Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: ihavenet.com Virus - leider auch bei mir!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Alt 03.04.2013, 21:39   #1
stheit00
 
ihavenet.com Virus - leider auch bei mir! - Standard

ihavenet.com Virus - leider auch bei mir!



Hei Zusammen,

auf dem Rechner meiner Frau, die damit beruflich viel im Internet unterwegs ist, hat sich ebenfalls
der ihavenet.com - Virus breit gemacht (automatische Umleitung der URL im Browser)!
Dazu habe ich mir hier im Forum schon einige Threads durchgelesen. Ich habe allerdings nur die Dinge
gemacht, die ich problemlos ohne Hilfe durchführen konnte. Leider ist bisher alles ohne Erfolg geblieben.
Über Hilfe wäre ich wirklich sehr dankbar!

Nun zu den Details (in den verschiedenen Threads wurden verschiedene Tools in unterschiedlicher
Reihenfolge vorgeschlagen und eingesetzt, hier nun die Meinige(n)) :

1. Schritt - OTL.exe mit den bekannten Einstellungen,
hier die Logdateien:

OTL.txt
Code:
ATTFilter
OTL logfile created on: 02.04.2013 20:15:59 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Administrator\Desktop\System Scan
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 69,50% Memory free
4,83 Gb Paging File | 3,89 Gb Available in Paging File | 80,45% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 144,04 Gb Total Space | 78,90 Gb Free Space | 54,78% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 296,60 Gb Free Space | 99,50% Space Free | Partition Type: NTFS
Drive E: | 144,04 Gb Total Space | 111,44 Gb Free Space | 77,37% Space Free | Partition Type: NTFS
 
Computer Name: BC-NOTEBOOK1 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Administrator\Desktop\System Scan\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\Acer\Acer Bio Protection\BASVC.exe ()
PRC - C:\Programme\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
PRC - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe (Acer Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP)
PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Programme\Siemens\HiPath 1220\CommServer2.0\CommSvr.exe ()
PRC - C:\Programme\Siemens\HiPath 1220\CommServer2.0\GatewayGUI.exe (Siemens)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_511ad9ea\mscorlib.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_2b4c3030\system.drawing.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_d2ccf7f3\system.xml.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_21ff7873\system.windows.forms.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_f241508a\system.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll ()
MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll ()
MOD - C:\Programme\NVIDIA Corporation\nView\nvShell.dll ()
MOD - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
MOD - C:\Programme\Acer\Acer Bio Protection\PwdFilter.dll ()
MOD - C:\Programme\Acer\Acer Bio Protection\BASVC.exe ()
MOD - c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll ()
MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()
MOD - c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll ()
MOD - c:\windows\assembly\gac\system.runtime.serialization.formatters.soap\1.0.5000.0__b03f5f7f11d50a3a\system.runtime.serialization.formatters.soap.dll ()
MOD - c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - c:\windows\assembly\gac\system.resources\1.0.5000.0_de_b77a5c561934e089\system.resources.dll ()
MOD - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
MOD - C:\Programme\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
MOD - C:\WINDOWS\system32\msjetoledb40.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll ()
MOD - C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll ()
MOD - C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll ()
MOD - C:\WINDOWS\system32\btwicons.dll ()
MOD - C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\Programme\HP\ToolBoxFX\bin\NativeUtils.dll ()
MOD - C:\Program Files\Acer\Empowering Technology\ePower\DialogDLL.dll ()
MOD - C:\Program Files\Acer\Empowering Technology\ePower\SysHook.dll ()
MOD - C:\Programme\Siemens\HiPath 1220\CommServer2.0\CommSvr.exe ()
MOD - C:\WINDOWS\system32\redmonnt.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (IGBASVC) -- C:\Programme\Acer\Acer Bio Protection\BASVC.exe ()
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (PSI_SVC_2) -- C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (IviRegMgr) -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (CommServer) -- C:\Programme\Siemens\HiPath 1220\CommServer2.0\CommSvr.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (usbcdc) -- system32\DRIVERS\usbcdc.sys File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (isdnusb) -- system32\DRIVERS\isdnusb.sys File not found
DRV - (Changer) --  File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (AlfaFF) -- C:\WINDOWS\system32\drivers\AlfaFF.sys (Alfa Corporation)
DRV - (NETw5x32) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (JMCR) -- C:\WINDOWS\system32\drivers\jmcr.sys (JMicron Technology Corp.)
DRV - (ATSWPDRV) -- C:\WINDOWS\system32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (regi) -- C:\WINDOWS\system32\drivers\regi.sys (InterVideo)
DRV - (Int15) -- C:\WINDOWS\system32\drivers\int15.sys ()
DRV - (vi2000) -- C:\WINDOWS\system32\drivers\usbeval.sys (SIEMENS AG)
DRV - (usbcomm) -- C:\WINDOWS\system32\drivers\usbcomm.sys (SIEMENS AG)
DRV - (vcdc) -- C:\WINDOWS\system32\drivers\vcdc.sys (SIEMENS AG)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-64859507-2245545985-2604432375-1012\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://global.acer.com
IE - HKU\S-1-5-21-64859507-2245545985-2604432375-1012\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=0&o=xpp&d=0109&m=travelmate_7730g
IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\..\SearchScopes\{986F32F5-EC00-467B-9F08-E53936C84B11}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_deDE310
IE - HKU\S-1-5-21-64859507-2245545985-2604432375-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.03.18 23:25:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.04.02 19:48:52 | 000,000,000 | ---D | M]
 
