Ist mein PC infiziert?
Da von meinem Email account Spam-Mails versendet wurden, würde ich gern meinen Pc durchchecken lassen.
Würde mich freuen, wenn ihr mir dabei helfen könntet. otl.txt Code:
OTL logfile created on: 28.04.2013 21:00:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Uli Minor\Desktop
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,87 Gb Total Physical Memory | 0,83 Gb Available Physical Memory | 44,49% Memory free
4,00 Gb Paging File | 2,61 Gb Available in Paging File | 65,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,76 Gb Total Space | 61,57 Gb Free Space | 44,05% Space Free | Partition Type: NTFS
Drive E: | 1,55 Gb Total Space | 1,32 Gb Free Space | 84,88% Space Free | Partition Type: NTFS
Drive F: | 7,73 Gb Total Space | 0,76 Gb Free Space | 9,83% Space Free | Partition Type: NTFS
Computer Name: ULIMINOR-PC | User Name: Uli Minor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Uli Minor\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_TATIH3E.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\EPSON Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
PRC - C:\Programme\EPSON Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe (Prolific Technology Inc.)
PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Programme\funkwerk WIN-Tools\Eumex 401 WIN-Tools V1.00\ControlCenter.exe (Funkwerk Enterprise Communications GmbH)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Programme\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe (Pinnacle Systems)
PRC - C:\Programme\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Programme\PDF Complete\pdfsty.exe (PDF Complete Inc)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Windows\SMINST\Scheduler.exe ()
PRC - C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
PRC - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
PRC - C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.)
PRC - C:\Programme\FRITZ!DSL\StCenter.exe (AVM Berlin)
PRC - C:\Programme\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin)
PRC - C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\System32\msjetoledb40.dll ()
MOD - C:\Programme\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Programme\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Programme\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2589.34886__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2589.35106__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2589.34839__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2589.34900__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2589.35144__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2589.35129__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2589.34876__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2589.34898__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2589.34860__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2589.35011__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2589.35080__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2589.35177__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2589.35183__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2589.34854__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2589.35024__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2589.35114__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2589.35093__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2589.35169__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2589.35098__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2589.35090__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2589.35168__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2589.35137__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2589.35085__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2589.34915__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2589.35014__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2589.34863__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2589.35069__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2589.34923__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2589.34907__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2589.35045__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2589.35012__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2589.35020__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2589.35044__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2589.34921__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2589.35066__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2537.29860__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2589.35019__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2560.25959__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2560.25964__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2560.25974__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2560.26001__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2560.26002__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2560.26010__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2560.26010__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2560.25961__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2560.25971__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2560.26000__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2560.26012__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2560.26040__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2560.25982__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2560.25973__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2560.25968__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2560.25997__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2531.19989__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2560.25987__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2560.26001__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2560.25998__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2560.25998__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2560.26000__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2560.25999__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2560.25988__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2560.25987__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2560.26012__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2560.25999__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2560.25986__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2560.25982__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2560.25987__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2560.26001__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2560.25960__90ba9c70f846762e\AEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2531.19989__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2560.25970__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2589.35208__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2589.34848__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2589.34870__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2589.35160__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2589.34837__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2589.35158__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2589.34838__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2560.25970__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2560.25980__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2560.25964__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2560.26010__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2560.25982__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2560.25966__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2560.25981__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2560.26004__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2589.35160__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2589.34836__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\Windows\System32\btwhidcs.dll ()
MOD - C:\Windows\SMINST\Scheduler.exe ()
MOD - C:\Windows\SMINST\naspp.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Programme\Hewlett-Packard\Digital Imaging\bin\crm\xmltok.dll ()
MOD - C:\Programme\Hewlett-Packard\Digital Imaging\bin\crm\xmlparse.dll ()
MOD - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
========== Services (SafeList) ==========
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (MSSQL$MSSMLBIZ) -- c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (PLFlash DeviceIoControl Service) -- C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe (Prolific Technology Inc.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (WLSetupSvc) -- C:\Programme\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (pdfcDispatcher) -- C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (Com4Qlb) -- C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)
SRV - (ASBroker) -- C:\Programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Cognizance Corporation)
SRV - (hpqcxs08) -- C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (hpqddsvc) -- C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (UPnPService) -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (ASChannel) -- C:\Programme\Hewlett-Packard\IAM\Bin\ASChnl.dll (Cognizance Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
SRV - (lxcj_device) -- C:\Windows\System32\lxcjcoms.exe ()
SRV - (de_serv) -- C:\Programme\Common Files\AVM\De_serv.exe (AVM Berlin)
SRV - (AVM IGD CTRL Service) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin)
========== Driver Services (SafeList) ==========
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (USB_RNDIS) -- C:\Windows\System32\drivers\usb8023.sys (Microsoft Corporation)
DRV - (mod7700) -- C:\Windows\System32\drivers\mod7700.sys (DiBcom SA)
DRV - (MODRC) -- C:\Windows\System32\drivers\modrc.sys (DiBcom S.A.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (ATSWPDRV) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (DgiVecp) -- C:\Windows\System32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.)
