|
Alles rund um Windows: Ein Rechner im Netzwerk hat langsame Internetverbindung, andere Rechner sind okayWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
15.02.2011, 17:41 | #1 |
| Problem: Ein Rechner im Netzwerk hat langsame Internetverbindung, andere Rechner sind okay Hallo, seht mir bitte nach, wenn der Titel des Beitrags des etwas komisch klingt. Ich wusste es nicht besser auszudrücken. Das Problem: Ich habe in meinem Heimnetzwerk 3 PCs und 2 Notebooks im Einsatz. Bei genau einem Rechner ist die Internetverbindung jedoch sehr langsam, bei allen anderen Rechnern ist sie der DSL 2000 Leitung entsprechend auf dem Maximum. Der betroffene, langsame Rechner hat Windows 7 64bit installiert, die anderen Rechner haben 2 x Windows 7, 1x Windows XP SP2 und einmal Windows Vista. Was habe ich bisher gemacht: Mein Hauptarbeitsrechner ist beim Zugriff auf das Internet sehr langsam. Ich habe nun diverse Geschwindigkeitstests durchgeführt, um das "objektiv" zu überprüfen, z. B. w*w.speedmeter.de oder w*w.internetgeschwindigkeit.net. Alle kommen zu dem Ergebnis, dass der langsame Rechner nur etwa 1 mbit Download Geschwindigkeit hat und alle anderen Rechner ungefähr die vollen 2 mbit. Die Tests habe ich mehrmals druchgeführt auch zu unterschiedlichen Zeiten. Das Resultat war das Selbe. Nach längerer Suche im Internet bin ich bisher über keine Lösung gestolpert, die das Problem behebt. Könnte ein Schädling die Ursache sein, dass nur der eine Rechner langsam ist? Ach ja, der Rechner lief vor einigen Wochen noch völlig normal, d.h. Internet mit voller Geschwindigkeit. Wann genau der Internetzugriff langsam wurde, kann ich leider nicht mehr genau sagen. es wäre toll, wenn ihr ein paar Tipps habe und mir helfen könnt. Ich poste gleich die Logs aus Mbam und OTL. Danke webseal Geändert von webseal (15.02.2011 um 17:52 Uhr) |
15.02.2011, 17:45 | #2 |
| Ein Rechner im Netzwerk hat langsame Internetverbindung, andere Rechner sind okay Anleitung / Hilfe Ich habe die Anleitung für die Hilfesuchenden befolgt und folgende Logfiles erhalten:
__________________MBAM: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 5768 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 15.02.2011 17:14:14 mbam-log-2011-02-15 (17-14-14).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 163101 Laufzeit: 2 Minute(n), 33 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
15.02.2011, 17:47 | #3 |
| Ein Rechner im Netzwerk hat langsame Internetverbindung, andere Rechner sind okay Details OTL.txtOTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 15.02.2011 17:16:20 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\ampersand\Desktop\MFTools 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 77,00% Memory free 16,00 Gb Paging File | 14,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): c:\pagefile.sys 8190 14000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,65 Gb Total Space | 12,73 Gb Free Space | 13,04% Space Free | Partition Type: NTFS Drive D: | 244,14 Gb Total Space | 198,31 Gb Free Space | 81,23% Space Free | Partition Type: NTFS Drive E: | 244,14 Gb Total Space | 128,94 Gb Free Space | 52,81% Space Free | Partition Type: NTFS Drive F: | 345,56 Gb Total Space | 298,21 Gb Free Space | 86,30% Space Free | Partition Type: NTFS Computer Name: ZIGZAG4 | User Name: ampersand | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.02.15 16:56:01 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\ampersand\Desktop\MFTools\OTL.exe PRC - [2010.12.09 08:31:02 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2010.11.17 10:27:55 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2010.08.02 16:09:38 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2010.08.02 16:09:32 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.06.17 21:56:44 | 000,370,176 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe PRC - [2009.12.20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) -- E:\Xampp\Install\xampp\mysql\bin\mysqld.exe PRC - [2009.12.20 00:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) -- E:\Xampp\Install\xampp\apache\bin\httpd.exe PRC - [2007.09.03 17:13:54 | 000,081,920 | ---- | M] (FirebirdSQL Project) -- C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe PRC - [2007.09.03 17:13:48 | 002,002,944 | ---- | M] (FirebirdSQL Project) -- C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbserver.exe PRC - [2007.04.09 12:32:32 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CtHelper.exe ========== Modules (SafeList) ========== MOD - [2011.02.15 16:56:01 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\ampersand\Desktop\MFTools\OTL.exe MOD - [2011.01.14 12:12:08 | 000,285,480 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll MOD - [2010.12.21 06:34:12 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll MOD - [2010.11.17 14:30:35 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2009.12.29 07:55:34 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2009.07.14 02:16:20 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll MOD - [2009.07.14 02:16:19 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WMASF.DLL MOD - [2009.07.14 02:16:19 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll MOD - [2009.07.14 02:16:19 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll MOD - [2009.07.14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009.07.14 02:16:14 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shunimpl.dll MOD - [2009.07.14 02:16:12 | 002,504,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WMVCORE.DLL MOD - [2009.07.14 02:16:12 | 000,547,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll MOD - [2009.07.14 02:16:11 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll MOD - [2009.07.14 02:15:44 | 002,340,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll MOD - [2009.07.14 02:15:42 | 000,481,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2009.07.14 02:15:33 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2009.07.14 02:15:14 