Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
vermuteter Malware Befall

vermuteter Malware Befall


Log-Analyse und Auswertung: vermuteter Malware Befall

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 05.06.2013, 05:55   #3
hinkes
 
vermuteter Malware Befall - Standard

vermuteter Malware Befall


Guten morgen,

danke für die rasche antwort,

hier die 2 Log files:

1:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 05.06.2013 06:37:22 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Martin\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,97 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 44,01% Memory free
5,93 Gb Paging File | 4,32 Gb Available in Paging File | 72,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 67,42 Gb Free Space | 67,42% Space Free | Partition Type: NTFS
Drive D: | 30,25 Gb Total Space | 22,34 Gb Free Space | 73,87% Space Free | Partition Type: NTFS
Drive F: | 146,48 Gb Total Space | 37,84 Gb Free Space | 25,83% Space Free | Partition Type: NTFS
Drive G: | 174,07 Gb Total Space | 37,46 Gb Free Space | 21,52% Space Free | Partition Type: NTFS
 
Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Martin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe (Adobe Systems, Inc.)
PRC - C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_TATIHTU.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Programme\ThinkPad\Utilities\SCHTASK.EXE (Lenovo Group Limited)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
PRC - C:\Programme\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\IgrsSvcs.exe (Microsoft Corporation)
PRC - C:\Programme\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
PRC - C:\Programme\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\Mozilla Thunderbird\mozjs.dll ()
MOD - C:\Programme\Mozilla Thunderbird\nsldap32v60.dll ()
MOD - C:\Programme\Mozilla Thunderbird\nsldappr32v60.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
MOD - C:\Users\Martin\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Users\Martin\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Programme\ThinkPad\Utilities\GR\PWMRT32V.DLL ()
MOD - C:\Programme\Lenovo\Energy Management\KbdHook.dll ()
MOD - C:\Programme\Lenovo\Energy Management\HookLib.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (Dnscache) -- %SystemRoot%\System32\poualsxux.dll File not found
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (EPSON_PM_RPCV4_05) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE (SEIKO EPSON CORPORATION)
SRV - (Power Manager DBC Service) -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe (Lenovo)
SRV - (PwmEWSvc) -- C:\Programme\ThinkPad\Utilities\PWMEWSVC.exe (Lenovo Group Limited)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Update-Service) -- C:\Windows\System32\UpdSvc.dll (Joosoft.com GmbH)
SRV - (Lenovo ReadyComm ConnSvc) -- C:\Programme\Lenovo\ReadyComm\ConnSvc.exe (Lenovo Group Limited)
SRV - (Lenovo ReadyComm AppSvc) -- C:\Programme\Lenovo\ReadyComm\AppSvc.exe (Lenovo Group Limited)
SRV - (PS_MDP) -- C:\Programme\Lenovo\ReadyComm\PS_MDP.dll (Lenovo Group Limited)
SRV - (IGRS) -- C:\Programme\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)
SRV - (ReadyComm.DirectRouter) -- C:\Programme\Lenovo\ReadyComm\common\router.dll (Lenovo Group Limited)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (btwdins) -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (USBCCID) -- system32\DRIVERS\RtsUCcid.sys File not found
DRV - (RtsUIR) -- system32\DRIVERS\Rts516xIR.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (TPPWRIF) -- C:\Windows\System32\drivers\TPPWR32V.SYS (Lenovo Group Limited)
DRV - (funfrm) -- C:\windows\System32\drivers\funfrm.sys ()
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (Bridge0) -- C:\Windows\System32\drivers\wdbridge.sys (Lenovo)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (wsvd) -- C:\Windows\System32\drivers\wsvd.sys (CyberLink)
DRV - (wdmirror) -- C:\Windows\System32\drivers\WDMirror.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (WSDScan) -- C:\Windows\System32\drivers\WSDScan.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (k57nd60x) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)
DRV - (ACPIVPC) -- C:\Windows\System32\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV - (netw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com/
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com/
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
IE - HKCU\..\SearchScopes\{EEBD267A-2CA3-49D4-9B52-153EFE3FF36D}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.05.20 13:40:46 | 000,000,000 | ---D | M]
 
