Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
PC langsam\Gnabtray.exe?\CCUTRAYICON? +logfile

PC langsam\Gnabtray.exe?\CCUTRAYICON? +logfile


Log-Analyse und Auswertung: PC langsam\Gnabtray.exe?\CCUTRAYICON? +logfile

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 14.05.2010, 20:04   #3
Ausgefuchst
 
PC langsam\Gnabtray.exe?\CCUTRAYICON? +logfile - Standard

PC langsam\Gnabtray.exe?\CCUTRAYICON? +logfile


Erstmal danke für die schnelle antwort :-)
Hier siond die drei Logs.

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4101

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

14.05.2010 20:39:45
mbam-log-2010-05-14 (20-39-45).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 253704
Laufzeit: 52 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)



------------------------------------------

OTL logfile created on: 14.05.2010 20:52:11 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Fuechse\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,26 Gb Total Space | 348,80 Gb Free Space | 78,34% Space Free | Partition Type: NTFS
Drive D: | 20,49 Gb Total Space | 16,09 Gb Free Space | 78,51% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FUECHSE-PC
Current User Name: Fuechse
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Fuechse\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\ieuser.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Programme\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH)
PRC - C:\Programme\Intel\IntelDH\CCU\AlertService.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
PRC - C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
PRC - C:\Programme\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Fuechse\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (GnabService) -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH)
SRV - (AlertService) Intel(R) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel(R) Corporation)
SRV - (QualityManager) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe (Intel(R) Corporation)
SRV - (Remote UI Service) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel(R) Corporation)
SRV - (MCLServiceATL) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel(R) Corporation)
SRV - (DHTRACE) Intel(R) -- C:\Programme\Common Files\Intel\IntelDH\bin\DHTraceController.exe (Intel(R) Corporation)
SRV - (ISSM) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel(R) Corporation)
SRV - (NMSCore) Intel(R) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe (Intel(R) Corporation)
SRV - (M1 Server) Intel(R) Viiv(TM) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (DQLWinService) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()


========== Driver Services (SafeList) ==========

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (TSHWMDTCP) -- C:\Programme\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys ()
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (nmsunidr) -- C:\Windows\System32\drivers\nmsunidr.sys (Gteko Ltd.)
DRV - (athrusb) -- C:\Windows\System32\drivers\athrusb.sys (Atheros Communications, Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (MTOnlPktAlyX) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
DRV - (w810obex) -- C:\Windows\System32\drivers\w810obex.sys (MCCI)
DRV - (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\w810mgmt.sys (MCCI)
DRV - (w810mdm) -- C:\Windows\System32\drivers\w810mdm.sys (MCCI)
DRV - (w810mdfl) -- C:\Windows\System32\drivers\w810mdfl.sys (MCCI)
DRV - (w810bus) Sony Ericsson W810 Driver driver (WDM) -- C:\Windows\System32\drivers\w810bus.sys (MCCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.14 15:58:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.14 15:58:43 | 000,000,000 | ---D | M]

