| |
| |||||||
Log-Analyse und Auswertung: Ich werde Rogue Residue nicht los!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
01.06.2011, 18:42
| #1 |
| |  Ich werde Rogue Residue nicht los! Hallo, Ich bin wirklich sehr mies in Computer Sachen. Seid bitte so gut und erklärt mir alles leicht verständlich. Ich habe diesen Trojaner, Virus oder was auch immer mit Malwarebytes gefunden und werde ihn nun nicht mehr los. Ich kann ihn zwar damit entfernen aber er ist schneller wieder da als ich gucken kann. Mein PC ist dadurch sehr langsam geworden und ich bekomme ständig Werbe pop ups. Jetzt habe ich wie beschrieben diesen defogger installiert und auf disable geklickt. Er hat mich aber nicht zum Neustart aufgefordert. Ich habe nun folgende log Datei auf meinem Desktop defogger_disable by jpshortstuff (23.02.10.1) Log created at 19:08 on 01/06/2011 (Susanne) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Also nicht wirklich viel und nicht sehr hilfreich. Dann habe ich dieses OTL installiert und dann folgende Dateien erhalten:OTL Logfile: Code:
ATTFilter OTL logfile created on: 01.06.2011 10:41:33 - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\****\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 46,90% Memory free 4,23 Gb Paging File | 2,59 Gb Available in Paging File | 61,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 99,18 Gb Total Space | 20,45 Gb Free Space | 20,62% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 6,09 Gb Free Space | 60,92% Space Free | Partition Type: NTFS Computer Name: LAPTOP-**** | User Name: **** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.06.01 10:39:27 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe PRC - [2011.05.10 08:39:47 | 012,594,352 | ---- | M] (Mozilla Messaging) -- C:\Programme\Mozilla Thunderbird\thunderbird.exe PRC - [2011.04.30 21:23:30 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2011.04.14 18:40:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2011.04.04 20:06:39 | 000,622,592 | ---- | M] (arrendador) -- C:\Users\****\AppData\Local\idehjefi.exe PRC - [2011.03.30 19:49:44 | 000,671,552 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe PRC - [2011.03.30 19:48:00 | 001,523,008 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe PRC - [2011.03.17 17:27:10 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2011.02.01 13:13:22 | 000,223,912 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avnotify.exe PRC - [2010.11.05 10:47:47 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008.10.24 15:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe PRC - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.19 09:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2007.03.06 22:38:28 | 000,090,112 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe PRC - [2007.03.06 22:37:30 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe ========== Modules (SafeList) ========== MOD - [2011.06.01 10:39:27 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (stllssvr) SRV - [2011.04.30 21:23:30 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.03.30 19:48:00 | 001,523,008 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2011.03.30 19:45:32 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2011.03.17 17:27:10 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010.05.07 14:36:10 | 000,092,008 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2008.10.24 15:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe -- (AAV UpdateService) SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.03.19 14:44:44 | 000,070,656 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService) SRV - [2007.03.06 22:38:28 | 000,090,112 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV) SRV - [2005.11.17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [Disabled | Stopped] -- C:\Programme\MSI\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) ========== Driver Services (SafeList) ========== DRV - [2011.03.17 17:27:13 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010.11.29 20:27:40 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2010.11.24 19:58:52 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010.07.30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010.07.30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010.07.30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010.07.30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010.07.26 13:24:46 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2010.07.26 13:24:42 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2009.06.03 00:57:34 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA) DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008.07.26 16:26:22 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2008.07.26 16:22:34 | 002,570,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI) DRV - [2007.08.29 07:55:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx) DRV - [2007.08.29 07:54:56 | 000,235,520 