[2011.12.06 20:19:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Extensions
[2012.09.26 21:55:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\3twb667h.default\extensions
[2013.05.26 17:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.26 17:21:11 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Energy Management] C:\Programme\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Programme\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PWMTRV] C:\Programme\ThinkPad\Utilities\PWMTR32V.DLL (Lenovo Group Limited)
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\windows\System32\spool\DRIVERS\W32X86\3\E_TATIHTU.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Martin\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Martin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\windows\system32\tnnsqq5vr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.212.62.62 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2297C498-2845-4610-85A2-67E3F6B88568}: DhcpNameServer = 82.212.62.62 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA9C3B8B-8089-45E7-ABE4-AD064ADBAC2C}: DhcpNameServer = 82.212.62.62 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.05 06:35:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2013.06.04 23:05:45 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2013.06.04 22:36:45 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2013.06.04 22:36:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
[2013.06.04 22:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\Security Task Manager
[2013.06.01 10:37:15 | 000,066,656 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\avnetflt.sys
[2013.05.31 19:13:37 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\WinRAR
[2013.05.31 19:13:37 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.05.31 19:13:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.05.31 19:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.05.31 18:57:53 | 000,000,000 | ---D | C] -- C:\windows\pss
[2013.05.31 18:27:40 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\Seven Zip
[2013.05.31 18:26:02 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.05.31 18:23:10 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Avira
[2013.05.31 18:19:53 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.05.31 18:17:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.05.31 18:17:31 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avipbb.sys
[2013.05.31 18:17:31 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avgntflt.sys
[2013.05.31 18:17:31 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avkmgr.sys
[2013.05.31 18:17:31 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys
[2013.05.31 18:17:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.05.31 18:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013.05.31 18:10:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013.05.31 18:10:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013.05.31 18:10:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013.05.31 18:10:02 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013.05.31 18:09:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.05.31 18:09:41 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013.05.26 17:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.05.26 16:31:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2013.05.26 16:31:18 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Foxit Software
[2013.05.26 16:31:18 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2013.05.20 13:40:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2013.05.16 21:34:27 | 000,000,000 | ---D | C] -- C:\windows\Sun
[2013.05.12 14:17:31 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013.05.10 11:57:06 | 000,000,000 | R--D | C] -- C:\Users\Martin\Dropbox
[2013.05.10 11:55:22 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013.05.10 11:55:00 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Dropbox
[2013.05.06 22:00:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.05.06 22:00:19 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2013.05.06 22:00:16 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2013.05.06 22:00:16 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\System32\java.exe
[2013.05.06 22:00:16 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013.05.06 22:00:04 | 000,000,000 | ---D | C] -- C:\Program Files\Java
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.05 06:35:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2013.06.05 06:30:35 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.05 06:30:35 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.05 06:28:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.06.05 06:27:53 | 000,643,866 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2013.06.05 06:27:53 | 000,607,190 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013.06.05 06:27:53 | 000,126,394 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2013.06.05 06:27:53 | 000,103,568 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013.06.05 06:23:14 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013.06.05 06:23:05 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.06.05 06:22:56 | 2388,078,592 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.01 10:37:04 | 000,066,656 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avnetflt.sys
[2013.05.31 18:49:32 | 000,447,208 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013.05.31 18:29:00 | 000,000,535 | ---- | M] () -- C:\windows\System32\mapisvc.inf
[2013.05.31 18:17:42 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.05.31 18:14:16 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avipbb.sys
[2013.05.31 18:14:16 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avgntflt.sys
[2013.05.31 18:14:16 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avkmgr.sys
[2013.05.31 18:14:16 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys
[2013.05.26 16:31:32 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2013.05.18 14:28:19 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2013.05.18 14:28:19 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2013.05.12 14:12:05 | 003,122,804 | ---- | M] () -- C:\Users\Martin\Desktop\Info.izp
[2013.05.10 11:57:06 | 000,001,041 | ---- | M] () -- C:\Users\Martin\Desktop\Dropbox.lnk
[2013.05.10 11:55:31 | 000,001,051 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.05.06 22:00:07 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013.05.06 22:00:05 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\windows\System32\npDeployJava1.dll
[2013.05.06 22:00:05 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll
[2013.05.06 22:00:05 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2013.05.06 22:00:05 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2013.05.06 22:00:05 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe
 
