  13. Unregelmäßige Probleme nach FF3 Update mit SP3
    Plagegeister aller Art und deren Bekämpfung - 01.10.2008 (1)
  14. Probleme nach dem Update von Win2000-XP
    Alles rund um Windows - 31.03.2007 (2)
  15. Probleme nach Update von Zonealarm
    Antiviren-, Firewall- und andere Schutzprogramme - 13.04.2006 (3)
  16. Probleme nach automatischem Win-Update
    Alles rund um Windows - 19.03.2006 (6)
  17. Probleme nach AntiVir update
    Alles rund um Windows - 07.11.2004 (16)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Probleme nach Windows Update mit Desktop, Tastatur etc. Trojaner? - Hallo zusammen, ich brauche dringend Eure Hilfe. Nach einem Windows XP Update habe ich massive Probleme... - Desktop icons sind zum Grossteil verschwunden, auch im Ordner nicht zu finden. - - Probleme nach Windows Update mit Desktop, Tastatur etc. Trojaner?...
Archiv
Du betrachtest: Probleme nach Windows Update mit Desktop, Tastatur etc. Trojaner? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19