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev) DRV - [2007.05.18 07:09:28 | 007,111,840 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2007.03.06 22:38:52 | 000,323,584 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2007.02.25 14:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv) DRV - [2006.11.27 09:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2006.11.27 09:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006.11.27 09:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2006.11.21 14:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2006.11.02 09:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2006.11.02 09:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R) DRV - [2006.10.05 19:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Programme\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct) DRV - [2006.08.05 02:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\afc.sys -- (Afc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=1071030 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=1071030 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig" FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.13 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: foxfilter@inspiredeffect.net:7.6.2 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.12.27 11:21:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.01.02 17:53:17 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.22 17:06:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.10 22:04:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.05.10 08:39:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.01.02 17:53:17 | 000,000,000 | ---D | M] [2010.09.13 22:56:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions [2010.09.13 22:56:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2008.12.25 11:29:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2011.05.27 08:51:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\ylxh6k4q.default\extensions [2011.03.17 21:38:25 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\ylxh6k4q.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d} [2010.06.15 00:39:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\ylxh6k4q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.03.17 21:36:32 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\ylxh6k4q.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011.03.17 21:38:34 | 000,000,000 | ---D | M] (Personas) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\ylxh6k4q.default\extensions\personas@christopher.beard [2008.01.05 12:47:08 | 000,001,878 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ylxh6k4q.default\searchplugins\aolsearch.xml [2011.05.22 17:06:49 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.08.03 05:19:58 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2011.02.21 19:28:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} File not found (No name found) -- [2007.11.07 01:22:56 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [2007.11.15 23:49:40 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [2008.04.02 00:57:38 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [2009.06.10 11:54:15 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [2011.02.21 19:28:11 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2010.12.27 11:21:35 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT () (No name found) -- C:\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YLXH6K4Q.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YLXH6K4Q.DEFAULT\EXTENSIONS\FOXFILTER@INSPIREDEFFECT.NET.XPI [2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2008.09.15 11:52:06 | 000,376,832 | ---- | M] ( ) -- C:\Programme\Mozilla Firefox\plugins\npsnapfish.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Dell\BAE\BAE.dll (Dell Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [idehjefi] c:\users\****\appdata\local\idehjefi.exe (arrendador) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O27 - HKLM IFEO\bttray.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\dsagnt.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\dsbrws.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\dshelp.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\install_flash_player.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\javaw.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\javaws.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\lxupdatemanager.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\presentationhost.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\quickset.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\tomtomhome.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\uninstall tomtom home.