[2009.01.14 22:27:33 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions
[2013.03.13 21:31:41 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\w4l98av2.default\extensions
[2011.05.22 13:34:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\w4l98av2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013.03.18 21:05:09 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.08.28 17:58:01 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2013.03.07 16:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2013.03.07 17:45:15 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.07 17:45:15 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2013.03.07 17:45:15 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.07 17:45:15 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.03.07 17:45:15 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.07 17:45:15 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.11.21 21:52:56 | 000,000,818 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 192.168.10.13	NPI0D1F2A
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-64859507-2245545985-2604432375-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\Audio\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [Boot] C:\Program Files\Acer\Empowering Technology\ePower\Boot.exe ()
O4 - HKLM..\Run: [CallBridgeReg.exe]  File not found
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [eRecoveryService] C:\Program Files\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [ToolBoxFX] C:\Programme\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Programme\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acer Empowering Technology.lnk = C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe (Acer Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\CommServer.lnk = C:\Programme\Siemens\HiPath 1220\CommServer2.0\GatewayGUI.exe (Siemens)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: HVZLOPZS = rundll32 "C:\Dokumente und Einstellungen\C.Spinger\Anwendungsdaten\licdlle.dll",DPPMNJC
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-64859507-2245545985-2604432375-1012\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Programme\Acer\Acer Bio Protection\PwdBank.exe ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1231797340642 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1245603456343 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4DEB71D6-915B-427B-BB48-90607ED74627}: NameServer = 195.50.140.178,195.50.140.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFB25294-18E6-4871-98BE-38C5BA9CB206}: NameServer = 195.50.140.178,195.50.140.114
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (C:\Programme\Acer\Acer Bio Protection\CompPtc.dll) - C:\Programme\Acer\Acer Bio Protection\CompPtc.dll (Arachnoid Biometrics Identification Group Corp.)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Programme\Acer\Acer Bio Protection\WinNotify.dll) - C:\Programme\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Acer.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.20 08:49:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 90 Days ==========
 
[2013.04.02 20:10:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop\System Scan
[2013.04.02 19:48:23 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Adobe
[2013.04.02 19:43:01 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2013.04.02 19:39:55 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.04.02 19:39:55 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.04.02 19:39:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.04.02 19:39:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.04.02 19:39:50 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.04.02 19:39:35 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2013.03.20 22:51:32 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013.03.18 21:02:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Avira
[2013.03.18 20:57:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2013.03.18 20:57:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Google
[2013.03.18 20:57:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2013.03.18 20:56:52 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2013.03.18 20:56:49 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.03.18 20:56:49 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.03.18 20:56:49 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2013.03.18 20:56:43 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 90 Days ==========
 
