![]() |
|
Plagegeister aller Art und deren Bekämpfung: Malware Problem "Savenow", "Superfish" etc.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() | #1 | |
![]() | ![]() Malware Problem "Savenow", "Superfish" etc. Hallo Cosinus und Co. ich habe ein Malwareproblem. Ständig poppen irgendwelche Werbebanner auf Seiten auf, die vorher nicht da waren und gehen mir extrem auf die Nerven. Auffällig bei Ebay u. ä. Ich habe für´s Erste ausmachen können, dass es sich um irgendwas mit Superfish und savenow handelt. Ich habe schon folgendes unternommen: Logfile von aswMBR in der neusten Version erstellt Logfile von OTL erstellt und Logfile von Kaspersky TDSSKiller. Um schon mal etwas Vorarbeit zu leisten. Es wäre nett wenn man mir mit meinem Problem helfen könnte, so dass ich den Rechner wieder frei von diesen Popups bekomme. Die Logs poste ich als Antwort hinten dran. Gruß Rene2k OTL Logfile: Code:
ATTFilter OTL logfile created on: 28.11.2012 15:51:29 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\jassy\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 59,09% Memory free 4,00 Gb Paging File | 3,06 Gb Available in Paging File | 76,64% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files Drive C: | 99,17 Gb Total Space | 98,96 Gb Free Space | 99,78% Space Free | Partition Type: NTFS Drive D: | 29,29 Gb Total Space | 2,65 Gb Free Space | 9,06% Space Free | Partition Type: NTFS Drive E: | 195,31 Gb Total Space | 38,51 Gb Free Space | 19,72% Space Free | Partition Type: NTFS Drive F: | 48,83 Gb Total Space | 29,49 Gb Free Space | 60,39% Space Free | Partition Type: NTFS Computer Name: JASSY-PC | User Name: jassy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - D:\Users\jassy\Desktop\OTL.exe (OldTimer Tools) PRC - D:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO) PRC - D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - D:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - D:\Programme\DAEMON Tools Pro\DTShellHlp.exe (DT Soft Ltd) PRC - D:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - D:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - D:\Programme\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.) PRC - D:\Windows\explorer.exe (Microsoft Corporation) PRC - D:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - D:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - D:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - D:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.) PRC - D:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) PRC - D:\Windows\System32\FsUsbExService.Exe (Teruten) ========== Modules (No Company Name) ========== MOD - D:\Users\jassy\AppData\Local\Temp\CmdLineExt03.dll () MOD - D:\Programme\Mozilla Firefox\mozjs.dll () MOD - D:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2013\QtWebKit\qmlwebkitplugin4.dll () MOD - D:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll () MOD - D:\Windows\System32\Macromed\Flash\NPSWF32.dll () MOD - D:\Programme\WinRAR\RarExt.dll () MOD - D:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF () MOD - D:\Programme\Common Files\LightScribe\QtGui4.dll () MOD - D:\Programme\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll () MOD - D:\Programme\Common Files\LightScribe\QtCore4.dll () ========== Services (SafeList) ========== SRV - (AVP) -- D:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO) SRV - (MozillaMaintenance) -- D:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeARMservice) -- D:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (Microsoft SharePoint Workspace Audit Service) -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (wlidsvc) -- D:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (nosGetPlusHelper) -- D:\Programme\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.) SRV - (WMPNetworkSvc) -- D:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (FsUsbExService) -- D:\Windows\System32\FsUsbExService.Exe (Teruten) SRV - (osppsvc) -- D:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (ose) -- D:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (StorSvc) -- D:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- D:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- D:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (Lbd) -- system32\DRIVERS\Lbd.sys File not found DRV - (Lavasoft Kernexplorer) -- D:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys File not found DRV - (esgiguard) -- D:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found DRV - (KLIF) -- D:\Windows\System32\drivers\klif.sys (Kaspersky Lab) DRV - (kltdi) -- D:\Windows\System32\drivers\kltdi.sys (Kaspersky Lab) DRV - (klmouflt) -- D:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab) DRV - (klkbdflt) -- D:\Windows\System32\drivers\klkbdflt.sys (Kaspersky Lab) DRV - (kneps) -- D:\Windows\System32\drivers\kneps.sys (Kaspersky Lab) DRV - (KLIM6) -- D:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO) DRV - (kl1) -- D:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO) DRV - (dtsoftbus01) -- D:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (synasusb) -- D:\Windows\System32\drivers\synasusb.sys (Steinberg Media Technologies GmbH) DRV - (NBVol) -- D:\Windows\System32\drivers\NBVol.sys (Nero AG) DRV - (NBVolUp) -- D:\Windows\System32\drivers\NBVolUp.sys (Nero AG) DRV - (yukonw7) -- D:\Windows\System32\drivers\yk62x86.sys (Marvell) DRV - (vmbus) -- D:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- D:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- D:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- D:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- D:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- D:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- D:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (FsUsbExDisk) -- D:\Windows\System32\FsUsbExDisk.Sys () DRV - (sscdmdm) -- D:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation) DRV - (sscdbus) -- D:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation) DRV - (sscdmdfl) -- D:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation) DRV - (npf) -- D:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.) DRV - (ZTEusbnet) -- D:\Windows\System32\drivers\ZTEusbnet.sys (ZTE Corporation) DRV - (ZTEusbvoice) -- D:\Windows\System32\drivers\zteusbvoice.sys (ZTE Incorporated) DRV - (ZTEusbser6k) -- D:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated) DRV - (ZTEusbnmea) -- D:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated) DRV - (ZTEusbmdm6k) -- D:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated) DRV - (massfilter) -- D:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated) DRV - (nvlddmkm) -- D:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (MTsensor) -- D:\Windows\System32\drivers\ASACPI.sys () DRV - (EL90x) -- D:\Windows\System32\drivers\el90xnd5.SYS (3Com Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2658800859-1032754694-4259662628-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ IE - HKU\S-1-5-21-2658800859-1032754694-4259662628-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2658800859-1032754694-4259662628-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-2658800859-1032754694-4259662628-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 88 85 8F 6B 09 CF CC 01 [binary data] IE - HKU\S-1-5-21-2658800859-1032754694-4259662628-1001\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-2658800859-1032754694-4259662628-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2658800859-1032754694-4259662628-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2658800859-1032754694-4259662628-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKU\S-1-5-21-2658800859-1032754694-4259662628-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2658800859-1032754694-4259662628-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..extensions.enabledAddons: {5556F97E-11A5-46b0-9082-32AD74AAA920}:0.4.2.2 FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3 FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}:6.0.37 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: D:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: D:\Program Files\TabletPlugins\npWacomTabletPlugin.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: D:\Program Files\RelevantKnowledge FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2012.11.15 18:08:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2012.11.15 18:08:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com [2012.11.15 18:07:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012.10.27 17:03:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2012.11.05 16:42:28 | 000,000,000 | ---D | M] [2010.12.30 20:53:04 | 000,000,000 | ---D | M] (No name found) -- D:\Users\jassy\AppData\Roaming\mozilla\Extensions [2012.10.23 15:40:37 | 000,000,000 | ---D | M] (No name found) -- D:\Users\jassy\AppData\Roaming\mozilla\Firefox\Profiles\mgkh1cgk.default\extensions [2005.12.31 23:03:29 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- D:\Users\jassy\AppData\Roaming\mozilla\Firefox\Profiles\mgkh1cgk.default\extensions\ich@maltegoetz.de [2012.09.30 16:13:17 | 000,005,366 | ---- | M] () (No name found) -- D:\Users\jassy\AppData\Roaming\mozilla\firefox\profiles\mgkh1cgk.default\extensions\5068628db30aa@5068628db30e3.com.xpi [2012.05.03 19:48:40 | 000,617,362 | ---- | M] () (No name found) -- D:\Users\jassy\AppData\Roaming\mozilla\firefox\profiles\mgkh1cgk.default\extensions\check4change-owner@mozdev.org.xpi [2012.05.03 19:50:04 | 000,017,424 | ---- | M] () (No name found) -- D:\Users\jassy\AppData\Roaming\mozilla\firefox\profiles\mgkh1cgk.default\extensions\{5556F97E-11A5-46b0-9082-32AD74AAA920}.xpi [2012.11.05 16:42:30 | 000,000,000 | ---D | M] (No name found) -- D:\Programme\Mozilla Firefox\extensions [2012.11.05 16:42:31 | 000,000,000 | ---D | M] (Java Console) -- D:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012.11.05 16:42:31 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012.10.27 17:03:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll [2012.09.08 22:53:57 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.08 22:53:57 | 000,002,465 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.09.08 22:53:57 | 000,001,153 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.09.08 22:53:57 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.09.08 22:53:57 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.09.08 22:53:57 | 000,001,105 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml Hosts file not found O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - D:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - D:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - D:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVP] D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [BCSSync] D:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [CanonMyPrinter] D:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKU\S-1-5-21-2658800859-1032754694-4259662628-1001..