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{0f81276d-d493-11de-a4d4-001dd9e56694}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe log.vbs O33 - MountPoints2\{d9f710ca-ce10-11dd-9ca8-001c23a7ae12}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.06.01 10:39:21 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe [2011.05.25 15:41:44 | 000,000,000 | ---D | C] -- C:\Users\****\Documents\Steuerfälle [2011.05.25 15:41:44 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\AAV [2011.05.25 15:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps [2011.05.25 15:30:21 | 000,000,000 | ---D | C] -- C:\Programme\Akademische Arbeitsgemeinschaft [2011.05.25 15:27:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AAV [2011.05.22 17:37:59 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Malwarebytes [2011.05.22 17:37:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.05.22 17:37:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.05.22 17:37:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.05.22 17:37:46 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.05.22 17:37:46 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.04.04 20:06:39 | 000,622,592 | ---- | C] (arrendador) -- C:\Users\****\AppData\Local\idehjefi.exe [2 C:\Users\****\*.tmp files -> C:\Users\****\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.06.01 10:46:27 | 000,003,741 | ---- | M] () -- C:\Users\****\AppData\Local\idehjefi.dat [2011.06.01 10:46:26 | 000,004,659 | ---- | M] () -- C:\Users\****\AppData\Local\idehjefi_navps.dat [2011.06.01 10:43:49 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{613B0433-1B55-4AF8-B6DE-D6398B0420D2}.job [2011.06.01 10:39:27 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe [2011.06.01 10:17:49 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.06.01 10:17:39 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.01 10:17:39 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.01 10:17:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.05.31 22:13:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.05.31 21:19:21 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2011.05.30 12:32:22 | 000,130,048 | ---- | M] () -- C:\Users\****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.05.30 12:18:00 | 000,637,068 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.05.30 12:18:00 | 000,604,322 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.05.30 12:18:00 | 000,129,652 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.05.30 12:18:00 | 000,107,462 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.05.28 11:42:11 | 000,148,317 | ---- | M] () -- C:\Users\****\AppData\Roaming\nvModes.001 [2011.05.28 11:41:30 | 000,000,093 | ---- | M] () -- C:\Users\****\AppData\Local\ekkik.bat [2011.05.28 10:34:15 | 2145,583,104 | -HS- | M] () -- C:\hiberfil.sys [2011.05.28 00:17:37 | 000,005,332 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.05.26 16:11:25 | 000,239,846 | ---- | M] () -- C:\Users\****\AppData\Local\idehjefi_nav.dat [2011.05.25 15:33:33 | 000,002,104 | ---- | M] () -- C:\Users\Public\Desktop\Steuer-Spar-Erklärung 2011.lnk [2011.05.22 17:37:52 | 000,000,916 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.05.22 17:06:51 | 000,000,856 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.05.21 15:05:56 | 000,002,445 | ---- | M] () -- C:\Users\****\Desktop\Nero - Burning Rom.lnk [2 C:\Users\****\*.tmp files -> C:\Users\****\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.05.25 15:33:33 | 000,002,104 | ---- | C] () -- C:\Users\Public\Desktop\Steuer-Spar-Erklärung 2011.lnk [2011.05.22 17:37:52 | 000,000,916 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.05.22 17:06:51 | 000,000,868 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.05.22 17:06:51 | 000,000,856 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.04.04 20:06:40 | 000,239,846 | ---- | C] () -- C:\Users\****\AppData\Local\idehjefi_nav.dat [2011.04.04 20:06:40 | 000,004,645 | ---- | C] () -- C:\Users\****\AppData\Local\idehjefi_navps.dat [2011.04.04 20:06:40 | 000,003,559 | ---- | C] () -- C:\Users\****\AppData\Local\idehjefi.dat [2011.02.18 22:54:55 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat [2010.04.04 03:02:55 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2010.03.29 15:00:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010.03.29 15:00:31 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.07.09 21:27:56 | 000,000,093 | ---- | C] () -- C:\Users\****\AppData\Local\ekkik.bat [2009.07.03 20:07:48 | 000,490,539 | ---- | C] () -- C:\Users\****\AppData\Roaming\mdbu.bin [2009.04.11 21:28:48 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2008.07.26 15:42:52 | 000,066,482 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2008.05.16 16:54:42 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini [2008.04.21 13:14:23 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini [2008.04.21 13:12:52 | 000,000,126 | ---- | C] () -- C:\Windows\System32\AF15IRTBL.bin [2008.02.08 19:25:02 | 000,007,592 | ---- | C] () -- C:\Users\****\AppData\Local\d3d9caps.dat [2008.02.07 19:58:59 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll [2008.01.23 23:36:42 | 000,000,552 | ---- | C] () -- C:\Users\****\AppData\Local\d3d8caps.dat [2007.12.10 21:06:42 | 000,024,206 | ---- | C] () -- C:\Users\****\AppData\Roaming\UserTile.png [2007.11.29 19:42:32 | 000,000,000 | ---- | C] () -- C:\Users\****\AppData\Roaming\wklnhst.dat [2007.11.05 19:47:05 | 000,130,048 | ---- | C] () -- C:\Users\****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.11.05 16:55:19 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2007.11.05 12:49:56 | 000,148,317 | ---- | C] () -- C:\Users\****\AppData\Roaming\nvModes.001 [2007.11.05 12:36:30 | 000,148,317 | ---- | C] () -- C:\Users\****\AppData\Roaming\nvModes.dat [2007.10.30 08:07:46 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2007.10.30 08:07:36 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007.10.30 00:26:40 | 000,065,536 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll [2007.10.30 00:26:40 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE [2007.10.30 00:23:15 | 000,006,656 | ---- | C] () -- C:\Windows\System32\stacutil.dll [2007.10.30 00:13:31 | 000,005,332 | ---- | C] () -- C:\Windows\bthservsdp.dat [2006.11.15 20:30:32 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2006.11.03 19:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2006.11.02 17:33:31 | 000,637,068 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 17:33:31 | 000,129,652 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,308,144 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,604,322 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,107,462 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001.11.14 14:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll ========== LOP Check ========== [2011.02.10 14:55:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Amazon [2009.03.23 23:38:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\AVG7 [2010.05.18 20:35:49 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Canon [2010.02.19 01:58:51 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\DeepBurner [2009.03.02 20:48:12 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Leadertech [2010.03.28 21:58:23 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Lexware [2011.01.02 18:54:05 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Nokia [2011.01.02 18:54:07 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Nokia Ovi Suite [2009.09.24 10:07:01 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Nseries [2008.12.30 23:50:02 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Pavtube [2011.01.24 19:08:06 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\PC Suite [2009.03.02 01:24:25 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\PeerNetworking [2011.03.27 15:30:48 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\PlayFirst [2009.06.16 17:52:05 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Snapfish [2007.11.29 19:42:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Template [2010.09.13 22:56:13 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Thunderbird [2011.03.17 21:29:12 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Tobit [2008.12.25 11:29:45 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TomTom [2011.03.17 22:12:28 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TuneUp Software [2008.10.03 18:06:48 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Wimpomat2 [2011.01.02 15:02:34 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Zylom [2011.05.28 00:17:41 | 000,032,526 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.06.01 10:43:49 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{613B0433-1B55-4AF8-B6DE-D6398B0420D2}.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2007.11.05 12:28:29 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2011.01.02 18:16:12 | 000,000,000 | ---D | M] -- C:\87f3b0a17c29a1ae72ec1961b223876d [2007.12.11 15:54:46 | 000,000,000 | ---D | M] -- C:\BlueByte [2011.03.18 00:31:31 | 000,000,000 | -HSD | M] -- C:\Boot [2011.05.25 15:34:21 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2007.11.05 12:48:32 | 000,000,000 | ---D | M] -- C:\DELL [2007.10.30 07:55:23 | 000,000,000 | ---D | M] -- C:\doctemp [2007.11.05 12:26:29 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2007.10.30 07:54:45 | 000,000,000 | ---D | M] -- C:\Drivers [2010.03.28 21:17:04 | 000,000,000 | ---D | M] -- C:\PerfLogs [2011.05.25 15:30:21 | 000,000,000 | R--D | M] -- C:\Programme [2011.05.25 15:27:22 | 000,000,000 | -H-D | M] -- C:\ProgramData [2007.11.05 12:26:29 | 000,000,000 | -HSD | M] -- C:\Programme [2011.06.01 10:43:17 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2008.12.30 23:50:12 | 000,000,000 | ---D | M] -- C:\Temp_DVDCopy [2007.11.05 12:27:02 | 000,000,000 | R--D | M] -- C:\Users [2007.12.10 18:28:49 | 000,000,000 | ---D | M] -- C:\VTF [2008.01.03 12:10:21 | 000,000,000 | ---D | M] -- C:\WESTWOOD [2011.03.18 00:28:29 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > [2011.04.04 20:06:39 | 000,622,592 | ---- | M] (arrendador) -- C:\Users\****\AppData\Local\idehjefi.exe < %systemroot%\*. /mp /s > < MD5 for: EXPLORER.EXE > [2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2007.11.16 20:57:10 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe [2007.11.16 20:57:10 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe [2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe < MD5 for: REGEDIT.EXE > [2008.01.19 09:33:24 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe [2008.01.19 09:33:24 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe [2006.11.02 11:45:35 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=F13123E76FDA33E55F11E0EB832E832A -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6000.16386_none_f1f7f368deed95c3\regedit.exe < MD5 for: USERINIT.EXE > [2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe < MD5 for: WININIT.EXE > [2008.01.19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008.01.19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe [2006.11.02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe [2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-05-31 12:19:12 < > < > ========== Alternate Data Streams ========== @Alternate Data Stream - 76 bytes -> C:\Users\****\Documents\Studium:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\****\Documents\Sonstiges:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\****\Documents\Schule:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\****\Documents\Ebay:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\****\Documents\Dell Webcam Center:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\****\Documents\Bewerbungen:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 2.3 Installation Files:Roxio EMC Stream < End of report > und diese DateiOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 01.06.2011 10:41:33 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\****\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 46,90% Memory free
4,23 Gb Paging File | 2,59 Gb Available in Paging File | 61,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99,18 Gb Total Space | 20,45 Gb Free Space | 20,62% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 6,09 Gb Free Space | 60,92% Space Free | Partition Type: NTFS
Computer Name: LAPTOP-**** | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm-Fotowelt] -- "C:\Program Files\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 1
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07639B34-7061-48DC-8F3C-550BE44F2071}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{07CE405B-85FC-4699-AB01-9B9D2A3EB6A3}" = protocol=6 | dir=in | app=c:\program files\tobit clipinc\player\clipinc-player.exe |
"{0B29C2BA-2F9E-4EF0-AE04-42C0736BE362}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0BD15E7B-3ADA-4DE4-983E-F9C437E5DCE1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0DF79D94-72CD-4732-AAB7-C47311F1B454}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{17610C35-4CF9-4D64-80EC-0A3BE3F09390}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1F816819-0C77-4083-8C0C-BC8C3B8C725B}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{21301956-E6B4-43EB-8058-76525615731B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2162540F-A81C-496F-A94C-CEB4CD99AEB7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{28ABE5F0-B3ED-4E75-992B-4EFF330A7846}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2DF6265A-2AE1-45A0-B455-1E3D25398AEA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3A10C537-981B-40DB-BFDD-B91B0D9C2D0A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3D0BA092-0567-42C7-A7CD-22896345D7A3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3EB77359-2F2C-4126-9663-7C5563BBDF3B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3EDDEA6E-28BB-4E9D-969E-5BEB59F5856E}" = protocol=6 | dir=in | app=c:\program files\vogel verlag\fahren lernen\vogel.fahrenlernenmax.exe |
"{47FF4E45-7D27-4FB4-8767-CE0848096AD7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4B6960C9-3E8E-470E-9642-799272EDFF8A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4EB2D427-EEB4-4A5F-86B8-77FA17C4B403}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{514AE790-CEC6-4D18-B2E4-646A6656B84B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{55FEA510-32C0-46E9-9CD0-393E8A10BC74}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{585A7FB7-F5BB-4241-9B2E-A61D02AAE035}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5CFD4DD2-BCB7-4D8E-9FA3-08067382AF3E}" = dir=in | app=c:\program files\dell\mediadirect\powercinema.exe |
"{5CFD7C7E-8C3B-4432-AF24-09CDDCEDB680}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6307336A-7FF9-4B27-9B5B-9B5EF82F7070}" = protocol=17 | dir=in | app=c:\program files\tobit clipinc\server\clipinc-server.exe |