[2013.04.02 20:08:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.04.02 19:48:52 | 000,001,723 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk
[2013.04.02 19:39:40 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013.04.02 19:39:40 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.04.02 19:39:40 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.04.02 19:39:40 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.04.02 19:39:40 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.04.02 19:39:40 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.04.02 19:39:40 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.04.02 19:36:11 | 000,512,204 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.04.02 19:36:11 | 000,493,490 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.04.02 19:36:11 | 000,104,964 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.04.02 19:36:11 | 000,091,270 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.04.02 19:32:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.02 19:16:30 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2013.04.02 19:16:26 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.04.02 19:16:25 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.02 12:00:15 | 000,000,860 | ---- | M] () -- C:\WINDOWS\tasks\Spinger_Arbeitsbereich.job
[2013.04.02 06:50:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.04.02 06:50:31 | 3215,839,232 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.26 20:43:50 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2013.03.21 14:54:56 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.03.21 14:54:56 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.03.21 14:54:56 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2013.03.18 21:05:11 | 000,000,705 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2013.03.18 20:57:03 | 000,001,680 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2013.03.18 19:28:05 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2013.03.14 09:07:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.03.13 13:08:48 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.03.13 13:08:48 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.03.01 04:28:11 | 006,011,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013.02.15 15:52:16 | 000,397,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.02.12 02:32:23 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013.02.12 02:32:23 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2013.02.12 02:32:23 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2013.02.05 21:56:42 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2013.02.05 21:56:41 | 001,212,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2013.02.05 21:56:41 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2013.02.05 21:56:41 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013.02.05 21:56:41 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013.02.05 21:56:41 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2013.02.05 21:56:41 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013.02.05 21:56:41 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013.02.05 21:56:40 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2013.02.05 21:56:40 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013.02.05 21:56:40 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013.02.05 21:56:40 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2013.02.05 21:56:40 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013.02.05 21:56:40 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2013.02.05 21:56:40 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013.02.05 21:56:40 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2013.02.05 21:56:40 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013.02.05 21:56:39 | 002,004,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013.02.05 21:56:39 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2013.02.05 21:56:39 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013.02.05 21:56:38 | 011,111,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013.02.05 21:56:38 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2013.02.05 21:56:38 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2013.02.05 21:56:37 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013.02.05 21:56:37 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2013.02.05 21:56:37 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013.02.05 07:54:07 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2013.02.05 07:54:07 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2013.02.05 07:53:57 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2013.01.26 05:55:37 | 000,552,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2013.01.10 21:33:23 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013.01.07 09:24:26 | 002,195,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013.01.07 09:24:26 | 002,072,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2013.01.07 09:24:24 | 002,151,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2013.01.07 09:24:24 | 002,151,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013.01.07 09:24:23 | 002,030,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013.01.07 09:24:23 | 002,030,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2013.01.04 12:09:09 | 001,867,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2013.01.04 12:09:09 | 001,867,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.04.02 19:48:52 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk
[2013.04.02 19:48:52 | 000,001,723 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk
[2013.03.18 20:57:03 | 000,001,680 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2012.05.14 17:57:03 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.05.14 17:56:57 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.05.14 17:56:57 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.05.14 17:50:37 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2012.02.15 10:58:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2009.02.05 14:49:10 | 000,000,900 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KGyGaAvL.sys
[2008.09.20 09:00:44 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2008.09.20 08:59:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.15 05:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.15 05:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
Extras.txt
Code:
ATTFilter
OTL Extras logfile created on: 02.04.2013 20:15:59 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Administrator\Desktop\System Scan
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 69,50% Memory free
4,83 Gb Paging File | 3,89 Gb Available in Paging File | 80,45% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 144,04 Gb Total Space | 78,90 Gb Free Space | 54,78% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 296,60 Gb Free Space | 99,50% Space Free | Partition Type: NTFS
Drive E: | 144,04 Gb Total Space | 111,44 Gb Free Space | 77,37% Space Free | Partition Type: NTFS
 