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorAPI.dll MOD - [2009.07.14 02:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll MOD - [2009.07.14 02:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll MOD - [2009.07.14 02:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll MOD - [2009.07.14 02:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll MOD - [2009.07.14 02:14:57 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\audiodev.dll MOD - [2009.07.14 02:14:52 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcSpecfc.dll MOD - [2009.07.14 02:14:51 | 000,559,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll MOD - [2009.07.14 02:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll MOD - [2009.06.10 22:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.01.19 19:58:23 | 002,466,032 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV:64bit: - [2009.07.28 16:10:48 | 000,088,888 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL) SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2011.01.07 16:12:24 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.12.09 08:31:02 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.08.02 16:09:38 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.12.20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) [Auto | Running] -- E:\Xampp\Install\xampp\mysql\bin\mysqld.exe -- (MySQL) SRV - [2009.12.20 00:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) [Auto | Running] -- E:\Xampp\Install\xampp\apache\bin\httpd.exe -- (Apache2.2) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007.09.03 17:13:54 | 000,081,920 | ---- | M] (FirebirdSQL Project) [Auto | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance) SRV - [2007.09.03 17:13:48 | 002,002,944 | ---- | M] (FirebirdSQL Project) [On_Demand | Running] -- C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbserver.exe -- (FirebirdServerDefaultInstance) ========== Driver Services (SafeList) ========== DRV:64bit: - [2010.11.26 08:34:49 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2010.08.02 16:09:46 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2010.04.03 10:30:40 | 000,313,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0150.sys -- (RsFx0150) DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2007.04.12 08:10:28 | 000,151,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\COMMONFX.DLL -- (COMMONFX.DLL) DRV:64bit: - [2007.04.10 06:07:54 | 000,580,904 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k) DRV:64bit: - [2007.04.10 04:41:54 | 000,295,208 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP17v2k.sys -- (hap17v2k) DRV:64bit: - [2007.04.10 04:41:20 | 000,259,880 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\haP16v2k.sys -- (hap16v2k) DRV:64bit: - [2007.04.10 04:40:24 | 001,359,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha10kx2k.sys -- (ha10kx2k) DRV:64bit: - [2007.04.10 04:39:48 | 000,147,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia) DRV:64bit: - [2007.04.10 04:38:40 | 000,290,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k) DRV:64bit: - [2007.04.10 04:38:10 | 000,017,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k) DRV:64bit: - [2007.04.10 04:37:36 | 000,218,408 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv) DRV:64bit: - [2007.04.10 04:35:28 | 000,863,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM) DRV:64bit: - [2007.04.10 04:17:22 | 000,123,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTHWIUT.DLL -- (CTHWIUT.DLL) DRV:64bit: - [2007.04.10 04:17:00 | 000,252,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CT20XUT.DLL -- (CT20XUT.DLL) DRV:64bit: - [2007.04.10 04:16:20 | 001,571,112 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEXFIFX.DLL -- (CTEXFIFX.DLL) DRV:64bit: - [2007.04.10 04:15:44 | 000,363,304 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPSY.DLL -- (CTEDSPSY.DLL) DRV:64bit: - [2007.04.10 04:15:10 | 000,190,248 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPIO.DLL -- (CTEDSPIO.DLL) DRV:64bit: - [2007.04.10 04:14:28 | 000,142,120 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTERFXFX.DLL -- (CTERFXFX.DLL) DRV:64bit: - [2007.04.10 04:13:38 | 000,321,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPFX.DLL -- (CTEDSPFX.DLL) DRV:64bit: - [2007.04.10 04:13:08 | 000,219,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEAPSFX.DLL -- (CTEAPSFX.DLL) DRV:64bit: - [2007.04.10 04:12:22 | 000,681,256 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\CTSBLFX.DLL -- (CTSBLFX.DLL) DRV:64bit: - [2007.04.10 04:11:46 | 000,700,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\CTAUDFX.DLL -- (CTAUDFX.DLL) DRV - [2009.04.23 11:02:20 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\SSPORT.SYS -- (SSPORT) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ig?hl=de&ie=UTF-8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.02.01 17:49:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.10 09:07:06 | 000,000,000 | ---D | M] [2011.02.01 17:52:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ampersand\AppData\Roaming\mozilla\Extensions [2010.11.17 09:55:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ampersand\AppData\Roaming\mozilla\Firefox\Profiles\h7liqix6.default\extensions [2010.11.17 09:55:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ampersand\AppData\Roaming\mozilla\Firefox\Profiles\h7liqix6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.02.01 17:48:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll (TechSmith Corporation) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.) O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation) O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll () O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll () O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll () O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4:64bit: - HKLM..