\Run: [AutoStartNPSAgent] D:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-2658800859-1032754694-4259662628-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2658800859-1032754694-4259662628-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O8 - Extra context menu item: Download with x-iphone-magic-platinum - e:\Program Files\Xilisoft\iPhone Magic Platinum\upod_link.HTM File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - D:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - D:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - D:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - D:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{823824DA-57F2-4255-A40A-66CDC30F96AC}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - D:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - D:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) - D:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{10744ca0-9f79-11e0-89e6-0018f39e5c26}\Shell - "" = AutoRun O33 - MountPoints2\{10744ca0-9f79-11e0-89e6-0018f39e5c26}\Shell\AutoRun\command - "" = I:\MI.exe O33 - MountPoints2\{3e7b3e32-fbb5-11e0-b47b-0018f39e5c26}\Shell - "" = AutoRun O33 - MountPoints2\{3e7b3e32-fbb5-11e0-b47b-0018f39e5c26}\Shell\AutoRun\command - "" = J:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{b6fca78f-81b1-11e1-b976-0018f39e5c26}\Shell - "" = AutoRun O33 - MountPoints2\{b6fca78f-81b1-11e1-b976-0018f39e5c26}\Shell\AutoRun\command - "" = H:\Spielen!.exe O33 - MountPoints2\{c0bd3c5b-f36d-11e1-b35f-0018f39e5c26}\Shell - "" = AutoRun O33 - MountPoints2\{c0bd3c5b-f36d-11e1-b35f-0018f39e5c26}\Shell\AutoRun\command - "" = I:\Spielen!.exe O33 - MountPoints2\J\Shell - "" = AutoRun O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.11.28 15:50:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Users\jassy\Desktop\OTL.exe [2012.11.28 15:35:58 | 004,732,416 | ---- | C] (AVAST Software) -- D:\Users\jassy\Desktop\aswMBR.exe [2012.11.28 09:55:28 | 001,700,352 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\gdiplus.dll [2012.11.28 06:22:58 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{A08F429C-8CAE-4402-AE93-F7B5F7BA472B} [2012.11.27 17:01:18 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{ABFB6E7E-6E2A-4AFB-852E-6EA4E875B44B} [2012.11.26 21:19:28 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{A4133C7F-0597-4566-9E71-87AC78C4C90E} [2012.11.26 21:15:42 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{B6E71553-61F5-4796-9F52-2E2D927E094D} [2012.11.26 06:54:16 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{21211D5B-2415-4F64-B1EC-2D1BC11E036A} [2012.11.25 21:53:11 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaveLab 6 [2012.11.25 12:13:10 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{1078A8D6-BE37-4AAC-89FE-F35A2F313059} [2012.11.25 00:12:48 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{7C85C0D9-8942-4BF7-B159-37140851C17C} [2012.11.24 13:30:07 | 000,000,000 | ---D | C] -- D:\Users\jassy\Documents\Cubase Projects [2012.11.24 13:29:21 | 000,000,000 | ---D | C] -- D:\Users\jassy\Documents\VST3 Presets [2012.11.24 13:24:25 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Roaming\Steinberg [2012.11.24 11:30:02 | 000,000,000 | ---D | C] -- D:\ProgramData\Syncrosoft [2012.11.24 11:30:01 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\eLicenser [2012.11.24 11:23:57 | 000,000,000 | ---D | C] -- D:\Program Files\Syncrosoft [2012.11.24 11:23:57 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLicenser [2012.11.24 11:23:57 | 000,000,000 | ---D | C] -- D:\ProgramData\eLicenser [2012.11.24 11:23:57 | 000,000,000 | ---D | C] -- D:\Program Files\eLicenser [2012.11.24 11:23:56 | 000,023,696 | ---- | C] (Steinberg Media Technologies GmbH) -- D:\Windows\System32\drivers\synasusb.sys [2012.11.24 11:23:54 | 001,277,952 | ---- | C] (Steinberg Media Technologies GmbH) -- D:\Windows\System32\SYNSOACC.dll [2012.11.24 10:27:00 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{47A9EE81-FB51-475F-B662-15AC8E3628C9} [2012.11.23 17:53:25 | 000,000,000 | ---D | C] -- D:\Users\jassy\Desktop\Vorschüler2012 [2012.11.23 17:52:04 | 000,000,000 | ---D | C] -- D:\Users\jassy\Desktop\Laternernfest [2012.11.23 07:41:25 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{1B4F30EE-7F1C-4500-90B2-EB92466AC4AE} [2012.11.22 16:20:55 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{BD0E115B-143D-43CA-A7BD-1E3A727375D4} [2012.11.21 22:36:55 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{EF4BDA4E-B482-4B15-B73F-BDF47BB12197} [2012.11.20 20:46:09 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{6244602F-92AF-4F38-BE54-2AE1680B03C4} [2012.11.20 06:57:42 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{73262E6C-4207-4A4B-B81F-F1DD18EB7915} [2012.11.19 06:58:10 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{23E65F53-B660-476E-9472-2EAF2741A087} [2012.11.18 12:53:49 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{664A8B86-8A6C-48BB-90C1-093D6D55C1BF} [2012.11.18 01:54:46 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{50DFEA26-7FDC-4933-9BB0-BF11C6E1BFA6} [2012.11.17 10:25:26 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{043EFC98-260F-4B44-A8AB-2B2189C38F63} [2012.11.16 16:07:14 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{CB6A2087-2714-47D4-88C8-1282A39ACF0A} [2012.11.15 21:08:07 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{8F68C922-C0C4-4CE0-BD0F-742B740B3B5D} [2012.11.15 20:38:50 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{A2509A78-69D6-4FF9-8B16-F01E3734E8CC} [2012.11.15 20:34:27 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{FBFB0D01-31C2-4312-91C1-0A01B898792E} [2012.11.15 18:17:09 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{23938030-20A9-4EBD-B235-948A04D051D4} [2012.11.15 18:08:46 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2013 [2012.11.15 18:07:48 | 000,000,000 | ---D | C] -- D:\Windows\ELAMBKUP [2012.11.15 18:07:43 | 000,000,000 | ---D | C] -- D:\ProgramData\Kaspersky Lab [2012.11.15 18:07:43 | 000,000,000 | ---D | C] -- D:\Program