========== Files Created - No Company Name ==========
 
[2013.05.31 18:17:42 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.05.31 18:10:07 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013.05.31 18:10:07 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013.05.31 18:10:07 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013.05.31 18:10:07 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013.05.31 18:10:07 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013.05.26 16:31:32 | 000,002,008 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2013.05.12 14:12:05 | 003,122,804 | ---- | C] () -- C:\Users\Martin\Desktop\Info.izp
[2013.05.10 11:57:06 | 000,001,041 | ---- | C] () -- C:\Users\Martin\Desktop\Dropbox.lnk
[2013.05.10 11:55:31 | 000,001,051 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.04.05 21:21:49 | 000,000,000 | ---- | C] () -- C:\windows\EEventManager.INI
[2013.04.05 18:31:57 | 000,000,174 | ---- | C] () -- C:\windows\wiso.ini
[2013.03.23 19:19:08 | 000,002,100 | ---- | C] () -- C:\Users\Martin\AppData\Local\recently-used.xbel
[2013.01.02 16:26:42 | 000,010,495 | ---- | C] () -- C:\Users\Martin\hinkm_elster_2048.pfx
[2012.09.27 13:35:47 | 000,003,559 | ---- | C] () -- C:\Users\Martin\.ganttproject
[2012.08.13 11:11:02 | 141,421,187 | ---- | C] () -- C:\Program Files\openofficeorg1.cab
[2012.08.13 11:09:30 | 003,166,208 | ---- | C] () -- C:\Program Files\openofficeorg341.msi
[2012.08.13 11:09:30 | 000,473,600 | ---- | C] () -- C:\Program Files\setup.exe
[2012.08.13 11:09:30 | 000,000,294 | ---- | C] () -- C:\Program Files\setup.ini
[2012.02.12 15:19:12 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.12.23 21:58:28 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2011.12.23 21:58:24 | 000,974,848 | ---- | C] () -- C:\windows\System32\cis-2.4.dll
[2011.12.23 21:58:24 | 000,081,920 | ---- | C] () -- C:\windows\System32\issacapi_bs-2.3.dll
[2011.12.23 21:58:24 | 000,065,536 | ---- | C] () -- C:\windows\System32\issacapi_pe-2.3.dll
[2011.12.23 21:58:24 | 000,057,344 | ---- | C] () -- C:\windows\System32\issacapi_se-2.3.dll
[2011.12.08 00:25:46 | 000,000,353 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\Network Meter_Settings.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
--- --- ---

2:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 05.06.2013 06:37:22 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Martin\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,97 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 44,01% Memory free
5,93 Gb Paging File | 4,32 Gb Available in Paging File | 72,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 67,42 Gb Free Space | 67,42% Space Free | Partition Type: NTFS
Drive D: | 30,25 Gb Total Space | 22,34 Gb Free Space | 73,87% Space Free | Partition Type: NTFS
Drive F: | 146,48 Gb Total Space | 37,84 Gb Free Space | 25,83% Space Free | Partition Type: NTFS
Drive G: | 174,07 Gb Total Space | 37,46 Gb Free Space | 21,52% Space Free | Partition Type: NTFS
 