\Run: [AsioReg] File not found O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CTHelper] C:\Windows\SysWow64\CtHelper.exe (Creative Technology Ltd) O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd) O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~3\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~3\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~3\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: sports-premium-service.de ([fck] https in Vertrauenswürdige Sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - Reg Error: Key error. File not found O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~3\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~3\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll () O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.12.11 16:00:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Quicken 2010 Zahlungserinnerung.lnk - C:\PROGRA~3\Lexware\Quicken\2010\billmind.exe - (Lexware GmbH & Co. KG) MsConfig:64bit - StartUpFolder: C:^Users^ampersand^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FogBugz Screenshot.lnk - C:\PROGRA~3\FogBugz\SCREEN~1\SCREEN~1.EXE - (Fog Creek Software) MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: AdobeCS4ServiceManager - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: AsioThk32Reg - hkey= - key= - C:\Windows\SysWow64\regsvr32.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: FogBugz Screenshot Tool - hkey= - key= - C:\Program Files (x86)\FogBugz\Screenshot\screenshot.exe (Fog Creek Software) MsConfig:64bit - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: KeePass 2 PreLoad - hkey= - key= - e:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) MsConfig:64bit - StartUpReg: LexwareInfoService - hkey= - key= - C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Lexware GmbH & Co. KG) MsConfig:64bit - StartUpReg: Samsung PanelMgr - hkey= - key= - C:\Windows\Samsung\PanelMgr\ssmmgr.exe () MsConfig:64bit - State: "startup" - Reg Error: Key error. CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.02.15 17:10:43 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011.02.15 17:09:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT [2011.02.15 16:49:03 | 000,000,000 | ---D | C] -- C:\Users\ampersand\Desktop\MFTools [2011.02.15 16:11:13 | 000,000,000 | ---D | C] -- C:\Windows\pss [2011.02.15 16:05:27 | 000,000,000 | ---D | C] -- C:\Users\ampersand\AppData\Roaming\Malwarebytes [2011.02.15 16:05:22 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.02.15 16:05:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.02.15 16:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.02.15 16:05:18 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.02.06 00:14:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2011.02.04 15:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers [2011.02.04 15:13:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SamsungPrinterLiveUpdate [2011.02.04 15:13:49 | 000,000,000 | ---D | C] -- C:\Windows\Samsung [2011.02.04 15:13:15 | 000,151,552 | ---- | C] (SS) -- C:\Windows\SysNative\ssd2cci.exe [2011.02.04 15:13:15 | 000,089,600 | ---- | C] (SS) -- C:\Windows\SysNative\ssd2cci.dll [2011.02.04 15:12:53 | 000,074,240 | ---- | C] (Samsung Electronics) -- C:\Windows\SysNative\ssdevm64.dll [2011.02.04 15:12:53 | 000,047,104 | ---- | C] (Samsung Electronics) -- C:\Windows\SysNative\ssusbp64.dll [2011.02.04 15:12:49 | 000,081,920 | ---- | C] (Samsung Electronics) -- C:\Windows\SysWow64\ssdevm.dll [2011.02.04 15:12:49 | 000,049,152 | ---- | C] (Samsung Electronics) -- C:\Windows\SysWow64\ssusbpn.dll [2011.02.04 15:11:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung [2011.02.04 15:07:22 | 000,011,576 | ---- | C] (Samsung Electronics) -- C:\Windows\SysWow64\drivers\SSPORT.SYS [2011.02.01 17:50:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox [2011.02.01 17:45:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011.01.19 14:44:45 | 000,000,000 | ---D | C] -- C:\Users\ampersand\Documents\IISExpress [2011.01.19 14:43:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IIS Express [2011.01.19 10:40:30 | 000,000,000 | ---D | C] -- C:\ProgramData\PreEmptive Solutions [2011.01.19 10:33:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WCF RIA Services V1.0 SP1 Beta [2011.01.19 10:32:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 4 SDK [2011.01.19 10:28:36 | 000,000,000 | ---D | C] -- C:\Windows\symbols [2011.01.19 08:27:47 | 000,000,000 | ---D | C] -- C:\Windows\VS [2007.04.09 12:32:58 | 000,034,816 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll ========== Files - Modified Within 30 Days ========== [2011.02.15 17:14:03 | 000,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.02.15 17:14:03 | 000,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.02.15 17:09:45 | 000,000,641 | ---- | M] () -- C:\Users\ampersand\Desktop\NTREGOPT.lnk [2011.02.15 17:09:45 | 000,000,628 | ---- | M] () -- C:\Users\ampersand\Desktop\ERUNT.lnk [2011.02.15 17:06:51 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.02.15 17:06:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.02.15 17:06:32 | 2146,295,807 | -HS- | M] () -- C:\hiberfil.sys [2011.02.15 17:06:32 | 000,034,240 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000005-00000000-00000003-00001102-00000004-20021102}.rfx [2011.02.15 17:06:32 | 000,034,240 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000005-00000000-00000003-00001102-00000004-20021102}.rfx [2011.02.15 17:06:32 | 000,030,528 | ---- | M] () -- C:\Windows\SysNative\BMXCtrlState-{00000005-00000000-00000003-00001102-00000004-20021102}.rfx [2011.02.15 17:06:32 | 000,030,528 | ---- | M] () -- C:\Windows\SysNative\BMXBkpCtrlState-{00000005-00000000-00000003-00001102-00000004-20021102}.rfx [2011.02.15 17:06:32 | 000,011,564 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000005-00000000-00000003-00001102-00000004-20021102}.rfx [2011.02.15 16:47:54 | 000,472,080 | ---- | M] () -- C:\Users\ampersand\Desktop\Load.exe [2011.02.15 16:32:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.02.15 16:05:22 | 000,000,792 