DRV - (eabfiltr) -- C:\Windows\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (ATI Technologies Inc.)
DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=none&bd=smb&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=none&bd=smb&pf=laptop
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
IE - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7HPNN_deDE308
IE - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programme\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CognizanceTS] C:\Programme\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Cognizance Corporation)
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero BackItUp 4\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006..\Run: [] File not found
O4 - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006..\Run: [EPLTarget\P0000000000000001] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_TATIH3E.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006..\Run: [EPLTarget\P0000000000000002] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_TATIH3E.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006..\Run: [MsgCmd] C:\ProgramData\MsgCmd\qvqjulmb.exe File not found
O4 - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006..\Run: [PMCRemote] File not found
O4 - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006..\Run: [StartCCC] c:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\RunOnce: [ST Recovery Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - Startup: C:\Users\Uli Minor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe (AVM Berlin)
O4 - Startup: C:\Users\Uli Minor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)
O4 - Startup: C:\Users\Uli Minor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKU\S-1-5-21-1339485197-3170389898-3667348218-1006\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3455A2CA-E268-4F19-8E76-1CF6C9E03181}: DhcpNameServer = 192.168.1.250
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7A368FD-8FC8-4C84-95E5-9E7D3D6DA451}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (APSHook.dll) - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Uli Minor\pool bei Nacht\DSC_0176.JPG
O24 - Desktop BackupWallPaper: C:\Users\Uli Minor\pool bei Nacht\DSC_0176.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk F:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.04.28 20:58:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Uli Minor\Desktop\OTL.exe
[2013.04.07 20:18:35 | 000,000,000 | ---D | C] -- C:\Users\Uli Minor\sicherung alter siemens stick
[2013.04.04 19:37:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
========== Files - Modified Within 30 Days ==========
[2013.04.28 20:58:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Uli Minor\Desktop\OTL.exe
[2013.04.28 20:49:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.28 20:46:30 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.04.28 20:44:34 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.28 20:44:20 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.28 20:44:20 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.28 20:44:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.28 20:44:05 | 2012,536,832 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.28 16:02:38 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.04.28 15:24:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.28 11:21:19 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F3D9808E-2DB5-45A5-9DB1-245C7557B4EE}.job
[2013.04.07 20:23:29 | 000,696,626 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.04.07 20:23:29 | 000,651,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.04.07 20:23:29 | 000,155,102 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.04.07 20:23:29 | 000,126,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.04.04 19:37:59 | 000,001,022 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.04.02 00:16:32 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.04.02 00:16:31 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.04.02 00:16:31 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
========== Files Created - No Company Name ==========
[2013.04.04 19:37:59 | 000,001,022 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2009.02.15 21:39:53 | 000,188,521 | ---- | C] () -- C:\Users\Uli Minor\pdf_1565.pdf
[2009.01.13 21:38:20 | 001,923,290 | ---- | C] () -- C:\Users\Uli Minor\cdex_151.zip
[2008.12.04 19:31:58 | 001,283,717 | ---- | C] () -- C:\Users\Uli Minor\21xxmax_DE.pdf
[2008.07.19 19:12:31 | 026,163,865 | ---- | C] () -- C:\Users\Uli Minor\preisliste2008ap[1].pdf
[2008.06.01 11:12:45 | 000,001,356 | ---- | C] () -- C:\Users\Uli Minor\AppData\Local\d3d9caps.dat
[2008.01.05 16:36:18 | 000,119,808 | ---- | C] () -- C:\Users\Uli Minor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006.11.02 14:54:18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 17:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\$Recycle.Bin\S-1-5-18\$ff24043d55f85ce9a20a8337d9b4b888\n.