Computer Name: MARTIN-PC | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{032C26F1-9A6E-43A8-A075-5F26B2C878F5}" = lport=445 | protocol=6 | dir=in | app=system | 
"{0673425E-DB82-4994-8486-CE7C61250971}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{094AB46C-9C6C-45DE-A2D5-28DF807B90B6}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{16948452-BD43-4F4C-9943-87144D668E72}" = rport=445 | protocol=6 | dir=out | app=system | 
"{19149A53-466D-45E4-AA3D-0881C17BA7E7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1EDCAF4C-BAD7-4565-B7FD-9B2C5976D716}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{331784AE-84CA-4EFD-B02B-06CA36A443ED}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{370D4CC9-6BD9-43C3-9C9F-08E2E75B3F31}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{3B97BB6F-FEEB-4041-86DD-27D1E076C896}" = lport=10244 | protocol=6 | dir=in | app=system | 
"{411F3EB4-0F80-4282-8F2D-BE7D41B07B19}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{59D958CF-0C3F-4134-A5BD-A2E14473E8CB}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{63C05E50-10A5-45B6-BC5B-AD3844EA1ED6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{675C7826-7E79-4E57-A7A3-F9577E86B0E0}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{6D06E2ED-8472-4070-82A9-8489507AA558}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{6D2EB7B8-C299-4A76-AB95-1685787F35D8}" = rport=139 | protocol=6 | dir=out | app=system | 
"{6E42E609-9AE3-46CF-8774-F518934EBF9F}" = rport=138 | protocol=17 | dir=out | app=system | 
"{72295B11-4A69-4DB3-A396-9A3295705743}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{88724D48-57BC-49B2-8DE8-D5A00D69035D}" = lport=138 | protocol=17 | dir=in | app=system | 
"{8963EC19-9607-4D42-952F-2C65CC781B81}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8F66D02C-8EAC-4027-94A8-4B83F103729E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{92927D5D-166D-4F7D-B756-1096E104E2A3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{998B23D5-59DC-4B5F-BB32-2F4A511D348A}" = lport=139 | protocol=6 | dir=in | app=system | 
"{9B4C67B0-03D7-4E57-9602-512F6BE2DC7F}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{A4A5A8CA-4A6C-4A8B-ABF3-8CAFB07BD4F9}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A632A43E-0348-41A3-AC7D-88C693B56484}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A670B960-B4ED-4FE2-B09D-1C89C22A5CC1}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{A87D8F78-F18C-4534-84A1-3E5086C7CD9F}" = lport=3390 | protocol=6 | dir=in | app=system | 
"{B13A7DE0-4EE9-4AC9-BD68-94128E8B43EF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B3E25F0B-0CCA-4DFE-9B4D-F73B2097B21B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BE1CDF9C-08A8-46BD-9F47-806C5958622E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CA68B580-4183-46C8-B81F-149744042611}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CCFEAB47-C554-4D0A-8896-B3A2CAB9425C}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | 
"{D8F7D2CC-B84C-475A-BBDC-1F82B921A99B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{D982428C-AD5F-47D9-B995-587177C12D49}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E1649F28-9125-42D2-9293-C5FE1264247A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E77B59A2-81DD-4338-9D6A-32C1B407F11E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{F00B9706-48D1-499F-9554-4C498CE11982}" = rport=137 | protocol=17 | dir=out | app=system | 
"{FEB504E9-5122-4E6E-9577-D88C0F2CCA97}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08C9D321-3571-43AE-A80E-3687DA9EDAB4}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{0C47B76F-CEA9-4BBA-B391-4CE728ED8A53}" = dir=out | app=c:\program files\lenovo\readycomm\common\igrs.exe | 
"{0D5437E4-3D6F-413A-977E-931FBCD74088}" = dir=out | app=c:\windows\system32\igrssvcs.exe | 
"{0DF9465E-C7A4-4A01-8883-D6260E1BFC33}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe | 
"{2FA7B683-1FEE-4606-ADFE-D6C54F0B0D80}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{301C3719-A4A1-4083-AA06-229E10B2B1D4}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{308569D4-D0BF-495D-A76D-A90BE91751F4}" = protocol=6 | dir=in | app=c:\program files\epson software\ecprintersetup\enpapp.exe | 
"{3B193607-CFAE-48DB-ADDE-0BA51A9F4F75}" = protocol=6 | dir=in | app=e:\network\epsonnetsetup\eneasyapp.exe | 
"{3DB2062B-C1A8-4AD8-83EA-20B11C80CB48}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{4FFD86BC-FCF9-4B86-988D-48020DFD256A}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{53BEB3FC-DA3B-47A4-A7FE-303C7988CFBF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6D1CE614-C903-4DE4-ACCE-DE4AF305DA6B}" = dir=out | app=c:\program files\lenovo\readycomm\common\igrs.exe | 
"{733A9B6E-F3DF-422B-94E5-7E3B8D161896}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{7368A7DE-69DA-4271-A950-4D2B4194AEE7}" = dir=out | app=c:\program files\lenovo\readycomm\appsvc.exe | 
"{749694AD-AB2B-4107-8DB7-183DC3BB27B3}" = dir=in | app=c:\windows\system32\igrssvcs.exe | 