Files\Kaspersky Lab [2012.11.15 18:07:27 | 000,589,144 | ---- | C] (Kaspersky Lab) -- D:\Windows\System32\drivers\klif.sys [2012.11.15 18:07:27 | 000,075,096 | ---- | C] (Kaspersky Lab) -- D:\Windows\System32\drivers\klflt.sys [2012.11.15 18:04:18 | 154,892,968 | ---- | C] (Kaspersky Lab) -- D:\Users\jassy\Desktop\kav13.0.1.4190de-de.exe [2012.11.15 17:55:08 | 000,000,000 | ---D | C] -- D:\ProgramData\ESET [2012.11.15 17:42:09 | 000,000,000 | ---D | C] -- D:\Program Files\ESET [2012.11.14 19:28:50 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{9E93C389-2E29-415B-AB05-BEA5BBA4726A} [2012.11.14 07:19:21 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{D6BD75D9-1FBD-4E21-9311-E694F8AC8FCA} [2012.11.13 15:17:39 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{3337975E-3F63-45F0-A2D5-CCFA73FDEE17} [2012.11.13 07:49:34 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{84DB77EA-0AF6-4866-936B-17A7DE9CBC78} [2012.11.12 19:47:14 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{5F0D3733-95EA-4548-843B-C33767912AF5} [2012.11.12 06:58:21 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{70B94035-2937-4760-9417-ED7E89B23230} [2012.11.11 11:40:55 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{618C4B9A-4457-4A97-84B1-133BA2447099} [2012.11.10 12:28:01 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{6C147379-2190-481C-937A-68B5DFA0A6BB} [2012.11.09 18:58:05 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{18154E4E-437D-4EC3-9E6A-45EB0A067865} [2012.11.09 06:57:30 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{49317958-5BE9-458A-927F-4A0655EC647C} [2012.11.08 16:24:23 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{59464356-F718-4294-8A33-B69E27D04E38} [2012.11.08 16:09:34 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{DEC28E44-3B4E-41E4-BAB8-D13FC057F389} [2012.11.07 19:54:26 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{500D955E-EF67-45EC-A0E5-3ECA72A1545D} [2012.11.06 19:54:51 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{42C66EF4-FA60-4A7A-9B41-ECC4C2ADCD30} [2012.11.06 07:13:11 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{D515D0FD-5E7E-47C3-8DCC-96BB5F4792EA} [2012.11.05 16:42:28 | 000,477,168 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\npdeployJava1.dll [2012.11.05 16:42:28 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaws.exe [2012.11.05 16:42:28 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaw.exe [2012.11.05 16:42:28 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- D:\Windows\System32\java.exe [2012.11.05 15:52:46 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{12421273-E30B-4294-9F05-5844E3F0FB1A} [2012.11.04 23:01:17 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{5486901E-30B1-4376-B820-70D83C6AF4C9} [2012.11.04 11:00:55 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{DA81A3C1-7FDF-4715-A444-03B2E496679D} [2012.11.03 23:00:21 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{29B668F7-2629-41B4-9B8F-5201628E6D51} [2012.11.03 10:59:59 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{A04F793E-933A-4D32-BFA5-30BAC577A572} [2012.11.03 00:49:13 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{B2FC2967-C682-4A52-94D1-940F65DA3820} [2012.11.02 06:55:29 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{5629B566-135D-434A-A2B9-C8E60BF3DA55} [2012.11.01 16:17:22 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{C167BDB0-ACA1-4702-81CD-DAE2E426B1D6} [2012.11.01 07:25:25 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{8266D02B-D536-486E-81E1-B44F3A86B720} [2012.10.31 19:15:41 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{A88BC713-E23D-44A6-85D0-8D4360D0C3E9} [2012.10.31 07:15:27 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{29C4D0F9-F124-4F3B-9C99-525D2DAEE92C} [2012.10.30 18:49:07 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{474BDA8D-B7E9-4F9D-97FE-76C0E8BE1790} [2012.10.30 06:48:45 | 000,000,000 | ---D | C] -- D:\Users\jassy\AppData\Local\{2CCBEE97-C0AF-4809-8AB6-6DAFAA4154D2} ========== Files - Modified Within 30 Days ========== [2012.11.28 15:50:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\jassy\Desktop\OTL.exe [2012.11.28 15:48:07 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat [2012.11.28 15:48:04 | 1609,474,048 | -HS- | M] () -- D:\hiberfil.sys [2012.11.28 15:45:25 | 000,480,125 | ---- | M] () -- D:\Users\jassy\Desktop\adwcleaner.exe [2012.11.28 15:36:33 | 004,732,416 | ---- | M] (AVAST Software) -- D:\Users\jassy\Desktop\aswMBR.exe [2012.11.28 15:07:05 | 000,014,960 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.11.28 15:07:05 | 000,014,960 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.11.28 09:55:28 | 001,700,352 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\gdiplus.dll [2012.11.26 07:05:17 | 000,653,986 | ---- | M] () -- D:\Windows\System32\perfh007.dat [2012.11.26 07:05:17 | 000,615,868 | ---- | M] () -- D:\Windows\System32\perfh009.dat [2012.11.26 07:05:17 | 000,129,858 | ---- | M] () -- D:\Windows\System32\perfc007.dat [2012.11.26 07:05:17 | 000,106,248 | ---- | M] () -- D:\Windows\System32\perfc009.dat [2012.11.25 21:53:11 | 000,000,731 | ---- | M] () -- D:\Users\Public\Desktop\WaveLab 6.lnk [2012.11.24 13:24:24 | 000,002,892 | ---- | M] () -- D:\Windows\System32\audcon.sys [2012.11.24 11:23:58 | 000,000,045 | ---- | M] () -- D:\Windows\System32\SYNSOPOS.exe.cfg [2012.11.23 17:57:50 | 000,388,768 | ---- | M] () -- D:\Users\jassy\Desktop\StarFM.jpg [2012.11.23 17:56:09 | 001,544,355 | ---- | M] () -- D:\Users\jassy\Desktop\DSCF5067.JPG [2012.11.16 07:14:23 | 000,589,144 | ---- | M] (Kaspersky Lab) -- D:\Windows\System32\drivers\klif.sys [2012.11.16 07:14:23 | 000,043,608 | ---- | M] (Kaspersky Lab) -- D:\Windows\System32\drivers\kltdi.sys [2012.11.16 07:14:23 | 000,025,944 | ---- | M] (Kaspersky Lab) -- D:\Windows\System32\drivers\klmouflt.sys [2012.11.16 07:14:23 | 000,025,944 | ---- | M] (Kaspersky Lab) -- D:\Windows\System32\drivers\klkbdflt.sys [2012.11.15 18:08:30 | 000,001,081 | ---- | M] () -- D:\Users\Public\Desktop\Kaspersky Anti-Virus 2013.lnk [2012.11.15 18:06:30 | 154,892,968 | ---- | M] (Kaspersky Lab) -- D:\Users\jassy\Desktop\kav13.0.1.4190de-de.exe [2012.11.05 16:42:22 | 000,157,680 | ---- | M] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaws.exe [2012.11.05 16:42:22 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- D:\Windows\System32\javaw.exe [2012.11.05 16:42:22 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- D:\Windows\System32\java.exe [2012.11.05 16:42:21 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- D:\Windows\System32\npdeployJava1.dll [2012.11.05 16:42:21 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- D:\Windows\System32\deployJava1.dll ========== Files Created - No Company Name ========== [2012.11.28 15:45:23 | 000,480,125 | ---- | C] () -- D:\Users\jassy\Desktop\adwcleaner.exe [2012.11.25 21:53:11 | 000,000,731 | ---- | C] () -- D:\Users\Public\Desktop\WaveLab 6.lnk [2012.11.24 13:24:24 | 000,002,892 | ---- | C] () -- D:\Windows\System32\audcon.sys [2012.11.24 11:23:53 | 000,086,016 | ---- | C] () -- D:\Windows\System32\SYNSOPOS.exe [2012.11.24 11:23:53 | 000,000,045 | ---- | C] () -- D:\Windows\System32\SYNSOPOS.exe.cfg [2012.11.23 17:57:50 | 000,388,768 | ---- | C] () -- D:\Users\jassy\Desktop\StarFM.jpg [2012.11.23 17:56:09 | 001,544,355 | ---- | C] () -- D:\Users\jassy\Desktop\DSCF5067.JPG [2012.11.15 18:08:46 | 000,001,081 | ---- | C] () -- D:\Users\Public\Desktop\Kaspersky Anti-Virus 2013.lnk [2012.05.21 19:51:45 | 000,000,041 | -HS- | C] () -- D:\ProgramData\.zreglib [2012.05.19 15:13:49 | 000,017,408 | ---- | C] () -- D:\Users\jassy\AppData\Local\WebpageIcons.db [2012.05.18 17:27:11 | 000,000,166 | ---- | C] () -- D:\Users\jassy\defogger_reenable [2012.05.18 15:22:00 | 000,032,768 | ---- | C] () -- D:\Windows\System32\drivers\sp_rsdrv2.sys [2012.03.11 16:02:49 | 000,444,283 | ---- | C] () -- D:\Program Files\Common Files\WinPcapNmap.exe [2012.01.03 08:28:06 | 002,570,286 | ---- | C] () -- D:\Windows\System32\abgx360.exe [2011.12.29 19:55:09 | 000,000,600 | ---- | C] () -- D:\Users\jassy\AppData\Roaming\winscp.rnd [2011.12.29 19:43:07 | 000,180,224 | ---- | C] () -- D:\Windows\System32\QTCF.dll [2011.11.23 14:14:53 | 000,116,172 | -H-- | C] () -- D:\Windows\System32\mlfcache.dat [2011.11.15 19:33:23 | 000,000,112 | ---- | C] () -- D:\Windows\ActiveSkin.INI [2011.06.07 06:31:12 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe [2011.05.21 17:24:39 | 000,005,120 | ---- | C] () -- D:\Users\jassy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.01.08 19:05:52 | 000,110,592 | ---- | C] () -- D:\Windows\System32\FsUsbExDevice.Dll [2011.01.08 19:05:52 | 000,036,608 | ---- | C] () -- D:\Windows\System32\FsUsbExDisk.Sys ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- D:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.01.04 09:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.10.27 18:21:22 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\abgx360 [2012.05.13 13:55:11 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\Ashampoo [2010.12.31 12:14:25 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\AVG10 [2012.04.08 20:38:22 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\DAEMON Tools Pro [2011.11.06 12:23:50 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\elsterformular [2012.11.28 15:25:00 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\foobar2000 [2011.10.28 17:24:20 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\GetRightToGo [2012.05.08 21:13:54 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\ICQ [2012.05.06 15:58:15 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\ICQ Search [2012.05.21 23:36:24 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\ImgBurn [2012.03.19 16:41:42 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\iPhoneRingToneMaker [2011.03.07 19:03:05 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\IrfanView [2012.03.18 21:27:34 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\ML [2011.12.29 17:33:08 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\redsn0w [2012.03.19 16:41:30 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\Ringtone Expressions [2011.06.26 00:59:47 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\Samsung [2011.10.29 11:22:30 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\SharePod [2011.10.29 11:53:35 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\Software4u [2012.11.24 13:29:18 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\Steinberg [2012.05.18 05:37:06 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\TeamViewer [2012.02.12 15:29:52 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\Toontrack [2012.05.06 11:24:59 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\Trillian [2012.09.16 15:04:00 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\TuneUp Software [2012.11.28 10:44:51 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\uTorrent [2012.09.29 13:41:39 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\VDownloader [2011.10.21 08:23:39 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\Vodafone [2011.12.25 14:39:23 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\Waves Audio [2010.12.30 21:24:31 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\Windows Live Writer [2011.11.23 15:16:40 