[2010.05.14 15:58:47 | 000,000,000 | ---D | M] -- C:\Users\Fuechse\AppData\Roaming\mozilla\Extensions
[2010.05.14 15:45:44 | 000,000,000 | ---D | M] -- C:\Users\Fuechse\AppData\Roaming\mozilla\Firefox\Profiles\f7qufby9.default\extensions
[2010.05.14 15:45:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Fuechse\AppData\Roaming\mozilla\Firefox\Profiles\f7qufby9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.14 15:40:02 | 000,000,950 | ---- | M] () -- C:\Users\Fuechse\AppData\Roaming\Mozilla\FireFox\Profiles\f7qufby9.default\searchplugins\icqplugin-1.xml
[2008.03.01 16:29:13 | 000,000,950 | ---- | M] () -- C:\Users\Fuechse\AppData\Roaming\Mozilla\FireFox\Profiles\f7qufby9.default\searchplugins\icqplugin-2.xml
[2008.04.09 17:59:03 | 000,000,950 | ---- | M] () -- C:\Users\Fuechse\AppData\Roaming\Mozilla\FireFox\Profiles\f7qufby9.default\searchplugins\icqplugin-3.xml
[2008.04.23 20:24:46 | 000,000,950 | ---- | M] () -- C:\Users\Fuechse\AppData\Roaming\Mozilla\FireFox\Profiles\f7qufby9.default\searchplugins\icqplugin-4.xml
[2008.08.09 00:16:44 | 000,000,950 | ---- | M] () -- C:\Users\Fuechse\AppData\Roaming\Mozilla\FireFox\Profiles\f7qufby9.default\searchplugins\icqplugin-5.xml
[2008.12.17 16:39:32 | 000,000,950 | ---- | M] () -- C:\Users\Fuechse\AppData\Roaming\Mozilla\FireFox\Profiles\f7qufby9.default\searchplugins\icqplugin-6.xml
[2008.02.19 19:16:46 | 000,000,951 | ---- | M] () -- C:\Users\Fuechse\AppData\Roaming\Mozilla\FireFox\Profiles\f7qufby9.default\searchplugins\icqplugin.xml
[2010.05.14 15:58:43 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CCUTRAYICON] File not found
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [GnabTray] C:\Program Files\Common Files\Gnab\Service\GnabTray.exe (Empolis GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ToADiMon.exe] C:\Program Files\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKLM..\Run: [WinampAgent] C:\Robins Kram\programme\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: tumuenchen.de ([www] https in Vertrauenswürdige Sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.05.14 20:50:47 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\Fuechse\Desktop\OTL.exe
[2010.05.14 19:46:20 | 000,000,000 | ---D | C] -- C:\Users\Fuechse\AppData\Roaming\Malwarebytes
[2010.05.14 19:46:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.05.14 19:46:12 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.05.14 19:46:12 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.05.14 19:46:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.05.14 16:20:19 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy
[2010.05.14 16:20:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.05.14 16:01:39 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.05.14 15:13:56 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2010.05.14 15:13:27 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010.05.14 15:13:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.05.14 15:02:28 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.05.14 15:02:28 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.05.14 15:02:28 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.05.14 15:02:27 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.05.14 15:02:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.05.14 14:35:07 | 000,000,000 | ---D | C] -- C:\ProgramData\tmp
[2010.05.14 11:01:57 | 000,000,000 | ---D | C] -- C:\Programme\Real
[2010.05.14 11:01:55 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Real
[2010.05.14 11:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010.05.14 11:01:51 | 000,000,000 | ---D | C] -- C:\Users\Fuechse\AppData\Roaming\Real
[2010.05.04 11:04:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2010.05.04 11:04:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2010.05.04 11:04:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2010.04.23 09:20:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2010.04.22 18:49:20 | 000,000,000 | ---D | C] -- C:\Users\Fuechse\AppData\Local\FreePDF_XP
[2010.04.22 18:34:04 | 000,000,000 | ---D | C] -- C:\Users\Fuechse\Desktop\Free PDF downloads
[2010.04.18 03:00:38 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.04.16 18:52:58 | 000,000,000 | ---D | C] -- C:\Users\Fuechse\Documents\SoftMaker
[2010.04.16 18:52:11 | 000,000,000 | ---D | C] -- C:\Programme\SoftMaker Viewer
[2010.04.16 14:04:08 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.04.16 14:04:08 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.04.16 14:04:02 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.04.16 14:03:59 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.04.16 14:03:59 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.14 20:51:14 | 014,155,776 | -HS- | M] () -- C:\Users\Fuechse\NTUSER.DAT