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.02.10 17:19:32 | 000,430,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.02.09 10:36:46 | 000,001,361 | ---- | M] () -- C:\Users\ampersand\Desktop\RL Kundenliste.xls.lnk [2011.02.07 13:02:57 | 000,017,149 | ---- | M] () -- C:\Users\ampersand\Desktop\hoefler2.pdf [2011.02.07 13:02:28 | 000,017,228 | ---- | M] () -- C:\Users\ampersand\Desktop\hoefler1.pdf [2011.02.07 13:02:14 | 000,017,228 | ---- | M] () -- C:\Users\ampersand\Desktop\hoefler1.php [2011.02.02 10:42:59 | 000,169,628 | ---- | M] () -- C:\Users\ampersand\Desktop\Signalplan.pdf [2011.01.30 15:47:21 | 000,171,398 | ---- | M] () -- C:\Users\ampersand\Documents\uploads.wtf [2011.01.24 14:21:43 | 000,344,633 | ---- | M] () -- C:\Users\ampersand\Desktop\24.02.png [2011.01.24 14:21:36 | 000,556,667 | ---- | M] () -- C:\Users\ampersand\Desktop\24.01.png [2011.01.24 13:58:00 | 000,001,513 | ---- | M] () -- C:\Users\ampersand\Desktop\hybrid-news - Verknüpfung.lnk [2011.01.21 15:50:18 | 000,000,043 | ---- | M] () -- C:\Users\ampersand\AppData\Roaming\TheHunterSettings_live.cfg [2011.01.19 10:52:57 | 001,811,042 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.01.19 10:52:57 | 000,775,276 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.01.19 10:52:57 | 000,729,936 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.01.19 10:52:57 | 000,177,990 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.01.19 10:52:57 | 000,150,588 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.01.19 10:52:49 | 001,811,042 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.01.18 09:05:57 | 000,001,101 | ---- | M] () -- C:\Users\ampersand\Desktop\RL - Verknüpfung.lnk ========== Files Created - No Company Name ========== [2011.02.15 17:09:45 | 000,000,641 | ---- | C] () -- C:\Users\ampersand\Desktop\NTREGOPT.lnk [2011.02.15 17:09:45 | 000,000,628 | ---- | C] () -- C:\Users\ampersand\Desktop\ERUNT.lnk [2011.02.15 16:54:56 | 000,472,080 | ---- | C] () -- C:\Users\ampersand\Desktop\Load.exe [2011.02.15 16:05:22 | 000,000,792 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.02.09 10:36:46 | 000,001,361 | ---- | C] () -- C:\Users\ampersand\Desktop\RL Kundenliste.xls.lnk [2011.02.07 13:02:57 | 000,017,149 | ---- | C] () -- C:\Users\ampersand\Desktop\hoefler2.pdf [2011.02.07 13:02:28 | 000,017,228 | ---- | C] () -- C:\Users\ampersand\Desktop\hoefler1.pdf [2011.02.07 13:02:14 | 000,017,228 | ---- | C] () -- C:\Users\ampersand\Desktop\hoefler1.php [2011.02.04 15:13:50 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe [2011.02.04 15:13:35 | 000,027,648 | ---- | C] () -- C:\Windows\SysNative\ssd2cl6.dll [2011.02.04 15:13:35 | 000,000,357 | ---- | C] () -- C:\Windows\SysNative\ssd2cl6.smt [2011.02.04 15:11:52 | 000,133,757 | ---- | C] () -- C:\Windows\SmartCMS2.ico [2011.02.04 15:11:52 | 000,011,502 | ---- | C] () -- C:\Windows\Dr. Printer Icon.ico [2011.02.04 15:11:52 | 000,005,430 | ---- | C] () -- C:\Windows\AnyWeb Print.ico [2011.02.02 10:42:59 | 000,169,628 | ---- | C] () -- C:\Users\ampersand\Desktop\Signalplan.pdf [2011.01.30 15:47:15 | 000,171,398 | ---- | C] () -- C:\Users\ampersand\Documents\uploads.wtf [2011.01.24 14:05:06 | 000,556,667 | ---- | C] () -- C:\Users\ampersand\Desktop\24.01.png [2011.01.24 14:03:51 | 000,344,633 | ---- | C] () -- C:\Users\ampersand\Desktop\24.02.png [2011.01.24 13:58:00 | 000,001,513 | ---- | C] () -- C:\Users\ampersand\Desktop\hybrid-news - Verknüpfung.lnk [2011.01.18 09:05:57 | 000,001,101 | ---- | C] () -- C:\Users\ampersand\Desktop\RL - Verknüpfung.lnk [2010.12.22 14:33:27 | 000,003,273 | ---- | C] () -- C:\Windows\scenelib24.ini [2010.11.23 10:17:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.11.20 10:06:49 | 000,000,777 | ---- | C] () -- C:\Windows\ODBCINST.INI [2010.11.19 17:17:42 | 000,000,043 | ---- | C] () -- C:\Users\ampersand\AppData\Roaming\TheHunterSettings_live.cfg [2010.11.19 09:30:54 | 000,000,660 | ---- | C] () -- C:\Windows\ODBC.INI [2010.11.17 16:05:52 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\lpng.dll [2010.11.17 14:12:13 | 001,811,042 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.11.17 13:12:07 | 000,000,416 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010.11.17 13:12:02 | 000,014,496 | ---- | C] () -- C:\Windows\HL-5240.INI [2010.11.17 13:12:02 | 000,000,151 | ---- | C] () -- C:\Windows\BRVIDEO.INI [2010.11.17 13:12:02 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\brlmw03a.ini [2010.11.17 13:12:02 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini [2010.11.17 13:11:12 | 000,000,091 | ---- | C] () -- C:\Windows\Brownie.ini [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.02.02 20:10:14 | 000,303,104 | ---- | C] () -- C:\Windows\SysWow64\dnt27VC8.dll [2009.02.02 20:08:36 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\dntvmc27VC8.dll [2009.02.02 20:08:22 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dntvm27VC8.dll [2007.04.12 08:10:28 | 000,105,728 | ---- | C] () -- C:\Windows\SysWow64\APOMgrH.dll [2007.04.09 12:55:14 | 000,097,785 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini [2007.04.09 12:55:14 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini [2007.04.09 12:33:50 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CTBurst.dll [2006.10.02 09:25:18 | 000,000,307 | ---- | C] () -- C:\Windows\SysWow64\kill.ini [2005.06.16 10:17:16 | 000,071,680 | ---- | C] () -- C:\Windows\SysWow64\ctmmactl.dll ========== LOP Check ========== [2010.11.17 13:18:25 | 000,000,000 | ---D | M] -- C:\Users\ampersand\AppData\Roaming\AceBIT [2010.11.22 13:16:14 | 000,000,000 | ---D | M] -- C:\Users\ampersand\AppData\Roaming\CodeRush for VS .NET [2010.11.18 09:34:10 | 000,000,000 | ---D | M] -- C:\Users\ampersand\AppData\Roaming\DataDesign [2010.11.22 15:22:58 | 000,000,000 | ---D | M] -- C:\Users\ampersand\AppData\Roaming\Eziriz [2010.12.08 11:42:15 | 000,000,000 | ---D | M] -- C:\Users\ampersand\AppData\Roaming\FinalBuilder6 [2010.12.10 10:48:57 | 000,000,000 | ---D | M] -- C:\Users\ampersand\AppData\Roaming\FRITZ! [2010.12.02 14:54:53 | 000,000,000 | ---D | M] -- C:\Users\ampersand\AppData\Roaming\ISTool [2011.02.15 09:41:54 | 000,000,000 | ---D | M] -- C:\Users\ampersand\AppData\Roaming\KeePass [2010.11.18 09:29:16 | 000,000,000 | ---D | M] -- C:\Users\ampersand\AppData\Roaming\Lexware [2010.11.17 15:55:22 | 000,000,000 | ---D | M] -- C:\Users\ampersand\AppData\Roaming\Subversion [2011.01.04 10:04:00 | 000,000,000 | ---D | M] -- C:\Users\ampersand\AppData\Roaming\SuperMailer [2010.11.18 09:14:19 | 000,000,000 | ---D | M] -- C:\Users\ampersand\AppData\Roaming\Trillian [2011.02.10 09:37:57 | 000,000,000 | ---D | M] -- C:\Users\ampersand\AppData\Roaming\WinTrack [2009.07.14 06:08:49 | 000,031,374 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2010.12.21 14:41:44 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2008.12.12 17:21:06 | 000,000,000 | ---D | M] -- C:\Advanced Wheel Mouse [2010.11.17 08:01:13 | 000,000,000 | -HSD | M] -- C:\Boot [2009.09.30 08:11:14 | 000,000,000 | ---D | M] -- C:\Company [2011.02.10 17:15:07 | 000,000,000 | ---D | M] -- C:\Config.Msi [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2010.05.05 08:02:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen [2008.12.11 17:17:37 | 000,000,000 | ---D | M] -- C:\Intel [2008.12.11 22:51:08 | 000,000,000 | RH-D | M] -- C:\MSOCache [2009.09.22 09:22:28 | 000,000,000 | ---D | M] -- C:\NVIDIA [2010.12.02 10:26:43 | 000,000,000 | ---D | M] -- C:\PerfLogs [2011.01.13 12:07:38 | 000,000,000 | R--D | M] -- C:\Programme [2011.02.06 00:14:39 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2011.02.15 16:05:21 | 000,000,000 | -H-D | M] -- C:\ProgramData [2010.11.18 10:59:22 | 000,000,000 | ---D | M] -- C:\Programme [2010.11.22 13:47:59 | 000,000,000 | R--D | M] -- C:\ProgrammeOld [2010.11.17 08:24:34 | 000,000,000 | -HSD | M] -- C:\Recovery [2008.12.11 21:23:52 | 000,000,000 | -HSD | M] -- C:\RECYCLER [2011.02.15 17:17:10 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2010.04.12 08:21:23 | 000,000,000 | ---D | M] -- C:\Temp [2010.11.17 09:56:34 | 000,000,000 | R--D | M] -- C:\Users [2011.02.15 17:10:43 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: EXPLORER.EXE > [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe [2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: USERINIT.EXE > [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe [2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe [2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < End of report > |
15.02.2011, 17:48 | #4 |
| Lösung: Ein Rechner im Netzwerk hat langsame Internetverbindung, andere Rechner sind okay Extras.txtOTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 15.02.2011 17:16:20 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\ampersand\Desktop\MFTools 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 77,00% Memory free 16,00 Gb Paging File | 14,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): c:\pagefile.sys 8190 14000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,65 Gb Total Space | 12,73 Gb Free Space | 13,04% Space Free | Partition Type: NTFS Drive D: | 244,14 Gb Total Space | 198,31 Gb Free Space | 81,23% Space Free | Partition Type: NTFS Drive E: | 244,14 Gb Total Space | 128,94 Gb Free Space | 52,81% Space Free | Partition Type: NTFS Drive F: | 345,56 Gb Total Space | 298,21 Gb Free Space | 86,30% Space Free | Partition Type: NTFS Computer Name: ZIGZAG4 | User Name: ampersand | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~3\MICROS~1\Office12\ONENOTE.EXE "%L" File not found Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~3\MICROS~1\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64) "{0B4D413C-9E19-4087-AA21-D7BD1A9B3075}" = SQL Server 2008 R2 Common Files "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool "{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU "{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) "{236286C4-3C28-4275-9756-0013EB4D3423}" = SQL Server 2008 R2 Reporting Services "{2453DBC8-ACC4-4711-BD03-0C15353AA3D8}" = SQL Server 2008 R2 Reporting Services "{24BB9353-944E-46BC-BBA8-B8F83E8DBB51}" = Microsoft SQL Server 2008 R2-Setup (Deutsch) "{2D5D9603-22CF-4B99-83F6-0CD20330F62E}" = FRITZ!DSL64 "{307BFD68-0886-47AD-B461-5607F63B8B42}" = Microsoft Web Platform Installer 3.0 "{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}" = SQL Server 2008 R2 Common Files "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{440668AA-7524-40DB-966A-60BE535E1B3F}" = SQL Server 2008 R2 Database Engine Services "{45D7270A-B929-4D67-B176-ABC81161B8ED}" = SQL Server 2008 R2 Database Engine Shared "{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64) "{639673E9-D53F-44F4-A046-485C8A6ADA16}" = Paint.NET v3.5.6 "{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English "{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup "{72AB7E6F-BC24-481E-8C45-1AB5B3DD795D}" = SQL Server 2008 R2 Management Studio "{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64) "{88BAE373-00F4-3E33-828F-96E89E5E0CB9}" = Microsoft Visual Studio 2010 IntelliTrace Collection (x64) "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8E4B6E39-A0A8-4AFD-91C7-56421C194C29}" = TortoiseSVN 1.6.11.20210 (64 bit) "{8FF0ACBD-17A5-3637-95F4-D7C69723E2BF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9DFA5914-C275-42E0-810E-C88E46A7F9EA}" = SQL Server 2008 R2 Full text search "{A2122A9C-A699-4365-ADF8-68FEAC125D61}" = SQL Server 2008 R2 Database Engine Shared "{B02FC165-1CEC-339D-AF68-CB7E1AF4A6A5}" = Microsoft Visual Studio 2010 Office Developer Tools (x64) "{b1238c5d-4913-438e-889b-dcbecea68228}.sdb" = FinalBuilder 6 Vista Compatibility "{BB57A765-FFFE-498B-8C1E-6C9CE2AB92BA}" = Microsoft SQL Server 2008 R2 RsFx Driver "{C66556CF-C671-36D6-BC9A-330FB2A6A007}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.31118 "{CB0FD760-C6C6-3AF6-AD18-FE3B3B78727D}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "{CB95CD7D-FDCC-449A-86AE-67C257745A0B}" = Microsoft