Computer Name: BC-NOTEBOOK1 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_USERS\S-1-5-21-64859507-2245545985-2604432375-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe" = C:\Programme\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:*:Enabled:BackupSvc.exe -- (NewTech InfoSystems, Inc.)
"C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe" = C:\Programme\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:*:Enabled:SchedulerSvc.exe -- ()
"C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe" = C:\Programme\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:*:Enabled:AgentSvc.exe -- (NewTech Infosystems, Inc.)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\HP\HP LaserJet 3050_3052_3055_3390\Fax Config Utility.exe" = C:\Programme\HP\HP LaserJet 3050_3052_3055_3390\Fax Config Utility.exe:*:Enabled:Fax Config Utility -- ()
"C:\Programme\ACT\Act for Windows\ActSage.exe" = C:\Programme\ACT\Act for Windows\ActSage.exe:*:Enabled:ACT! 9.x/2007
"C:\Programme\Microsoft Office\Office12\EXCEL.EXE" = C:\Programme\Microsoft Office\Office12\EXCEL.EXE:*:Enabled:Microsoft Office Excel -- (Microsoft Corporation)
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"F:\setup\hppniprint01.exe" = F:\setup\hppniprint01.exe:*:Enabled:hppniprint01.exe
"F:\setup\hpntwkexe.exe" = F:\setup\hpntwkexe.exe:*:Enabled:hpntwkexe.exe
"E:\Guild Wars 2 Beta\Gw2.exe" = E:\Guild Wars 2 Beta\Gw2.exe:*:Enabled:Guild Wars 2 Game Client
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{12FE86D4-77FA-4FC7-8C23-A988E72FC5A5}" = hpp3390usg
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1DD670BE-C678-4D83-89D0-E7CF65D8DB98}" = hppManuals3390
"{1FFDDCA5-A2FA-414C-8C8E-5432575C2BE3}" = HFDB32GU
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24739100-AD64-40C0-936C-03590B95C225}" = hppSendFax
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (ACT7)
"{31A5ED9F-E07B-4F6E-8179-27325BAAC502}" = AuthenTec Fingerprint Sensor Minimum Install
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye webcam
"{4435A8D0-D8E4-458D-A72D-5162376452D9}" = Hoppenstedt Auskunfts-CD Großunternehmen
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{57DA304D-27B0-40D1-A796-92CEFF20FA32}" = hppIOFiles
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5B32A23C-2BB0-4767-8150-F977E43E7E2A}" = hppscan3390
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7642C5E3-0E6D-48E5-AE0B-A4878362711E}" = hppToolBoxFX
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8038AEF9-EF53-4B55-97CA-CF3D8574C135}" = hpzTLBXFX
"{83E016DD-1566-457E-B65C-B531186CED56}" = hppfaxdrv3390
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92F0B809-0D52-48CF-9694-23E500DF6AA6}" = hppLJ3390
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9651D2CF-B973-4F96-9D49-7D499000EC21}" = hppScanTo
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99280A96-892D-41C0-A75D-D35A943C2FA4}" = HiPath 1220 - 2.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A64A5576-D862-44F8-89DC-2B17FCC9B86E}" = Broadcom Gigabit Integrated Controller
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CA56FE36-091E-4914-A70A-93E3C09D3093}" = hppTooCool
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.62.623
"{D2169E0C-1C6A-4B83-BD30-9E8DADE1C391}" = hppFaxUtility
"{D8AC1EB5-E8B0-44A0-B113-899407188A2F}" = hppFonts
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0F4DAC1-60DC-4D01-8BD9-DB8DA05A8A0F}" = 32 Bit HP BiDi Channel Components Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"7-Zip" = 7-Zip 4.65
"Acer Acer Bio Protection 6.0.00.18" = Acer Bio Protection

ATA 6.0.00.18
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"Avira AntiVir Desktop" = Avira Antivirus Premium
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"FreePDF_XP" = FreePDF XP (Remove only)
"GridVista" = Acer GridVista
"HP LaserJet 3050/3052/3055/3390/3392" = HP LaserJet 3050/3052/3055/3390/3392 4.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"InstallShield_{99280A96-892D-41C0-A75D-D35A943C2FA4}" = HiPath 1220 - 2.0
"LManager" = Launch Manager
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Picasa 3" = Picasa 3
"PROHYBRIDR" = 2007 Microsoft Office system
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 02.04.2013 00:59:50 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
 hr = 0x80040e4d.  SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
 Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
 BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI 
 