[2010.05.14 20:50:55 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Fuechse\Desktop\OTL.exe
[2010.05.14 20:29:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.14 19:46:16 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.14 19:13:16 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.14 19:13:16 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.14 17:20:58 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.05.14 17:18:48 | 001,445,786 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.14 17:18:48 | 000,628,210 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.05.14 17:18:48 | 000,595,308 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.14 17:18:48 | 000,126,850 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.05.14 17:18:48 | 000,104,742 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.14 17:13:17 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.14 17:13:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.14 17:13:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.14 17:12:00 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.05.14 17:11:56 | 000,524,288 | -HS- | M] () -- C:\Users\Fuechse\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.05.14 17:11:56 | 000,065,536 | -HS- | M] () -- C:\Users\Fuechse\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.05.14 17:11:54 | 001,842,627 | -H-- | M] () -- C:\Users\Fuechse\AppData\Local\IconCache.db
[2010.05.14 16:49:07 | 000,110,672 | ---- | M] () -- C:\Users\Fuechse\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.05.14 16:48:21 | 000,380,904 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.05.14 16:01:40 | 000,001,674 | ---- | M] () -- C:\Users\Fuechse\Desktop\CCleaner.lnk
[2010.05.14 15:58:44 | 000,001,728 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.05.14 15:13:34 | 000,001,730 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.05.14 15:02:33 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.05.14 14:21:01 | 000,002,605 | ---- | M] () -- C:\Users\Fuechse\Desktop\Microsoft Word.lnk
[2010.05.06 10:36:38 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.04.30 23:29:26 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.29 12:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.22 19:09:06 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010.04.22 10:09:18 | 000,001,074 | RH-- | M] () -- C:\Users\Fuechse\XrxWm.ini
[2010.04.22 10:09:18 | 000,000,522 | RH-- | M] () -- C:\Users\Fuechse\xw45cpdy.dyc
[2010.04.22 09:49:24 | 000,000,155 | ---- | M] () -- C:\Windows\System32\~.inf
[2010.04.18 15:31:45 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.05.14 19:46:16 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.14 16:01:40 | 000,001,674 | ---- | C] () -- C:\Users\Fuechse\Desktop\CCleaner.lnk
[2010.05.14 15:58:44 | 000,001,728 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.05.14 15:13:34 | 000,001,730 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.05.14 15:02:33 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.04.22 10:09:18 | 000,001,074 | RH-- | C] () -- C:\Users\Fuechse\XrxWm.ini
[2010.04.22 10:09:18 | 000,000,522 | RH-- | C] () -- C:\Users\Fuechse\xw45cpdy.dyc
[2010.04.18 15:31:45 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.04.16 18:52:12 | 000,779,593 | ---- | C] () -- C:\Users\Fuechse\Documents\TextMaker Viewer.tmd
[2010.04.16 18:52:12 | 000,068,640 | ---- | C] () -- C:\Windows\unTMV.exe
[2009.10.20 18:31:53 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2008.02.17 16:05:54 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2008.02.17 16:05:54 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008.02.02 16:29:32 | 000,000,030 | ---- | C] () -- C:\Windows\Iedit_.INI
[2007.10.09 22:05:58 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2007.08.15 18:37:46 | 000,000,216 | ---- | C] () -- C:\Windows\ulead32.ini
[2007.08.15 18:26:22 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2007.08.15 16:08:10 | 000,000,511 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.03.05 13:34:28 | 000,676,224 | ---- | C] () -- C:\Windows\System32\OGACheckControl.DLL
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.06.23 11:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
[2002.03.17 02:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000068.DLL
[1999.01.23 03:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL
< End of report >