SQL Server 2008 R2 Native Client "{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 "{D49B01F1-79D6-4448-916E-152832EC3B64}" = SQL Server 2008 R2 Management Studio "{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU "{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64) "{DF50821A-058F-319E-9AF9-9CC418C2E0A0}" = Microsoft Help Viewer 1.1 "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}" = Sql Server Customer Experience Improvement Program "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FBBA9369-3A6B-4EE3-9C53-DA0D29C2FC95}" = Microsoft SQL Server VSS Writer "{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = SQL Server 2008 R2 Database Engine Services "{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1 "Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 (64-Bit) "Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 (64-Bit) "Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU "Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "Redirection Port Monitor" = RedMon - Redirection Port Monitor [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ".NET Reactor" = .NET Reactor "{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{05855322-BE43-41FE-B583-D3AE0C326D58}" = Microsoft Silverlight 4 SDK "{07A3A1C2-FC0D-3D8B-B667-19C4C48BC5D4}" = Microsoft Visual Studio 2010 SharePoint Developer Tools "{07EF3970-F8E5-4A27-A5A3-230484D35026}" = Microsoft Expression Encoder 4 "{08D605B4-DCD1-451F-ABD7-52E6BB868E4E}" = Microsoft Expression Design 4 "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1 "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU "{1336F674-3182-320E-9874-30BD246E0251}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.31118 "{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup "{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools "{159C8CD4-F780-49F7-B1A2-C12E85DCE959}_is1" = FinalBuilder 6.3.0.2172 "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1AA5BD63-6614-44B2-88A7-605191EDB835}" = Dotfuscator Software Services - Community Edition "{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{256E7DAC-9BE8-494E-8DE7-7857BF96B774}" = Microsoft Expression Blend 3 SDK "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23 "{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types "{2DDCCEA5-2AA4-4ABB-BCAD-41BB115A4333}" = Microsoft Silverlight 4 Toolkit April 2010 "{2F0DA0A1-281D-482D-A1DE-1DA443B6A430}" = Web Development Helper "{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2 "{32DC2E19-15E6-4AF6-B4FD-52C9CC3FF59A}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project "{3888A22E-1A9E-4DBE-A93B-42385141F37D}" = Microsoft SQL Server Compact 3.5 SP2 Query Tools DEU "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU "{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C6D5779-A766-45DF-9938-D6F595A66F2B}" = Microsoft Expression Blend 4 "{4C9E7EA5-9A3F-4C54-9038-EBB4CF25C29D}" = Quicken 2010 - Servicepack 5 "{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects "{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{4F8AFA74-1562-4980-8B87-8C07E8DE8FAF}" = Quicken 2010 "{50ABF86D-0BDB-31AD-97FD-E8A55564EBF9}" = Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU "{51051697-1E8A-4634-A9D4-C485B8C4B163}" = PostKIT "{53AF9DC2-DA7A-43CE-82A8-F60ACAC851E9}" = Microsoft SharedView "{558358E5-E4F3-4374-BA1D-26FF39EF87D9}" = Microsoft Silverlight 4 Tools for Visual Studio 2010 "{59624372-3B85-47f4-9B04-4911E551DF1E}" = Lexware Info Service "{59997DD7-9434-4D44-8DFA-26EB87DD96A1}" = WISE-FTP 6 "{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}" = Snagit 9.1.3 "{5EE6E987-1B79-4A93-832B-27472C7D1579}" = WPF Toolkit February 2010 (Version 3.5.50211.1) "{5F8D931D-B230-47F3-A9C0-0C8CA459A332}" = Microsoft Expression Web 4 "{6217A68F-02FF-46DE-BD62-C646FD07EF2C}" = WCF RIA Services V1.0 SP1 Beta "{6732AE9F-CE1A-4DC7-A18D-A23CAA99724C}" = .NET Reactor "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{6C35CAC7-27C9-4CB0-BBB8-CBF9994215DA}" = Lexware online banking "{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{739CBBD2-CC1B-4D61-BD95-C3CB50A487BF}" = IntelliLock "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78033A38-50E2-4A65-823F-C1B34DF9FE41}" = Microsoft SQL Server 2008 R2-Richtlinien "{7DA9F24A-CEC3-426E-BFFA-ADB94D922463}" = Quicken Import Export Server 2010 "{8343C2D8-09DF-38B3-9D1A-A26148918E45}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD113A8-811A-404E-A4D7-443D014946AC}" = Microsoft SQL Server Browser "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A4-0407-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90510407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003 "{946371A9-E29E-3CA2-997C-77B8056F0FF8}" = Microsoft Visual Studio 2010 Service Pack 1 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4 "{A06FE62B-CEBC-4E94-AED8-92DCC33BC8EA}" = Microsoft Expression Studio 4 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9E12684-DD23-4D11-ACAF-6041954BCA00}_is1" = ISTool 5.3.0.1 "{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio "{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.2 - Deutsch "{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4 "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 "{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}" = Microsoft Visual Studio 2010 Ultimate - ENU "{BF127B80-CFD5-4379-9752-E8AF1A5D0141}" = Microsoft Expression Encoder 4 Screen Capture Codec "{CA206913-EE9F-495F-AD43-032E5833EE13}" = AnkhSVN 2.1.8420.8 "{CC12DCBF-D85B-45B1-9366-8C3F708B362E}" = DDBAC "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{DCFC2E2D-E4D0-4BEC-8031-A5AB3777663E}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung "{ECA50B39-24CE-4DF2-9580-363CDA54C204}" = Brother HL-5240 "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{FF5E5774-5EA2-4357-AC88-88E0CABA38AA}" = IIS 7.5 Express "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Blend_4.0.20525.0" = Microsoft Expression Blend 4 "CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX "CameraWindowLauncher" = Canon Utilities CameraWindow "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX "Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX "Design_7.0.20516.0" = Microsoft Expression Design 4 "DevExpress 2010.2 Components" = DevExpress 2010.2 Components "DevExpress 2010.2 IDETools" = DevExpress 2010.2 IDETools "Encoder_4.0.1639.0" = Microsoft Expression Encoder 4 "ENTERPRISE" = Microsoft Office Enterprise 2007 "EOS Utility" = Canon Utilities EOS Utility "ERUNT_is1" = ERUNT 1.1j "ExpressionStudio_4.0.20525.0" = Microsoft Expression Studio 4 "FBDBServer_2_0_is1" = Firebird 2.0.3 "FogBugz Screenshot_is1" = FogBugz Screenshot "FreePDF_XP" = FreePDF (Remove only) "GPL Ghostscript 9.00" = GPL Ghostscript 9.00 "Inno Setup 5_is1" = Inno Setup QuickStart Pack version 5.2.3 "Inno Setup Script Includes_is1" = ISSI Version 5.1.9.0 "InstallShield_{4F8AFA74-1562-4980-8B87-8C07E8DE8FAF}" = Quicken Deluxe 2010 "InstallShield_{51051697-1E8A-4634-A9D4-C485B8C4B163}" = PostKIT "InstallShield_{6B386834-004A-40E4-91E0-42ED28E8CC0B}" = PostKIT "IntelliLock" = IntelliLock "KeePassPasswordSafe2_is1" = KeePass Password Safe 2.13 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft Report Viewer Redistributable 2008 (KB971119)" = Microsoft Report Viewer Redistributable 2008 SP1 "Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU" = Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU "Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1 "Microsoft Visual Studio 2010 Ultimate - ENU" = Microsoft Visual Studio 2010 Ultimate - ENU "Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MyCamera" = Canon Utilities MyCamera "NLog" = NLog - Advanced .NET Logging - v1.0-Refresh "PhotoStitch" = Canon Utilities PhotoStitch "Picture Style Editor" = Canon Utilities Picture Style Editor "RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX "RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX "Samsung CLP-620 Series" = Wartung Samsung CLP-620 Series "SuperMailer_is1" = SuperMailer 5.40 "theHunter" = theHunter (remove only) "Time And Business 2011_is1" = Time & Business 2011 11.0.1.2 "Trillian" = Trillian "vShare" = vShare Plugin "WANdiscoSubversion" = WANdisco Subversion 1.6.15-1 (remove only) "Web_4.0.1165.0" = Microsoft Expression Web 4 "wintrack6_is1" = WinTrack Version 10.0 3D "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "202910120.www.microsoft.com" = Contacts "2730750066.localhost" = TabLive Application ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 08.02.2011 12:52:42 | Computer Name = ZIGZAG4 | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: devenv.exe, Version: 10.0.31118.1, Zeitstempel: 0x4ce50c95 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdbdf Ausnahmecode: 0xe0434352 Fehleroffset: 0x0000b727 ID des fehlerhaften Prozesses: 0x1418 Startzeit der fehlerhaften Anwendung: 0x01cbc7aa89fca116 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\devenv.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: d7902fcb-33a3-11e0-b957-0018380281b0 Error - 09.02.2011 14:14:28 | Computer Name = ZIGZAG4 | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Eine Zertifikatkette zu einer vertrauenswürdigen Stammzertifizierungsstelle konnte nicht aufgebaut werden. . Error - 10.02.2011 06:22:05 | Computer Name = ZIGZAG4 | Source = ASP.NET 4.0.30319.0 | ID = 1325 Description = An unhandled exception occurred and the process was terminated. Application ID: DefaultDomain Process ID: 6096 Exception: System.Runtime.InteropServices.InvalidComObjectException Message: Ein COM-Objekt, das vom zugrunde liegenden RCW getrennt wurde, kann nicht verwendet werden. StackTrace: bei System.StubHelpers.StubHelpers.GetCOMIPFromRCW(Object objSrc, IntPtr pCPCMD, Boolean& pfNeedsRelease) bei Microsoft.VisualStudio.Shell.Interop.IVsUIObject.get_Data(Object& pVar) bei Microsoft.Internal.VisualStudio.PlatformUI.Utilities.GetObjectData(IVsUIObject obj) bei Microsoft.Internal.VisualStudio.PlatformUI.DataSource.Dispose(Boolean disposing) bei Microsoft.VisualStudio.PlatformUI.CommandBars.CommandBarRootDataSource.Dispose(Boolean disposing) bei Microsoft.Internal.VisualStudio.PlatformUI.DataSource.Dispose() bei Microsoft.VisualStudio.PlatformUI.Automation.ControlCustomizer.Dispose(Boolean disposing) bei Microsoft.VisualStudio.PlatformUI.Automation.CommandBarControl.DisposeManagedResources() bei Microsoft.VisualStudio.PlatformUI.Automation.CommandBarControl.Disconnect(IVsUISimpleDataSource pSource) bei Microsoft.Internal.VisualStudio.PlatformUI.DataSource.<DisconnectEventSubscribers>b__6(UInt32 cookie, IVsUIDataSourcePropertyChangeEvents subscriber) bei Microsoft.Internal.VisualStudio.PlatformUI.CookieTable`3.ForEach(CookieTableCallback`2 callback, Boolean skipRemoved) bei Microsoft.Internal.VisualStudio.PlatformUI.DataSource.DisconnectEventSubscribers() bei Microsoft.Internal.VisualStudio.PlatformUI.DataSource.Dispose(Boolean disposing) bei Microsoft.VisualStudio.PlatformUI.CommandBars.CommandBarRootDataSource.Dispose(Boolean disposing) bei Microsoft.Internal.VisualStudio.PlatformUI.DataSource.Finalize() Error - 10.02.2011 06:22:05 | Computer Name = ZIGZAG4 | Source = .NET Runtime | ID = 1026 Description = Error - 10.02.2011 06:22:06 | Computer Name = ZIGZAG4 | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: devenv.exe, Version: 10.0.31118.1, Zeitstempel: 0x4ce50c95 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdbdf Ausnahmecode: 0xe0434352 Fehleroffset: 0x0000b727 ID des fehlerhaften Prozesses: 0x17d0 Startzeit der fehlerhaften Anwendung: 0x01cbc8f684df897f Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\devenv.