Error - 02.04.2013 00:59:50 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
 hr = 0x80040e4d.  SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
 Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
 BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI 
 
Error - 02.04.2013 00:59:50 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
 hr = 0x80040e4d.  SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
 Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
 BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI 
 
Error - 02.04.2013 00:59:50 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
 hr = 0x80040e4d.  SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
 Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
 BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI 
 
Error - 02.04.2013 01:00:04 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
 hr = 0x80040e4d.  SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
 Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
 BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI 
 
Error - 02.04.2013 01:00:04 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
 hr = 0x80040e4d.  SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
 Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
 BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI 
 
Error - 02.04.2013 01:00:04 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
 hr = 0x80040e4d.  SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
 Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
 BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI 
 
Error - 02.04.2013 01:00:04 | Computer Name = BC-NOTEBOOK1 | Source = SQLWRITER | ID = 24583
Description = Sqllib error: OLEDB Error encountered calling IDBInitialize::Initialize.
 hr = 0x80040e4d.  SQLSTATE: 28000, Native Error: 18456 Error state: 1, Severity: 14
Source:
 Microsoft SQL Native Client Error message: Login failed for user 'NT-AUTORITÄT\SYSTEM'.
DBPROP_INIT_DATASOURCE:
 BC-NOTEBOOK1\ACT7 DBPROP_INIT_CATALOG: master DBPROP_AUTH_INTEGRATED: SSPI 
 
Error - 02.04.2013 06:00:13 | Computer Name = BC-NOTEBOOK1 | Source = NTBackup | ID = 8001
Description = Ende der Sicherung von 'D:' 'Es wurden Warnungen oder Fehler gefunden.'


	Überprüfen:
  On      Modus:  Append      Typ:  Inc       Einzelheiten finden Sie im Sicherungsbericht.  
 
Error - 02.04.2013 13:16:32 | Computer Name = BC-NOTEBOOK1 | Source = Application Error | ID = 1004
Description = Fehlgeschlagene Anwendung svchost.exe, Version 0.0.0.0, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000.
 
[ OSession Events ]
Error - 26.12.2012 09:43:39 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1498
 seconds with 1020 seconds of active time.  This session ended with a crash.
 
Error - 30.12.2012 14:52:21 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 9797
 seconds with 6900 seconds of active time.  This session ended with a crash.
 
Error - 15.01.2013 06:38:56 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 986
 seconds with 360 seconds of active time.  This session ended with a crash.
 
Error - 15.01.2013 06:39:09 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 15.01.2013 06:40:17 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 65
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 29.01.2013 07:47:42 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 10239
 seconds with 1020 seconds of active time.  This session ended with a crash.
 
Error - 29.01.2013 07:50:53 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 126
 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 22.02.2013 03:39:19 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 180
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 15.03.2013 06:53:06 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
 12.0.6652.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 318
 seconds with 300 seconds of active time.  This session ended with a crash.
 
Error - 15.03.2013 11:11:12 | Computer Name = BC-NOTEBOOK1 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
 12.0.6652.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2478
 seconds with 360 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 21.03.2013 14:48:36 | Computer Name = BC-NOTEBOOK1 | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
 Peer  "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
 Minuten  wiederholt.  Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
 (0x80072751)
 
Error - 21.03.2013 14:48:36 | Computer Name = BC-NOTEBOOK1 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der
 nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle
 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.
 
Error - 25.03.2013 05:44:56 | Computer Name = BC-NOTEBOOK1 | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
Error - 25.03.2013 05:44:56 | Computer Name = BC-NOTEBOOK1 | Source = DCOM | ID = 10010
Description = Der Server "{1BE1F766-5536-11D1-B726-00C04FB926AF}" konnte innerhalb
 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
Error - 25.03.2013 05:45:27 | Computer Name = BC-NOTEBOOK1 | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
 des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Starten Sie
 den Dienst neu.) durchzuführen, ist fehlgeschlagen. Fehler:   %%1056
 
Error - 28.03.2013 15:03:36 | Computer Name = BC-NOTEBOOK1 | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
 Peer  "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
 Minuten  wiederholt.  Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
 (0x80072751)
 
Error - 28.03.2013 15:03:36 | Computer Name = BC-NOTEBOOK1 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der
 nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle
 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.
 