OTL Extras logfile created on: 14.05.2010 20:52:11 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Fuechse\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,26 Gb Total Space | 348,80 Gb Free Space | 78,34% Space Free | Partition Type: NTFS
Drive D: | 20,49 Gb Total Space | 16,09 Gb Free Space | 78,51% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FUECHSE-PC
Current User Name: Fuechse
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Robins Kram\programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Robins Kram\programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Robins Kram\programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2410F622-BC78-4BB6-BCD5-9B27182E0C7D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F12DFAA-F517-46C4-A353-5797C9F0362A}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{3C3B4F44-4A1C-46EC-9A82-4060D1176B31}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4DFDFB79-2856-4FA6-B97D-0C9761FEF81E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4E49FD3F-5C14-4A36-B290-22055DE1007F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{65DCA89B-B694-4FC0-88C8-574CC98DE166}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{7756E798-2293-4AA6-853A-D7D56BF3507E}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
"{8819D55E-4349-4A0B-9CB5-C1783117EA75}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B4FCA71E-6757-444A-B906-335641D3908D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BB32E0A5-30C7-4B20-B28E-1B93D10A21E9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D6F807ED-9C2C-4D51-9C98-F8919B14CE2F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D70FC391-6F5D-4946-9740-163C9296AEF4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EBB31401-68E1-48D0-9D2B-84947B69F2F4}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{067869B8-C41A-4C00-BF54-D7A3C4B49C81}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{08C1F8C2-E755-449A-92FF-D8ABA5148434}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{09CB9740-797F-482F-A0BB-F206AA0F5AC3}" = protocol=6 | dir=in | app=c:\robins kram\programme\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{0A2D1DC6-B539-4B67-B626-8458DAE21FC6}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{43082DD7-8BD8-49C2-8C18-4369B2688E60}" = protocol=6 | dir=in | app=c:\robins kram\programme\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{4693423F-2B68-409D-AAD9-BA7DF11B10A9}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{4D71C844-5D36-4455-9A9F-5F2CFEDE77C5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5003731B-188E-42F7-88D5-E412A68EE805}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{50417147-0572-409A-9748-35ED2A491E17}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{5D1F0E54-5D1C-4A82-BEB2-1EC692C49B01}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{5EA512E0-02E2-4791-86A4-FEF4AC9FE1B2}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{82053F31-E3DF-45C7-820C-4C19134B2DB6}" = protocol=6 | dir=out | app=system |
"{8447A933-5A9A-42F0-B9A1-1BF21CC67FA4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8B07D5EA-605D-4644-BE7B-9489571D7DC9}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{9725E445-6A40-4C6C-853F-4C3517FA6B8E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A098BB35-BCED-4E6D-9A42-A8EA052F0234}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B68CD120-D7CC-4D6E-AFAA-BD3E1F1E06D9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D4CFE6A0-9417-45CB-A823-B8BD93466DB2}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{DBFDA691-3AFD-4D8C-B099-82515C56425C}" = protocol=17 | dir=in | app=c:\robins kram\programme\s.t.a.l.k.e.r. - shadow of chernobyl\bin\xr_3da.exe |
"{DDD5A19B-6D7C-4904-97CA-E9E173967BC0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E2ED6014-354C-47A2-A14D-1AB1505E0B64}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{E58A3E8E-C077-4F47-ABE4-7FA4F89EF9E9}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{E6B2C564-2C82-4657-8F38-3B5E637A7D7C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F15B4A29-FA72-41B0-A8EE-1DF62D7AB087}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F2E3141E-4A72-438F-B1E3-C19A448EF2D0}" = protocol=17 | dir=in | app=c:\robins kram\programme\s.t.a.l.k.e.r. - shadow of chernobyl\bin\dedicated\xr_3da.exe |