"{64BE05DC-7627-444D-8C35-AEDC03B8262F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6CAB0E7F-0110-4E76-B7D7-5AB1A0BB1631}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7175641E-69A8-4044-B16C-D5A3BB104104}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7220E428-B782-42C1-8B36-23ACDDBD7AE3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{735ECD6E-C869-4641-8132-65D94DF4FE20}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7D510AD2-8AF0-412B-9AA7-4F04EB3E84CC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{80D448EB-E27C-4313-AF1D-FA74138FCD33}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{80F97876-8597-4C0A-945C-5E332894AE76}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{81015848-1528-45C5-858F-F07BCA7A980A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{83876290-256E-4D16-B237-B3F3D2905C2B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{87398FB2-2190-4F74-A5D0-AA97F7623744}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{877915B4-E51E-4010-96F4-273C36BA1B5F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{87BBA7D9-8860-466F-8948-819F2068E023}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{94E55B17-BCA0-47E6-9FB1-EC476AE7098F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9F059040-B618-415F-8143-8B02D28772B5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9FE5EB6F-6CE2-4214-A8F4-0358B48D6CCB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A1F962E8-BB21-4825-9BAC-8A71D767656C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A3A06ECC-1DCD-40DA-A8EB-BEED66945B8D}" = protocol=17 | dir=in | app=c:\program files\tobit clipinc\player\clipinc-player.exe |
"{A592F5E8-1F6D-46BB-9BBC-94FE7276BF00}" = protocol=6 | dir=in | app=c:\program files\tobit clipinc\server\clipinc-server.exe |
"{A5BC47FF-AAAD-4244-A25C-14E927C33954}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A7C2E478-9C24-42AB-8D5F-4F1986DCFE87}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A9F87D40-7AC3-496A-AC79-848AF416AED8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AC7085BF-8EDC-41E0-BC7C-D8E38D051B7C}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{ADDAB433-1373-46D1-9D70-5F9D29C16477}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B141E996-F43D-4F65-9723-40DC453C2420}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BE87DE54-685D-4532-A372-4802BB8992DA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C1CEA169-CC70-4375-81AB-569E95003352}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CA7836C5-312D-4C3E-A13C-8EF0613E4C8A}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{D255D57C-4086-47C0-B57B-1925E3339D81}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D288C1C9-413B-47A4-95C7-77DEDA3A844C}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{D7260091-8BEE-4811-9F64-B5F0CF4DAEB3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D743693E-8BE8-4874-A127-065A9AA82989}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D88AE2E4-3AE1-4C23-9560-82F4554214EB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DA75401D-8A3F-4CB0-9635-A933B6D30F42}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E7F5C3A4-9FE9-4397-9F78-4B9856CEECB9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E9726281-A9E0-4A97-8208-48D9B2128BA6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EC4DCF34-7BBA-4DF9-BCC2-E7B240D3342B}" = protocol=17 | dir=in | app=c:\program files\vogel verlag\fahren lernen\vogel.fahrenlernenmax.exe |
"{EE3629BC-670E-4C6A-AA93-E00B0921B466}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F2D7F576-4404-4A9B-ABD5-35DEEC3B2D88}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F542EC2C-EC71-42E4-8411-913AC47573DB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{151F009F-32E5-468B-ADE0-740232C7EBC3}C:\program files\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files\trillian\trillian.exe |
"TCP Query User{4F798F1A-28F8-4E17-8CC6-FAF40ED5D385}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{6A70D6AE-1A37-4578-9104-C9F57ED13A43}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{8A043A59-3551-432D-95AE-13F74605BD6B}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{B2A4D547-D104-4B2E-B052-0692F88FBDE6}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{D2A4FBBB-90D5-49C3-BD12-0F79CABF6159}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{DBDFAB5C-7D48-4736-B6DF-A5A25874D978}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{E19DF7D8-8701-48DE-B319-1208898B4997}C:\program files\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files\trillian\trillian.exe |
"UDP Query User{6359272A-7BB9-48BB-8585-9BDE13121F6D}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{66B5868D-02A6-4558-AA0B-5ED829C1F9DD}C:\program files\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files\trillian\trillian.exe |
"UDP Query User{7BBB2429-3332-4A80-BC10-257626692DC0}C:\program files\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files\trillian\trillian.exe |