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.19 09:36:49 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2008.12.29 13:43:32 | 000,000,000 | ---D | M] -- C:\Users\Uli Minor\AppData\Roaming\cerasus.media
[2010.01.28 09:24:46 | 000,000,000 | ---D | M] -- C:\Users\Uli Minor\AppData\Roaming\Desktopicon
[2013.04.04 19:39:15 | 000,000,000 | ---D | M] -- C:\Users\Uli Minor\AppData\Roaming\elsterformular
[2013.02.12 21:29:47 | 000,000,000 | ---D | M] -- C:\Users\Uli Minor\AppData\Roaming\Epson
[2008.01.05 17:29:42 | 000,000,000 | ---D | M] -- C:\Users\Uli Minor\AppData\Roaming\FRITZ!
[2011.11.10 20:46:09 | 000,000,000 | ---D | M] -- C:\Users\Uli Minor\AppData\Roaming\Image Zone Express
[2008.01.05 20:37:55 | 000,000,000 | ---D | M] -- C:\Users\Uli Minor\AppData\Roaming\InterVideo
[2009.02.14 18:20:56 | 000,000,000 | ---D | M] -- C:\Users\Uli Minor\AppData\Roaming\MAGIX
[2010.01.28 09:24:51 | 000,000,000 | ---D | M] -- C:\Users\Uli Minor\AppData\Roaming\MyPhoneExplorer
[2009.12.24 10:04:55 | 000,000,000 | ---D | M] -- C:\Users\Uli Minor\AppData\Roaming\Printer Info Cache
[2009.05.03 13:19:35 | 000,000,000 | ---D | M] -- C:\Users\Uli Minor\AppData\Roaming\Privacy components
[2009.02.05 20:27:34 | 000,000,000 | ---D | M] -- C:\Users\Uli Minor\AppData\Roaming\SampleView
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:8FF81EB0
< End of report >
extras.txt Code:
OTL Extras logfile created on: 28.04.2013 21:00:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Uli ***\Desktop
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,87 Gb Total Physical Memory | 0,83 Gb Available Physical Memory | 44,49% Memory free
4,00 Gb Paging File | 2,61 Gb Available in Paging File | 65,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,76 Gb Total Space | 61,57 Gb Free Space | 44,05% Space Free | Partition Type: NTFS
Drive E: | 1,55 Gb Total Space | 1,32 Gb Free Space | 84,88% Space Free | Partition Type: NTFS
Drive F: | 7,73 Gb Total Space | 0,76 Gb Free Space | 9,83% Space Free | Partition Type: NTFS
Computer Name: ULI***-PC | User Name: Uli *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{02C03AE0-E898-5C22-AFD4-877466FFBD98}" = CCC Help English
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.4900
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{07FB18CF-3F76-43AC-0F02-B2DC201D27F4}" = Catalyst Control Center Localization Thai
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{09B17771-7F41-193C-4B8B-93B07653707C}" = Catalyst Control Center Localization Czech
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{15ADCB87-FB9D-BE4B-89EB-A5439DADACEB}" = CCC Help Japanese
"{160FB2C2-37D9-C291-9B79-B660241AD747}" = Catalyst Control Center Localization Dutch
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19CA53A9-E256-6AF1-28FA-EE61A88886CA}" = Catalyst Control Center Localization Chinese Traditional
"{1A239B49-FDA5-8BCF-05E9-15C69A8591F7}" = Catalyst Control Center Localization Swedish
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{228FAF8F-3380-6579-E37D-8AE663A543EE}" = CCC Help Russian
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{2692EC5B-A136-5340-C10C-4FA987FBA569}" = Catalyst Control Center Localization Spanish
"{279F3807-2744-5B05-1CD5-612097502559}" = CCC Help Polish