"{7D2D5FA4-5885-48F2-BFD6-65F8072322C5}" = protocol=17 | dir=in | app=e:\network\epsonnetsetup\eneasyapp.exe | 
"{884E3691-4123-4D09-A4E6-E20EC319BCB4}" = dir=in | app=c:\program files\lenovo\readycomm\common\igrs.exe | 
"{893DFB42-24EF-42E2-BC24-8720DEC40035}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{8A71E731-E6F6-4B68-BAAA-A5E0AC88F31D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{8DF2AF65-5864-427E-8501-BE79F9318343}" = dir=in | app=c:\program files\lenovo\readycomm\common\igrs.exe | 
"{92138714-641E-4CD5-A5CF-A0EF88782A83}" = dir=in | app=c:\program files\lenovo\readycomm\appsvc.exe | 
"{9356AAC3-DD7E-4E49-AAC8-1C97B667097D}" = protocol=17 | dir=in | app=c:\program files\epson software\ecprintersetup\enpapp.exe | 
"{983B51C3-CE26-42DD-8746-9A60BD157F47}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | 
"{9AF186E6-07DB-4F3C-9760-DBDD7DF5AB42}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe | 
"{B2B1A8EF-9170-4C90-A504-3D0856F87216}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{B59EF72A-B51F-443D-9006-D667E6A21CD6}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | 
"{B908669C-E2A6-4DD3-A058-4C4E7460CBF1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{BFD22F70-DC2F-4713-ADB9-CC1698A133FD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{C07A57AD-4A19-42EA-8F96-2346F4FFDA46}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe | 
"{C3BBD7A1-AF60-4A88-B67D-BFFD9BD2E996}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe | 
"{C50C12B9-C5C8-4B68-9D91-19FD9BCD7122}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{C51D704B-43EA-49CD-9BA3-E007BBA885DA}" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe | 
"{DD067A4E-FF22-4270-8F3B-74DFDEF9A92F}" = protocol=6 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe | 
"{DE832482-4ED9-44EE-B344-95C48AA0B9F9}" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe | 
"{EB55D631-948C-439B-BEFC-0CEB9CCB6348}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{EBE09E8D-F486-4FA5-85AE-49310A725346}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{ED49E9FA-41E7-4368-B1B8-F8FA403A466C}" = dir=out | app=c:\program files\lenovo\readycomm\connsvc.exe | 
"{F49820FD-3A1D-4588-A6CC-22F579504532}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe | 
"{F934F81B-66DA-4FFF-9277-D0EE85328D19}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{FA98EC33-0239-43FC-ADE9-861295E1C280}" = dir=in | app=c:\program files\lenovo\readycomm\connsvc.exe | 
"{FE7204AD-D01B-4E20-8C67-C8207312CB70}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{FE8E39A8-90A4-48C9-A707-F10A036DC32D}" = protocol=17 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe | 
"{FEAAEC88-85BE-4BA3-81A7-01D172F65752}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | 
"{FEAB198E-1A3F-4D23-A47B-736056937244}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{1395B4AE-4BE2-49EF-BB42-D893F4507F7F}C:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{4F28B047-ED03-4FBD-BA3A-CD10AD3AC808}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe | 
"UDP Query User{03FF4745-8C70-493E-9BD9-40CE22739C7C}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe | 
"UDP Query User{F7E2E809-4F30-4BFD-B42E-C2829C570ADF}C:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011
"{0B914F2C-6CC2-4328-B84E-411A81B50FA4}" = Steuer-Sparer 2013
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{46B70DEB-97B3-4E38-B746-EC16905E6A8F}" = WISO Steuer 2010
"{49F3D04B-B849-4C89-AB31-2366A004EA28}" = Broadcom Gigabit Integrated Controller
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E6E7725-C7BC-4C39-8B3F-14B67331A120}" = Lenovo Patch Utility
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}" = EPSON Printer Finder
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}" = Steuer-Spar-Erklärung 2012
"{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = Energie-Manager
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}" = Epson Event Manager
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Antivirus Premium
"B4DFFB06B716298277125094C48185BFE8B5A7E1" = Windows-Treiberpaket - Ross-Tech USB Driver Package (06/16/2010 2.06.02)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"EAGLE 6.4.0" = EAGLE 6.4.0
"EasyCapture4.0" = EasyCapture
"EPSON BX535WD Series" = EPSON BX535WD Series Printer Uninstall
"EPSON Scanner" = EPSON Scan
"Foxit Reader_is1" = Foxit Reader
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.2
"Free YouTube Download_is1" = Free YouTube Download version 3.1.37.918
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"GanttProject" = GanttProject
"GIMP-2_is1" = GIMP 2.8.2
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Security Task Manager" = Security Task Manager 1.8g
"VLC media player" = VLC media player 2.0.1
"WavePad" = WavePad Audiobearbeitungs-Software
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.67
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 07.12.2012 07:30:07 | Computer Name = Martin-PC | Source = RpcNs | ID = 2
Description = 
 