"UDP Query User{B5DEEC2A-F0D0-4F2A-A6D7-A3EA1385B85B}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{B692B845-17DB-4CE2-9E12-7896C389C4BC}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{D1C393D5-1E6F-45A6-96C5-C4413CEF274C}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{DF00832B-31DA-4549-8B4B-FCF28944C9B0}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{E60041FD-508D-4CEE-8544-24FAD484302D}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01866A44-A697-4821-871F-1CB9F907E8DE}" = OpenOffice.org 2.3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 24
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2BD2FA21-B51D-4F01-94A7-AC16737B2163}" = Adobe Flash Player 10 ActiveX
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}" = Nokia Ovi Suite
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59624372-3B85-47f4-9B04-4911E551DF1E}" = Lexware Info Service
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = Benutzerhandbuch
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{69916AD2-3710-4C86-895E-8F475290AA64}" = Ovi Desktop Sync Engine
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6EB6C056-02BB-453E-8448-EC90B9794180}" = Nokia Multimedia Common Components 2.4
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F0C4457-8E64-491B-8D7B-991504365D1E}" = QuickSet
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F5FD796-86F0-4360-85F8-D54C0F5411EB}" = Steuer-Spar-Erklärung 2011
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3100
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.6 - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{DC432844-6914-4421-910C-F1B05B3A761C}" = Nokia Music
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E8C23EBE-EE3C-4299-9DB9-601AB3751454}" = AAVUpdateManager
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FD023F61-65E9-465C-B558-7C64EB2B97E6}" = Assistant zum Anpassen des Dell-Systems
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CDex" = CDex extraction audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Creative OEM002" = Laptop Integrated Webcam Driver (1.03.02.0719)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"dm-Fotowelt" = dm-Fotowelt
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"fmdkiqh" = Favorit
"FujiDirekt_is1" = FujiDirekt 2.6
"Google Updater" = Google Updater
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Mozilla Thunderbird (3.1.10)" = Mozilla Thunderbird (3.1.10)
"MP Navigator 3.1" = Canon MP Navigator 3.1
"Nokia Ovi Suite" = Nokia Ovi Suite
"NVIDIA Drivers" = NVIDIA Drivers
"RealPlayer 12.0" = RealPlayer
"SynTPDeinstKey" = Dell Touchpad
"Tikal" = Tikal (remove only)
"TomTom HOME" = TomTom HOME 2.7.4.1962
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"VLC media player" = VLC media player 0.9.9
"Winamp" = Winamp
"WinRAR archiver" = WinRAR Archivierer
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 09.05.2011 16:00:17 | Computer Name = Laptop-**** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 09.05.2011 16:00:19 | Computer Name = Laptop-**** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.05.2011 02:37:45 | Computer Name = Laptop-**** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.05.2011 02:37:45 | Computer Name = Laptop-**** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.05.2011 02:47:45 | Computer Name = Laptop-**** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.05.2011 02:48:09 | Computer Name = Laptop-**** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.05.2011 02:48:09 | Computer Name = Laptop-**** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.05.2011 16:00:08 | Computer Name = Laptop-**** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 11.05.2011 07:28:07 | Computer Name = Laptop-**** | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 13.05.2011 17:15:54 | Computer Name = Laptop-**** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ Media Center Events ]
Error - 23.12.2010 10:24:23 | Computer Name = Laptop-**** | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.WaitForUploadComplete
failed. Please try to ping www.msn.com prior to filing a bug.; Win32 GetLastError
returned 10000109 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 23.12.2010 11:32:33 | Computer Name = Laptop-**** | Source = ehRecvr | ID = 3
Description =
Error - 07.03.2011 15:29:55 | Computer Name = Laptop-**** | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.WaitForUploadComplete
failed. Please try to ping www.msn.com prior to filing a bug.; Win32 GetLastError
returned 10000109 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 07.03.2011 18:02:13 | Computer Name = Laptop-**** | Source = ehRecvr | ID = 3
Description =
Error - 17.03.2011 14:20:40 | Computer Name = Laptop-**** | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 25.03.2011 18:10:10 | Computer Name = Laptop-**** | Source = Recording | ID = 19
Description = Der Aufzeichnungszeitplan war beschädigt und wurde am 03/25/2011 23:10:10
automatisch gelöscht. Möglicherweise müssen Sie die Aufzeichnungen erneut planen.
Error - 13.04.2011 12:47:06 | Computer Name = Laptop-**** | Source = Media Center Guide | ID = 13
Description = Ereignisinformationen: Fehler beim Downloaden neuer TV-Programmdaten.