"{F94C4ADC-B3F4-43BA-BA87-5EE80A45437F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FEE316B3-6CF0-4DF0-8B69-6EEB17B987A4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FEEEAD85-EC5B-4633-A88E-0170FD01B981}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"TCP Query User{2377AE21-90A6-41BC-8F05-19A028F8ED89}C:\robins kram\programme\half-life\hl.exe" = protocol=6 | dir=in | app=c:\robins kram\programme\half-life\hl.exe |
"TCP Query User{28B58FDF-1761-4ABF-BFF1-C8FE76BA8225}C:\program files\t-online\t-online_software_6\browser\dlman.exe" = protocol=6 | dir=in | app=c:\program files\t-online\t-online_software_6\browser\dlman.exe |
"TCP Query User{398841A1-EBE6-4D61-B700-29DBB4C7590A}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{69E349FF-7E5E-4887-8586-D5DA20D99FCA}C:\robins kram\programme\last.fm\lastfm.exe" = protocol=6 | dir=in | app=c:\robins kram\programme\last.fm\lastfm.exe |
"TCP Query User{9AB9861A-A178-4EE0-B744-E25DF2B68043}C:\program files\t-online\t-online_software_6\browser\browser.exe" = protocol=6 | dir=in | app=c:\program files\t-online\t-online_software_6\browser\browser.exe |
"TCP Query User{A7A9D87D-5634-4AA9-B1F3-5B99A195CFF1}C:\robins kram\programme\steam\steamapps\ausgefuchst\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\robins kram\programme\steam\steamapps\ausgefuchst\team fortress 2\hl2.exe |
"TCP Query User{A9E37D5B-7240-4355-99AE-1B5F62E99A8D}C:\robins kram\programme\icq6\icq.exe" = protocol=6 | dir=in | app=c:\robins kram\programme\icq6\icq.exe |
"UDP Query User{0CC0D8D7-E56C-4E99-9DC7-5FAA9A8545BC}C:\robins kram\programme\steam\steamapps\ausgefuchst\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\robins kram\programme\steam\steamapps\ausgefuchst\team fortress 2\hl2.exe |
"UDP Query User{20263798-396D-420F-9E28-0AC10F567E57}C:\robins kram\programme\half-life\hl.exe" = protocol=17 | dir=in | app=c:\robins kram\programme\half-life\hl.exe |
"UDP Query User{335EB541-96B2-4106-9568-D4F7BB83EF0F}C:\program files\t-online\t-online_software_6\browser\dlman.exe" = protocol=17 | dir=in | app=c:\program files\t-online\t-online_software_6\browser\dlman.exe |
"UDP Query User{99BB557D-F5AA-4180-9304-06087F7C1158}C:\robins kram\programme\last.fm\lastfm.exe" = protocol=17 | dir=in | app=c:\robins kram\programme\last.fm\lastfm.exe |
"UDP Query User{AE9B8123-F57B-4AF0-8CAC-9F7019947198}C:\program files\t-online\t-online_software_6\browser\browser.exe" = protocol=17 | dir=in | app=c:\program files\t-online\t-online_software_6\browser\browser.exe |
"UDP Query User{EBA6AF67-E215-41D9-96B8-D8429FF7D67C}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{FD81581F-B719-465B-A40D-D0E1D305B411}C:\robins kram\programme\icq6\icq.exe" = protocol=17 | dir=in | app=c:\robins kram\programme\icq6\icq.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00040407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0DAA5653-60D4-44C1-AD10-EC7D4FA4D820}" = Intel(R) Viiv(TM) Software
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 17
"{27FDF949-69CE-435A-8372-339F72336AC5}" = MEDIONbox
"{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy
"{3CEA4CA8-CDD4-451C-B673-E8F17BE01B15}" = Ulead COOL 360 1.0
"{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}" = Ulead VideoStudio 7 SE VCD
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.12.0
"{81AB1374-098A-43CB-BE57-31CEB5EB1031}" = Nero 7 Essentials
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB61E316-F10B-43eb-B47F-42095835F9CC}" = C3100
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D271DAE0-8D68-4C97-8356-A126D48A1D8C}" = Ulead Photo Explorer 8.0 SE Basic
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe Shockwave Player" = Adobe Shockwave Player
"AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DeInst_d2vexcrdTop50 Viewer (Build 1.0.5.388)" = Top50 Viewer
"Free Windows Registry Cleaner_is1" = Free Windows Registry Cleaner 1.1
"FreePDF_XP" = FreePDF (Remove only)
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"GPL Ghostscript 8.71" = GPL Ghostscript 8.71
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"Intel(R) Configuration Center" = Intel(R) Viiv(TM) Software
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NVIDIA Drivers" = NVIDIA Drivers
"ODBC" = ODBC
"PROSetDX" = Intel(R) PRO Network Connections 12.1.12.0
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"TextMaker Viewer" = TextMaker Viewer
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR archiver
"WinSkat Pro 4.17" = WinSkat Pro Version 4.17