Error - 02.04.2013 00:51:05 | Computer Name = BC-NOTEBOOK1 | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
 Peer  "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
 Minuten  wiederholt.  Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
 (0x80072751)
 
Error - 02.04.2013 00:51:05 | Computer Name = BC-NOTEBOOK1 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
 Zeitquellen  konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb  der
 nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung  mit der Quelle
 herzustellen.  Der NtpClient verfügt über keine Quelle mit genauer Zeit.
 
Error - 02.04.2013 13:16:42 | Computer Name = BC-NOTEBOOK1 | Source = System Error | ID = 1003
Description = Fehlercode 1000000a, 1. Parameter 00000004, 2. Parameter 0000001c,
 3. Parameter 00000000, 4. Parameter 804ffa98.
 
 
< End of report >
         

 

Themen zu ihavenet.com Virus - leider auch bei mir!
.com, 32 bit, 7-zip, antivir, avira, browser, cdburnerxp, desktop, fehlercode 1, fehlercode 10, firefox, flash player, internet, launch, malware.trace, mozilla, office 2007, plug-in, realtek, registry, rogue.fakeav, security, software, svchost.exe, system, system error, trojan.fakeav, trojan.ransom, windows internet




Ähnliche Themen: ihavenet.com Virus - leider auch bei mir!


  1. wssetup leider auch ich
    Log-Analyse und Auswertung - 02.07.2013 (24)
  2. Leider auch Ärger mit ChatZum
    Plagegeister aller Art und deren Bekämpfung - 28.02.2013 (14)
  3. Leider auch Ärger mit ChatZum
    Plagegeister aller Art und deren Bekämpfung - 22.12.2012 (44)
  4. Ihavenet Virus - jetzt ich auch
    Plagegeister aller Art und deren Bekämpfung - 30.10.2012 (5)
  5. GVU Trojaner bin leider auch betroffen
    Log-Analyse und Auswertung - 14.08.2012 (13)
  6. leider auch incredibar virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 08.07.2012 (3)
  7. TR/small.Fi, leider auch:heulen:
    Plagegeister aller Art und deren Bekämpfung - 03.07.2012 (20)
  8. Neuer Trend: der 50€ Virus / Trojaner - Jetzt leider auch bei mir...
    Plagegeister aller Art und deren Bekämpfung - 11.04.2012 (15)
  9. Leider auch BKA - Trojaner
    Plagegeister aller Art und deren Bekämpfung - 03.12.2011 (1)
  10. Leider auch der Bundeskriminalamttrojaner
    Plagegeister aller Art und deren Bekämpfung - 23.11.2011 (3)
  11. Leider auch TR/kazy.mekml.1 erwischt?
    Log-Analyse und Auswertung - 19.05.2011 (1)
  12. tr/kazy.mekml.1 leider auch bei mir
    Log-Analyse und Auswertung - 07.05.2011 (16)
  13. TR/Kazy.mekml.1 leider auch hier
    Plagegeister aller Art und deren Bekämpfung - 06.05.2011 (1)
  14. Leider auch BKA-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 27.04.2011 (2)
  15. Leider auch TR/Agent.33302
    Plagegeister aller Art und deren Bekämpfung - 14.06.2007 (21)
  16. TR/Agent.33302 leider auch bei mir....
    Plagegeister aller Art und deren Bekämpfung - 13.06.2007 (3)
  17. Leider auch mit Backtera Virus befallen !?!
    Log-Analyse und Auswertung - 01.06.2006 (5)

Zum Thema ihavenet.com Virus - leider auch bei mir! - Hei Zusammen, auf dem Rechner meiner Frau, die damit beruflich viel im Internet unterwegs ist, hat sich ebenfalls der ihavenet.com - Virus breit gemacht (automatische Umleitung der URL im Browser)! - ihavenet.com Virus - leider auch bei mir!...
Archiv
Du betrachtest: ihavenet.com Virus - leider auch bei mir! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.