Error - 02.01.2013 09:56:36 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 17.0.1.4715,
 Zeitstempel: 0x50b71a4b  Name des fehlerhaften Moduls: xul.dll, Version: 17.0.1.4715,
 Zeitstempel: 0x50b7198b  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00144ed8  ID des fehlerhaften
 Prozesses: 0xfe0  Startzeit der fehlerhaften Anwendung: 0x01cde8f049dc7d5a  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files\Mozilla Firefox\xul.dll  Berichtskennung: 38c0fe9f-54e4-11e2-bf7c-002622d7ab25
 
Error - 10.01.2013 11:18:06 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: McUicnt.exe, Version: 4.0.228.0, 
Zeitstempel: 0x4d50670d  Name des fehlerhaften Moduls: ieframe.dll, Version: 9.0.8112.16457,
 Zeitstempel: 0x50a2fe39  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000f22d2  ID des fehlerhaften
 Prozesses: 0x1704  Startzeit der fehlerhaften Anwendung: 0x01cdef4571eec326  Pfad der
 fehlerhaften Anwendung: C:\Program Files\McAfee Security Scan\3.0.285\McUicnt.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\System32\ieframe.dll  Berichtskennung: eece3793-5b38-11e2-be31-0c6076badff3
 
Error - 10.01.2013 11:18:15 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: McUicnt.exe, Version: 4.0.228.0, 
Zeitstempel: 0x4d50670d  Name des fehlerhaften Moduls: ieframe.dll, Version: 9.0.8112.16457,
 Zeitstempel: 0x50a2fe39  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000f22d2  ID des fehlerhaften
 Prozesses: 0x1704  Startzeit der fehlerhaften Anwendung: 0x01cdef4571eec326  Pfad der
 fehlerhaften Anwendung: C:\Program Files\McAfee Security Scan\3.0.285\McUicnt.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\System32\ieframe.dll  Berichtskennung: f3c22474-5b38-11e2-be31-0c6076badff3
 
Error - 20.01.2013 06:59:19 | Computer Name = Martin-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 29.01.2013 14:09:28 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 18.0.1.4764,
 Zeitstempel: 0x50f705c6  Name des fehlerhaften Moduls: xul.dll, Version: 18.0.1.4764,
 Zeitstempel: 0x50f704c6  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00117a68  ID des fehlerhaften
 Prozesses: 0x170c  Startzeit der fehlerhaften Anwendung: 0x01cdfe489b15915f  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files\Mozilla Firefox\xul.dll  Berichtskennung: 0506ef78-6a3f-11e2-8a55-0c6076badff3
 
Error - 29.01.2013 14:09:34 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.7600.16667,
 Zeitstempel: 0x4c7dc5a1  Name des fehlerhaften Moduls: gdiplus.dll, Version: 6.1.7600.17007,
 Zeitstempel: 0x4f923628  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000aa1fe  ID des fehlerhaften
 Prozesses: 0x6bb0  Startzeit der fehlerhaften Anwendung: 0x01cdfe4bc73dd415  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmplayer.exe  Pfad 
des fehlerhaften Moduls: C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\gdiplus.dll
Berichtskennung:
 0872179b-6a3f-11e2-8a55-0c6076badff3
 
Error - 29.01.2013 14:16:22 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7600.16385,
 Zeitstempel: 0x4a5bccb3  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.17135,
 Zeitstempel: 0x506dbeae  Ausnahmecode: 0x0000046b  Fehleroffset: 0x0000969b  ID des fehlerhaften
 Prozesses: 0x133c  Startzeit der fehlerhaften Anwendung: 0x01cdfe4868c1628f  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe  Pfad 
des fehlerhaften Moduls: C:\windows\system32\KERNELBASE.dll  Berichtskennung: fbb5c4c4-6a3f-11e2-8a55-0c6076badff3
 
Error - 22.02.2013 12:15:51 | Computer Name = Martin-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 18.0.1.4764 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1128    Startzeit:
 01ce111738aaf065    Endzeit: 15    Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe

Berichts-ID:
 1e926233-7d0b-11e2-8693-0c6076badff3  
 
Error - 11.03.2013 12:31:33 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 19.0.0.4794,
 Zeitstempel: 0x511ed1c1  Name des fehlerhaften Moduls: xul.dll, Version: 19.0.0.4794,
 Zeitstempel: 0x511ed0fe  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00155858  ID des fehlerhaften
 Prozesses: 0x14a0  Startzeit der fehlerhaften Anwendung: 0x01ce1e75dd475695  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files\Mozilla Firefox\xul.dll  Berichtskennung: 2270e82e-8a69-11e2-8762-0c6076badff3
 
[ System Events ]
Error - 05.06.2013 00:27:16 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:   %%126
 
Error - 05.06.2013 00:28:22 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:   %%126
 
Error - 05.06.2013 00:28:34 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:   %%126
 
Error - 05.06.2013 00:30:20 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:   %%126
 
Error - 05.06.2013 00:32:26 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:   %%126
 
Error - 05.06.2013 00:37:26 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:   %%126
 
Error - 05.06.2013 00:39:34 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:   %%126
 
Error - 05.06.2013 00:44:34 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:   %%126
 
Error - 05.06.2013 00:46:42 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:   %%126
 
Error - 05.06.2013 00:51:42 | Computer Name = Martin-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:   %%126
 
 
< End of report >
--- --- ---
__________________
 

Themen zu vermuteter Malware Befall
adobe, avg, avira, bho, converter, desktop, email, explorer, firefox, flash player, hijack, hijackthis, internet, internet explorer, logfile, malware, mozilla, mp3, object, plug-in, problem, rundll, schutz, software, system, windows


« Mail delivery failed | Evtl. SPAM mails von meinem PC? »


Ähnliche Themen: vermuteter Malware Befall


  1. Malware Befall?
    Log-Analyse und Auswertung - 24.09.2015 (18)
  2. möglicher malware - Befall meines PC
    Plagegeister aller Art und deren Bekämpfung - 20.01.2015 (9)
  3. Schwieriger Fehler! Pc sehr langsam bei sache und vermuteter Hardware fehler?
    Alles rund um Windows - 18.02.2014 (2)
  4. Vermuteter Trojaner auf ACER - deutscher Rechner in USA bei meiner Tochter (highschool)
    Plagegeister aller Art und deren Bekämpfung - 21.01.2014 (5)
  5. W7 Malware Befall – Rester löschen
    Log-Analyse und Auswertung - 11.09.2013 (14)
  6. Rootkit/ Malware Befall
    Plagegeister aller Art und deren Bekämpfung - 03.10.2012 (7)
  7. Malware-Befall? Virenscans dauern ewig
    Plagegeister aller Art und deren Bekämpfung - 18.04.2012 (61)
  8. Log-Analyse nach Trojaner/Malware befall (Malware.Trace / Trojan.BHO)
    Log-Analyse und Auswertung - 26.09.2011 (16)
  9. Trojaner Befall - Malware findet nichts
    Log-Analyse und Auswertung - 14.11.2010 (7)
  10. Befall mit Malware. Was tuen?
    Plagegeister aller Art und deren Bekämpfung - 26.09.2010 (1)
  11. Malware Befall 'TR/Witkinat.A.30', 'TR/Spy.Insain.HP' usw.
    Log-Analyse und Auswertung - 16.03.2010 (2)
  12. Malware Defense Befall
    Plagegeister aller Art und deren Bekämpfung - 23.01.2010 (10)
  13. malware defense befall
    Plagegeister aller Art und deren Bekämpfung - 21.01.2010 (9)
  14. Vermuteter Trojaner beim Starten von XP
    Log-Analyse und Auswertung - 21.02.2009 (4)
  15. Malware-Befall. TR/RKIT/BDS
    Plagegeister aller Art und deren Bekämpfung - 05.12.2008 (4)
  16. backdoor und malware befall
    Plagegeister aller Art und deren Bekämpfung - 04.12.2008 (65)
  17. Trojaner und Malware-Befall
    Log-Analyse und Auswertung - 01.11.2008 (16)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema vermuteter Malware Befall - Guten morgen, danke für die rasche antwort, hier die 2 Log files: 1:OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 05.06.2013 06:37:22 - Run 1 OTL by - vermuteter Malware Befall...
Archiv
Du betrachtest: vermuteter Malware Befall auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132