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 14.05.2010 09:13:40 | Computer Name = Fuechse-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung MsiExec.exe, Version 4.5.6002.18005, Zeitstempel
0x49e01c42, fehlerhaftes Modul QuickTime.qts_unloaded, Version 0.0.0.0, Zeitstempel
0x4ba1b0eb, Ausnahmecode 0xc0000005, Fehleroffset 0x65a1bb69, Prozess-ID 0x1608,
Anwendungsstartzeit 01caf36734cf21b8.

Error - 14.05.2010 09:13:45 | Computer Name = Fuechse-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\QuickTime\QuickTimePlayer.exe".
Die
abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 14.05.2010 09:14:09 | Computer Name = Fuechse-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung apdproxy.exe, Version 4.5.0.20477, Zeitstempel
0x46cea985, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
Ausnahmecode 0xc0000005, Fehleroffset 0x00066796, Prozess-ID 0x4c0, Anwendungsstartzeit
01caf3653a315088.

Error - 14.05.2010 09:22:06 | Computer Name = Fuechse-PC | Source = VSS | ID = 8194
Description =

Error - 14.05.2010 10:03:47 | Computer Name = Fuechse-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 14.05.2010 10:03:48 | Computer Name = Fuechse-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 14.05.2010 10:35:20 | Computer Name = Fuechse-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 1.5.13.0, Zeitstempel
0x458d61a6, fehlerhaftes Modul NMIndexStoreSvr.exe, Version 1.5.13.0, Zeitstempel
0x458d61a6, Ausnahmecode 0xc0000005, Fehleroffset 0x0001bf03, Prozess-ID 0x1694,
Anwendungsstartzeit 01caf372adb4aea8.

Error - 14.05.2010 10:42:00 | Computer Name = Fuechse-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 1.5.13.0, Zeitstempel
0x458d61a6, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
Ausnahmecode 0xc0000005, Fehleroffset 0x00048b02, Prozess-ID 0x14c8, Anwendungsstartzeit
01caf3739c4252c8.

Error - 14.05.2010 10:44:40 | Computer Name = Fuechse-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 1.5.13.0, Zeitstempel
0x458d61a6, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821,
Ausnahmecode 0xc0000005, Fehleroffset 0x00048b02, Prozess-ID 0x15c8, Anwendungsstartzeit
01caf373fbac49a8.

Error - 14.05.2010 11:24:58 | Computer Name = Fuechse-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NMIndexStoreSvr.exe, Version 1.5.13.0, Zeitstempel
0x458d61a6, fehlerhaftes Modul NMIndexStoreSvr.exe, Version 1.5.13.0, Zeitstempel
0x458d61a6, Ausnahmecode 0xc0000005, Fehleroffset 0x0001bf03, Prozess-ID 0x12f8,
Anwendungsstartzeit 01caf3799cde460f.

[ Media Center Events ]
Error - 16.04.2008 11:27:37 | Computer Name = Fuechse-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight
gescheitert.

[ System Events ]
Error - 13.05.2010 05:01:55 | Computer Name = Fuechse-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 13.05.2010 12:30:46 | Computer Name = Fuechse-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 13.05.2010 13:04:23 | Computer Name = Fuechse-PC | Source = DCOM | ID = 10010
Description =

Error - 13.05.2010 13:05:23 | Computer Name = Fuechse-PC | Source = DCOM | ID = 10010
Description =

Error - 14.05.2010 04:34:28 | Computer Name = Fuechse-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 14.05.2010 09:00:56 | Computer Name = Fuechse-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 14.05.2010 09:02:47 | Computer Name = Fuechse-PC | Source = Service Control Manager | ID = 7006
Description =

Error - 14.05.2010 09:17:50 | Computer Name = Fuechse-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.