Überprüfen Sie die Internetverbindungseinstellungen. Wenn die Verbindung über einen
Firewall oder Proxyserver hergestellt wird, stellen Sie sicher, dass dieser ordnungsgemäß
konfiguriert ist. Prozess: DefaultDomain Objektname: Microsoft.Ehome.Epg.EhepgdatSingleton
Error - 02.05.2011 14:18:29 | Computer Name = Laptop-**** | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.WaitForUploadComplete
failed. Please try to ping www.msn.com prior to filing a bug.; Win32 GetLastError
returned 10000109 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 04.05.2011 14:43:55 | Computer Name = Laptop-**** | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.WaitForUploadComplete
failed. Please try to ping www.msn.com prior to filing a bug.; Win32 GetLastError
returned 10000109 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 22.05.2011 10:54:44 | Computer Name = Laptop-**** | Source = ehRecvr | ID = 3
Description =
[ System Events ]
Error - 27.05.2011 10:56:19 | Computer Name = Laptop-**** | Source = Print | ID = 6161
Description = Das Dokument KomprimierteSteuererklärung.pdf im Besitz von ****
konnte nicht auf dem Drucker Canon MP140 series Printer gedruckt werden. Versuchen
Sie erneut, das Dokument zu drucken, oder starten Sie den Druckspooler erneut.
Datentyp: NT EMF 1.008. Größe der Spooldatei in Bytes: 458752. Anzahl der gedruckten
Bytes: 110452. Gesamtanzahl der Seiten des Dokuments: 8. Anzahl der gedruckten
Seiten: 0. Clientcomputer: \\LAPTOP-****. Vom Druckprozessor zurückgegebener
Win32-Fehlercode: 1. Unzulässige Funktion.
Error - 27.05.2011 10:58:04 | Computer Name = Laptop-**** | Source = Print | ID = 6161
Description = Das Dokument KomprimierteSteuererklärung.pdf im Besitz von ****
konnte nicht auf dem Drucker Canon MP140 series Printer gedruckt werden. Versuchen
Sie erneut, das Dokument zu drucken, oder starten Sie den Druckspooler erneut.
Datentyp: NT EMF 1.008. Größe der Spooldatei in Bytes: 458752. Anzahl der gedruckten
Bytes: 272320. Gesamtanzahl der Seiten des Dokuments: 8. Anzahl der gedruckten
Seiten: 0. Clientcomputer: \\LAPTOP-****. Vom Druckprozessor zurückgegebener
Win32-Fehlercode: 1. Unzulässige Funktion.
Error - 27.05.2011 16:08:01 | Computer Name = Laptop-**** | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 27.05.2011 17:50:28 | Computer Name = Laptop-**** | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 28.05.2011 04:34:38 | Computer Name = Laptop-**** | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.178.21 für die Netzwerkkarte mit der Netzwerkadresse
001DD936D9A8 wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 28.05.2011 17:42:21 | Computer Name = Laptop-**** | Source = Service Control Manager | ID = 7011
Description =
Error - 28.05.2011 17:42:21 | Computer Name = Laptop-**** | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 29.05.2011 08:17:14 | Computer Name = Laptop-**** | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 30.05.2011 15:27:17 | Computer Name = Laptop-**** | Source = Service Control Manager | ID = 7011
Description =
Error - 01.06.2011 04:17:34 | Computer Name = Laptop-**** | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.178.21 für die Netzwerkkarte mit der Netzwerkadresse
001DD936D9A8 wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
< End of report >
So das ist jetzt alles was ich mit meinem sehr ungesunden Halbwissen auf die Kette bekommen habe(und das auch nur mit Hilfe) Ich hoffe irgendeiner kann mir helfen damit mein geliebter PC wieder funktioniert. Ganz lieben Gruß sunny88 |
| Themen zu Ich werde Rogue Residue nicht los! |
| alternate, antivir, avira, bho, c:\windows\system32\rundll32.exe, computer, entfernen, error, excel, fehler, firefox, flash player, home, host.exe, iexplore.exe, install.exe, javaws.exe, langsam, logfile, mozilla, mozilla thunderbird, nicht gefunden, nvlddmkm.sys, oldtimer, plug-in, presentationhost.exe, prozess, registry, scan, searchplugins, security, sehr langsam, shell32.dll, software, start menu, starten, studio, trojaner, virus, vista, visual studio, wscript.exe |
Baum-Darstellung