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 9bd5de68-34ff-11e0-a0eb-0018380281b0 Error - 11.02.2011 05:33:41 | Computer Name = ZIGZAG4 | Source = ASP.NET 4.0.30319.0 | ID = 1325 Description = An unhandled exception occurred and the process was terminated. Application ID: DefaultDomain Process ID: 1432 Exception: System.Runtime.InteropServices.InvalidComObjectException Message: Ein COM-Objekt, das vom zugrunde liegenden RCW getrennt wurde, kann nicht verwendet werden. StackTrace: bei System.StubHelpers.StubHelpers.GetCOMIPFromRCW(Object objSrc, IntPtr pCPCMD, Boolean& pfNeedsRelease) bei Microsoft.VisualStudio.Shell.Interop.IVsUIObject.get_Data(Object& pVar) bei Microsoft.Internal.VisualStudio.PlatformUI.Utilities.GetObjectData(IVsUIObject obj) bei Microsoft.Internal.VisualStudio.PlatformUI.DataSource.Dispose(Boolean disposing) bei Microsoft.VisualStudio.PlatformUI.CommandBars.CommandBarRootDataSource.Dispose(Boolean disposing) bei Microsoft.Internal.VisualStudio.PlatformUI.DataSource.Dispose() bei Microsoft.VisualStudio.PlatformUI.Automation.ControlCustomizer.Dispose(Boolean disposing) bei Microsoft.VisualStudio.PlatformUI.Automation.CommandBarControl.DisposeManagedResources() bei Microsoft.VisualStudio.PlatformUI.Automation.CommandBarControl.Disconnect(IVsUISimpleDataSource pSource) bei Microsoft.Internal.VisualStudio.PlatformUI.DataSource.<DisconnectEventSubscribers>b__6(UInt32 cookie, IVsUIDataSourcePropertyChangeEvents subscriber) bei Microsoft.Internal.VisualStudio.PlatformUI.CookieTable`3.ForEach(CookieTableCallback`2 callback, Boolean skipRemoved) bei Microsoft.Internal.VisualStudio.PlatformUI.DataSource.DisconnectEventSubscribers() bei Microsoft.Internal.VisualStudio.PlatformUI.DataSource.Dispose(Boolean disposing) bei Microsoft.VisualStudio.PlatformUI.CommandBars.CommandBarRootDataSource.Dispose(Boolean disposing) bei Microsoft.Internal.VisualStudio.PlatformUI.DataSource.Finalize() Error - 11.02.2011 05:33:41 | Computer Name = ZIGZAG4 | Source = .NET Runtime | ID = 1026 Description = Error - 11.02.2011 05:33:41 | Computer Name = ZIGZAG4 | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: devenv.exe, Version: 10.0.31118.1, Zeitstempel: 0x4ce50c95 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdbdf Ausnahmecode: 0xe0434352 Fehleroffset: 0x0000b727 ID des fehlerhaften Prozesses: 0x598 Startzeit der fehlerhaften Anwendung: 0x01cbc9bd8b85504a Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\devenv.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 029c5ae6-35c2-11e0-a1ed-0018380281b0 Error - 15.02.2011 10:07:18 | Computer Name = ZIGZAG4 | Source = .NET Runtime | ID = 1026 Description = Error - 15.02.2011 10:07:19 | Computer Name = ZIGZAG4 | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: Blend.exe, Version: 4.0.20525.0, Zeitstempel: 0x4bfc7d45 Name des fehlerhaften Moduls: Microsoft.Expression.DesignSurface.ni.dll, Version: 4.0.20525.0, Zeitstempel: 0x4bfc7d2e Ausnahmecode: 0xc0000005 Fehleroffset: 0x0065d9f5 ID des fehlerhaften Prozesses: 0x1754 Startzeit der fehlerhaften Anwendung: 0x01cbcd12e48cc6f7 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Expression\Blend 4\Blend.exe Pfad des fehlerhaften Moduls: C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Expressio#\dbd56e5842c818ecba607034f08c670b\Microsoft.Expression.DesignSurface.ni.dll Berichtskennung: e63d71dc-390c-11e0-bd9a-0018380281b0 [ OSession Events ] Error - 05.01.2011 04:30:50 | Computer Name = ZIGZAG4 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6548.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16 seconds with 0 seconds of active time. This session ended with a crash. Error - 19.01.2011 06:26:57 | Computer Name = ZIGZAG4 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6546.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1454 seconds with 540 seconds of active time. This session ended with a crash. Error - 21.01.2011 10:07:07 | Computer Name = ZIGZAG4 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7248 seconds with 660 seconds of active time. This session ended with a crash. Error - 01.02.2011 03:48:37 | Computer Name = ZIGZAG4 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 14.02.2011 17:41:36 | Computer Name = ZIGZAG4 | Source = Service Control Manager | ID = 7024 Description = Der Dienst "Apache2.2" wurde mit folgendem dienstspezifischem Fehler beendet: %%1. Error - 15.02.2011 02:32:18 | Computer Name = ZIGZAG4 | Source = Service Control Manager | ID = 7000 Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 15.02.2011 02:32:27 | Computer Name = ZIGZAG4 | Source = Service Control Manager | ID = 7000 Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 15.02.2011 08:06:55 | Computer Name = ZIGZAG4 | Source = DCOM | ID = 10009 Description = Error - 15.02.2011 08:07:02 | Computer Name = ZIGZAG4 | Source = DCOM | ID = 10009 Description = Error - 15.02.2011 10:28:30 | Computer Name = ZIGZAG4 | Source = DCOM | ID = 10009 Description = Error - 15.02.2011 10:28:37 | Computer Name = ZIGZAG4 | Source = DCOM | ID = 10009 Description = Error - 15.02.2011 12:06:21 | Computer Name = ZIGZAG4 | Source = Service Control Manager | ID = 7024 Description = Der Dienst "Apache2.2" wurde mit folgendem dienstspezifischem Fehler beendet: %%1. Error - 15.02.2011 12:06:42 | Computer Name = ZIGZAG4 | Source = Service Control Manager | ID = 7000 Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 15.02.2011 12:06:55 | Computer Name = ZIGZAG4 | Source = Service Control Manager | ID = 7000 Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 < End of report > |
18.02.2011, 18:50 | #5 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Wie Ein Rechner im Netzwerk hat langsame Internetverbindung, andere Rechner sind okay Hallo, Zitat:
Ggf. auch mal mit diesem Tool drübergehen => http://www.chip.de/downloads/SG-TCP-..._31296373.html Hatte das bei Win7 zwar nicht nicht erlebt, dass die bandbreite beschränkt war, aber man weiß ja nie
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Ein Rechner im Netzwerk hat langsame Internetverbindung, andere Rechner sind okay |
anderen, besser, diverse, download, dsl, ergebnis, installiert, internetverbindung, langsam, lösung, mbam, netzwerk, pcs, problem, rechner, rechner langsam, schädling, sehr langsam, sp2, suche, tipps, verbindung, windows, windows 7, windows 7 64bit, windows xp, zugriff |