Error - 14.05.2010 10:50:39 | Computer Name = Fuechse-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 14.05.2010 11:15:07 | Computer Name = Fuechse-PC | Source = Service Control Manager | ID = 7022
Description =


< End of report >
__________________
 

Themen zu PC langsam\Gnabtray.exe?\CCUTRAYICON? +logfile
adobe, alert, antivir, antivir guard, avg, avira, bho, defender, desktop, downloader, google, gupdate, hijack, hijackthis, home, home premium, internet, internet explorer, langsam, logfile, photoshop, plug-in, rundll, server, software, spyware, super, tracker, vista, windows


« Ich kann mich nirgend mehr anmelden... | Cpu Auslastung unter win 7 zu hoch »


Ähnliche Themen: PC langsam\Gnabtray.exe?\CCUTRAYICON? +logfile


  1. Windows 7 langsam - OTL Logfile
    Log-Analyse und Auswertung - 28.07.2015 (5)
  2. Laptop wird unertraeglich langsam - Logfile
    Log-Analyse und Auswertung - 02.03.2012 (1)
  3. Logfile Auswertung..Latop extrem langsam
    Log-Analyse und Auswertung - 10.01.2011 (8)
  4. OTL Logfile auswerten - Internetverbindung langsam !
    Log-Analyse und Auswertung - 10.12.2010 (13)
  5. auswertung von HJT-Logfile (PC langsam)
    Log-Analyse und Auswertung - 04.10.2010 (0)
  6. Rechner langsam, Hijackthis Logfile
    Log-Analyse und Auswertung - 11.02.2010 (1)
  7. Rechner ungewohnt langsam. Virus? [HJT-Logfile]
    Log-Analyse und Auswertung - 02.02.2010 (1)
  8. Internet sehr langsam - HijackThis Logfile
    Log-Analyse und Auswertung - 03.08.2009 (19)
  9. Pc Langsam Logfile bitte mal anschauen
    Log-Analyse und Auswertung - 13.07.2009 (1)
  10. LogFile 2009.02 - Internet sehr langsam
    Log-Analyse und Auswertung - 05.02.2009 (0)
  11. Hijack-logfile....pc langsam
    Log-Analyse und Auswertung - 06.06.2008 (9)
  12. Logfile, mein PC is manchmal langsam o.0
    Mülltonne - 16.12.2007 (1)
  13. PC langsam, sauberes Logfile?
    Log-Analyse und Auswertung - 11.09.2007 (3)
  14. Bitte um Logfile-Auswertung - Pc Langsam
    Log-Analyse und Auswertung - 21.04.2007 (7)
  15. HiJackThis LogFile, Browser langsam
    Log-Analyse und Auswertung - 08.01.2007 (3)
  16. Mein Logfile... I-Net zu langsam, PC Bootet neu
    Log-Analyse und Auswertung - 09.12.2005 (12)
  17. Logfile - Pc langsam
    Log-Analyse und Auswertung - 24.05.2005 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema PC langsam\Gnabtray.exe?\CCUTRAYICON? +logfile - Erstmal danke für die schnelle antwort :-) Hier siond die drei Logs. Malwarebytes' Anti-Malware 1.46 Malwarebytes Datenbank Version: 4101 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 14.05.2010 20:39:45 mbam-log-2010-05-14 - PC langsam\Gnabtray.exe?\CCUTRAYICON? +logfile...
Archiv
Du betrachtest: PC langsam\Gnabtray.exe?\CCUTRAYICON? +logfile auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131