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\WindSolutions [2011.11.12 16:50:31 | 000,000,000 | ---D | M] -- D:\Users\jassy\AppData\Roaming\Xilisoft ========== Purity Check ========== ========== Hard Links - Junction Points - Mount Points - Symbolic Links ========== [D:\Windows\$NtUninstallKB10476$] -> Error: Cannot create file handle -> Unknown point type ========== Alternate Data Streams ========== @Alternate Data Stream - 95 bytes -> D:\ProgramData\TEMP:D57FAB99 @Alternate Data Stream - 24 bytes -> D:\Windows:DD11F150341F7A44 < End of report > OTL LOG (Extras) OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 28.11.2012 15:51:29 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\jassy\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 59,09% Memory free 4,00 Gb Paging File | 3,06 Gb Available in Paging File | 76,64% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files Drive C: | 99,17 Gb Total Space | 98,96 Gb Free Space | 99,78% Space Free | Partition Type: NTFS Drive D: | 29,29 Gb Total Space | 2,65 Gb Free Space | 9,06% Space Free | Partition Type: NTFS Drive E: | 195,31 Gb Total Space | 38,51 Gb Free Space | 19,72% Space Free | Partition Type: NTFS Drive F: | 48,83 Gb Total Space | 29,49 Gb Free Space | 60,39% Space Free | Partition Type: NTFS Computer Name: JASSY-PC | User Name: jassy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2658800859-1032754694-4259662628-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- "%1" %* htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 "AntiVirusDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallDisableNotify" = 0 "FirewallOverride" = 1 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07717C9F-D55A-422F-81C0-D161540087E2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{0CE905EA-B5D5-4DAA-91DE-C7B5960CCC71}" = lport=2869 | protocol=6 | dir=in | app=system | "{12311EE6-8A81-466E-AEE6-5DC13A789AE3}" = lport=138 | protocol=17 | dir=in | app=system | "{2A73828E-0E49-4891-8DC3-E25AE0CA90D6}" = lport=10243 | protocol=6 | dir=in | app=system | "{39D54039-91F9-4FB1-A971-76F936AFFFFB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{410A93B2-DFDD-4F63-B708-1B8BC253F5CC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{45C0BED5-6C8D-4F64-BED4-4A2628E5E1B2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{50EBA498-3329-4151-9EC5-3821429C262F}" = lport=445 | protocol=6 | dir=in | app=system | "{65FCDFC4-81A1-4457-B4FB-B79C17B1DB5C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{6AF09732-460A-453A-8692-F4DF3B838F58}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{74232ADC-9974-40EC-B1BB-4F9ED8145F01}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{77A4B1AC-6045-4629-86F8-1584FF8A888E}" = lport=137 | protocol=17 | dir=in | app=system | "{78EE665E-0FB0-4197-B721-D0169AFE0417}" = rport=445 | protocol=6 | dir=out | app=system | "{7B5AE88B-9996-4ACD-AE15-945C68E8817D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8CA78E57-5C47-45A2-AF29-505743034D7D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{9B0F51E8-022C-401B-BC93-1316C0D1E068}" = rport=137 | protocol=17 | dir=out | app=system | "{AB7CE37C-36F5-44FE-82BF-E2A3DE69C598}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{AEA0C4F7-50B9-42AC-B4E1-0B547F203313}" = rport=10243 | protocol=6 | dir=out | app=system | "{CBA9D226-C620-4BF6-8FEA-FD8D3020FF46}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{CF042379-8B7A-4BAA-930F-FFF3C3245A9C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D0588EC2-637C-4EF4-A2C2-746B1BD91505}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D41CC054-A1E3-4D2B-9404-B1AD971E2088}" = rport=139 | protocol=6 | dir=out | app=system | "{D4318D9F-1E27-40F7-B33B-B3D96E67543B}" = lport=139 | protocol=6 | dir=in | app=system | "{E5A240DC-FF70-45FE-B519-1C3CB1A29574}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F4B15C42-0E3B-41CB-AF1F-2717FA433808}" = rport=138 | protocol=17 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0137A356-25C9-44A1-8345-95F2C25C345B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{023EC407-743B-4EC8-B0F6-86D82AE61DCB}" = protocol=6 | dir=in | app=d:\program files\avg\avg10\avgemcx.exe | "{07945EC0-72EC-4EBD-8CDA-F0A53635662A}" = dir=in | app=d:\program files\windows live\contacts\wlcomm.exe | "{098C4057-FB67-454D-B901-5BF07C75A43B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{0A5ECC65-3379-4D4B-8A3D-59E7B5530655}" = protocol=6 | dir=in | app=d:\program files\bonjour\mdnsresponder.exe | "{1C4F6158-CE80-4644-97BC-1833F34A2131}" = protocol=17 | dir=in | app=e:\program files\icq7.7\icq.exe | "{1F26AB33-1CAB-4C1E-AC11-ADD3EE9B7091}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{1F4F08AC-0DAE-4D9E-BBA4-35E9C3399C09}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{1FB0FCC8-335C-4BA5-97D6-127E2421D97A}" = protocol=17 | dir=in | app=d:\program files\software4u\iphone explorer\software4u.iphoneexplorer.exe | "{20D257C5-CC9F-48B0-94CF-4BE3373B991E}" = protocol=17 | dir=in | app=d:\program files\utorrent\utorrent.exe | "{2F556AD7-8E9C-4BFB-A4E8-69552B6FEBA4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{37CFE9D7-5A27-4FC2-9F64-E6191A3413E2}" = protocol=6 | dir=in | app=d:\program files\samsung\samsung new pc studio\npsasvr.exe | "{3F252745-E188-49D0-BDF6-4773DA245098}" = protocol=17 | dir=in | app=d:\program files\avg\avg10\avgmfapx.exe | "{5653324E-B406-439D-AED4-D36E0985B551}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{59BAFB27-118B-4807-B5DD-F55D7E1EE662}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{5F4D7A42-49C8-4EB8-853B-605EAB069331}" = protocol=6 | dir=in | app=d:\program files\avg\avg10\avgdiagex.exe | "{61AB4B86-1474-46DD-B9CC-631001729C0D}" = protocol=6 | dir=in | app=d:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{67CC4664-ECEB-4786-BF4B-3C1CAF8D3B8C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{6902D4E0-B3F7-48C4-9C9C-0775909BC524}" = protocol=6 | dir=out | app=system | "{746749F3-9637-4B35-8F2C-BA4170E06F20}" = protocol=17 | dir=in | app=d:\program files\avg\avg10\avgnsx.exe | "{75F88B5F-30A4-41B4-BE27-A5B608154EE6}" = dir=in | app=d:\program files\windows live\messenger\msnmsgr.exe | "{7AC74404-4315-4CF5-B67F-5DD0CE655D77}" = dir=in | app=d:\program files\itunes\itunes.exe | "{8AD25EB4-006B-4117-ADFD-2C02C957291B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{92070982-0F02-4383-AF09-F3DE6AE28ED7}" = protocol=6 | dir=in | app=d:\program files\software4u\iphone explorer\software4u.iphoneexplorer.exe | "{93F1B8BE-769C-478B-972D-B963BF070D33}" = protocol=17 | dir=in | app=d:\program files\bonjour\mdnsresponder.exe | "{9754FA70-2AA0-4D84-8933-9F0DAAC3471F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{A9812A0A-4196-4484-A5E6-7DBC943FD5C9}" = protocol=6 | dir=in | app=d:\program files\avg\avg10\avgnsx.exe | "{AD4BED08-8F4C-405C-94CD-0518CF7D9DDE}" = protocol=17 | dir=in | app=d:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{B515A076-CD74-451E-893E-EB4A395B5D49}" = protocol=17 | dir=in | app=d:\program files\microsoft office\office14\groove.exe | "{C024CD66-1380-4081-A7FD-50F6895A067F}" = protocol=6 | dir=in | app=d:\program files\microsoft office\office14\groove.exe | "{C3631E62-6C53-4B4C-9692-612D14A0A4A3}" = protocol=17 | dir=in | app=d:\program files\samsung\samsung new pc studio\npsasvr.exe | "{C874BA7E-3EFB-4BD4-B064-6C41C3425868}" = protocol=17 | dir=in | app=d:\program files\avg\avg10\avgdiagex.exe | "{CB12B7EA-833D-4E52-9080-F8811F8B8758}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{CEBC46DB-EBE6-434F-9488-B6DCF11931A2}" = protocol=6 | dir=in | app=d:\program files\utorrent\utorrent.exe | "{D4804B16-417E-4A4D-814C-948E8149668F}" = protocol=6 | dir=in | app=e:\program files\icq7.7\icq.exe | "{D4F33C37-5543-4818-9E63-3D551AAB153F}" = protocol=6 | dir=in | app=d:\program files\avg\avg10\avgmfapx.exe | "{D6789CFA-6B6C-4A32-A42E-089E103FD48D}" = protocol=17 | dir=in | app=e:\program files\icq7.7\icq.exe | "{D9398908-836A-42C7-A702-70D853347473}" = dir=in | app=d:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{DD80E2BC-6F1F-49AF-B96E-F085CDFED4AA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DEC84AF7-F6A8-41C9-99FC-A418368679A4}" = protocol=6 | dir=in | app=e:\program files\icq7.7\icq.exe | "{DF99BC9A-F2FF-4E3D-8B33-ACA373A5DF40}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F729E2F7-5902-4301-8506-8E6BC64ACA36}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FCF22E38-A6C3-47DD-8D2B-347755AF14F7}" = protocol=17 | dir=in | app=d:\program files\avg\avg10\avgemcx.exe | "{FD699C03-A19F-4E7A-943A-B9CE49986F85}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{56D5A411-CCFC-4FE2-9DA3-045BD3AC5202}E:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=e:\program files\mirc\mirc.exe | "TCP Query User{82FD93C4-7BD1-4161-9C27-D2777F8FD674}D:\program files\relevantknowledge\rlvknlg.exe" = protocol=6 | dir=in | app=d:\program files\relevantknowledge\rlvknlg.exe | "UDP Query User{48760FF8-8E02-4C0F-A2CD-7CF9B48AC0D4}D:\program files\relevantknowledge\rlvknlg.exe" = protocol=17 | dir=in | app=d:\program files\relevantknowledge\rlvknlg.exe | "UDP Query User{947B8E62-F8E7-4A3A-ACE0-542DD8AFF848}E:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=e:\program files\mirc\mirc.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37 "{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013 "{63934E99-A4F7-478C-8BB0-259BB9D78FFF}" = Microsoft Report Viewer Redistributable 2005 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010 "{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010 "{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support "{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.9.990 "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}" = LightScribe System Software "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}" = Nero Backup Drivers "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "7-Zip" = 7-Zip 9.20 "abgx360" = abgx360 v1.0.6 "AC3Filter_is1" = AC3Filter 1.62b "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Ashampoo Burning Studio 2012 CBE_is1" = Ashampoo Burning Studio 2012 CBE v.11.0.4 "AudibleDownloadManager" = Audible Download Manager "CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module "CanonMyPrinter" = Canon My Printer "DAEMON Tools Pro" = DAEMON Tools Pro "eLicenser Control" = eLicenser Control "foobar2000" = foobar2000 v1.1.1 "ImgBurn" = ImgBurn "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013 "IrfanView" = IrfanView (remove only) "Marvell Miniport Driver" = Marvell Miniport Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft Report Viewer Redistributable 2005" = Microsoft Report Viewer Redistributable 2005 "Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.11 "WaveLabPro" = WaveLab 6 "WinLiveSuite" = Windows Live Essentials "WinPcapInst" = WinPcap 4.1.1 "WinRAR archiver" = WinRAR 4.01 (32-Bit) "YDKJG" = YOU DON'T KNOW JACK® "YDKJG3" = YOU DON'T KNOW JACK® 3 - Abwärts! "YOU DON'T KNOW JACK® 2" = YOU DON'T KNOW JACK® 2 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2658800859-1032754694-4259662628-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "CopyTrans Suite" = Nur Deinstallierung der CopyTrans Suite möglich. ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 01.01.2006 03:24:46 | Computer Name = jassy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 01.01.2006 03:24:46 | Computer Name = jassy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 01.01.2006 03:24:46 | Computer Name = jassy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 01.01.2006 03:24:46 | Computer Name = jassy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 01.01.2006 03:24:47 | Computer Name = jassy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 01.01.2006 03:24:47 | Computer Name = jassy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 01.01.2006 03:29:11 | Computer Name = jassy-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 16.06.2012 08:57:11 | Computer Name = jassy-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 10.1.2.45, Zeitstempel: 0x4f02e382 Name des fehlerhaften Moduls: RdLang_weblink.DEU, Version: 10.1.2.45, Zeitstempel: 0x4f02fa66 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005617 ID des fehlerhaften Prozesses: 0x500 Startzeit der fehlerhaften Anwendung: 0x01cd4bbedc294444 Pfad der fehlerhaften Anwendung: D:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe Pfad des fehlerhaften Moduls: D:\Users\jassy\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_weblink.DEU Berichtskennung: c9388072-b7b2-11e1-a769-0018f39e5c26 Error - 16.06.2012 12:28:19 | Computer Name = jassy-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 10.1.2.45, Zeitstempel: 0x4f02e382 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x01d65617 ID des fehlerhaften Prozesses: 0xf48 Startzeit der fehlerhaften Anwendung: 0x01cd4bdcebd78f5d Pfad der fehlerhaften Anwendung: D:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 48299153-b7d0-11e1-a769-0018f39e5c26 Error - 19.06.2012 16:02:47 | Computer Name = jassy-PC | Source = VSS | ID = 13 Description = Error - 19.06.2012 16:02:47 | Computer Name = jassy-PC | Source = VSS | ID = 8193 Description = [ Media Center Events ] Error - 21.10.2011 05:09:15 | Computer Name = jassy-PC | Source = MCUpdate | ID = 0 Description = 11:09:15 - Fehler beim Herstellen der Internetverbindung. 11:09:15 - Serververbindung konnte nicht hergestellt werden.. Error - 21.10.2011 08:15:00 | Computer Name = jassy-PC | Source = MCUpdate | ID = 0 Description = 14:14:59 - Fehler beim Herstellen der Internetverbindung. 14:15:00 - Serververbindung konnte nicht hergestellt werden.. Error - 21.10.2011 09:39:56 | Computer Name = jassy-PC | Source = MCUpdate | ID = 0 Description = 15:39:56 - Fehler beim Herstellen der Internetverbindung. 15:39:56 - Serververbindung konnte nicht hergestellt werden.. Error - 21.10.2011 11:33:24 | Computer Name = jassy-PC | Source = MCUpdate | ID = 0 Description = 17:33:24 - Fehler beim Herstellen der Internetverbindung. 17:33:24 - Serververbindung konnte nicht hergestellt werden.. Error - 21.10.2011 12:33:36 | Computer Name = jassy-PC | Source = MCUpdate | ID = 0 Description = 18:33:36 - Fehler beim Herstellen der Internetverbindung. 18:33:36 - Serververbindung konnte nicht hergestellt werden.. Error - 22.10.2011 11:15:37 | Computer Name = jassy-PC | Source = MCUpdate | ID = 0 Description = 17:15:37 - Fehler beim Herstellen der Internetverbindung. 17:15:37 - Serververbindung konnte nicht hergestellt werden.. Error - 23.10.2011 14:35:22 | Computer Name = jassy-PC | Source = MCUpdate | ID = 0 Description = 20:35:22 - Fehler beim Herstellen der Internetverbindung. 20:35:22 - Serververbindung konnte nicht hergestellt werden.. Error - 24.10.2011 01:11:44 | Computer Name = jassy-PC | Source = MCUpdate | ID = 0 Description = 07:11:44 - Fehler beim Herstellen der Internetverbindung. 07:11:44 - Serververbindung konnte nicht hergestellt werden.. Error - 25.10.2011 10:54:44 | Computer Name = jassy-PC | Source = MCUpdate | ID = 0 Description = 16:54:44 - Fehler beim Herstellen der Internetverbindung. 16:54:44 - Serververbindung konnte nicht hergestellt werden.. [ System Events ] Error - 28.11.2012 10:00:22 | Computer Name = jassy-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Fehler beim Lesen der Datei für lokale Hosts. Error - 28.11.2012 10:00:22 | Computer Name = jassy-PC | Source = Service Control Manager | ID = 7024 Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143. Error - 28.11.2012 10:48:11 | Computer Name = jassy-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Fehler beim Lesen der Datei für lokale Hosts. Error - 28.11.2012 10:48:11 | Computer Name = jassy-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060 Error - 28.11.2012 10:48:12 | Computer Name = jassy-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Fehler beim Lesen der Datei für lokale Hosts. Error - 28.11.2012 10:48:14 | Computer Name = jassy-PC | Source = Service Control Manager | ID = 7003 Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert. Error - 28.11.2012 10:48:14 | Computer Name = jassy-PC | Source = Service Control Manager | ID = 7003 Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert. Error - 28.11.2012 10:48:16 | Computer Name = jassy-PC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: Lbd luafv Error - 28.11.2012 10:48:18 | Computer Name = jassy-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Fehler beim Lesen der Datei für lokale Hosts. Error - 28.11.2012 10:48:30 | Computer Name = jassy-PC | Source = Service Control Manager | ID = 7024 Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143. < End of report > aswMBR LOGFILE: Zitat:
|
Themen zu Malware Problem "Savenow", "Superfish" etc. |
7-zip, adobe reader xi, antwort, aswmbr, ausmachen, avp.exe, canon, classpnp.sys, cosinus, cubase, ebay, enigma, erstell, extrem, folge, folgendes, install.exe, kaspersky, leiste, malware, malware problem, nerve, neuste, plug-in, poppen, popups, poste, problem, rechner, seite, seiten, spielen, superfish, taskhost.exe, version, werbebanner |