"{27A94385-A7BD-17DA-3827-E54A3B203E7C}" = CCC Help Chinese Traditional
"{290B83AA-093A-45BF-A917-D1C4A1E8D917}" = HP Active Support Library
"{2B5BC746-6594-F319-D806-BA97C1B3D8E9}" = Catalyst Control Center Localization Japanese
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{2DB165DC-DDB4-403F-B985-19F3EC7D0357}" = HP ProtectTools Security Manager
"{2E2499C1-D876-D3A5-5329-23719AF4EEA5}" = CCC Help French
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 F2
"{34dd5d9f-5af3-41b4-ae60-09c408e16ea7}" = Nero BackItUp 4
"{3583F14B-42A8-C383-37B1-6186DD87BA46}" = Catalyst Control Center Localization Korean
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{36262360-D6DF-EFAE-7AB2-5FE47F01BB8A}" = Catalyst Control Center Graphics Full Existing
"{36720FFD-D8DC-502D-5B59-97261633B847}" = Catalyst Control Center Graphics Full New
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{38B39865-D988-4945-9A22-6107B8B40953}" = C4200
"{3912A629-0020-0005-3131-2FBA74D4DF0A}" = InterVideo WinDVD
"{3B1815F1-A388-CBA9-439E-8D97D0A9C6FB}" = CCC Help Portuguese
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = ST Wiederherstellungs- & Sicherungsprogramme
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{426C7CC1-5AC3-4758-A40C-6446F2CEA8C9}" = ccc-Branding
"{4282CA13-4119-B9F9-A13D-F7E8C61978F9}" = CCC Help Turkish
"{46AE0161-4BB6-4F01-AB45-AEB7144FF739}" = CA 01 - der interaktive Katalog von Drive Technologies and Industry Automation
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{50CE21D8-0F44-4f3f-A392-7F9AD3194DEF}" = PS_AIO_Software
"{521F72F4-FFE4-4959-AA88-EED06125211F}" = HP Notebook Accessories Product Tour
"{541847E5-E8C5-075B-9F2B-2FF2A3C971C1}" = Catalyst Control Center Localization Hungarian
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5B1E200F-327D-AA06-4990-8E1505DFC754}" = CCC Help Greek
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5D7347E1-AE03-478B-3BE2-F1279693F745}" = ccc-utility
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{5E156316-7276-D0B6-D6CD-A356B897FAB3}" = CCC Help Hungarian
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{6276CABC-7E19-4945-9A9C-3549D965E687}" = CCC Help Danish
"{6368D4AE-BFC1-4AAD-25AD-7EBA1CDEAFF0}" = CCC Help Thai
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3B081-1389-D544-6889-3E3BA2691171}" = CCC Help Korean
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6BA9955E-1F40-7E11-1488-228DAEFB0FD8}" = CCC Help Italian
"{6cb1534e-eb54-43d2-983c-bbd9f0138e6f}" = Nero 9
"{6E8C9958-A445-06B7-9180-F1C546E90B6B}" = Catalyst Control Center Localization Chinese Standard
"{6EF125F8-F86B-C019-2A11-53D9C99AEE00}" = Catalyst Control Center Localization Danish
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = Application Installer 4.00.B14
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{75918444-A9D8-86F4-3644-08917713894F}" = CCC Help German
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}" = Windows Live installer
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C7AC2D4-1077-45C8-826A-16445B5E0DB7}" = Pinnacle DistanTV Server
"{82F2B38B-1426-443D-874C-AC25675E7BEB}" = Windows Live Mail
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{8641C1CB-03B3-41d4-8DEC-79826A4B5C0E}" = HP Photosmart All-In-One Software 8.0
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B3CDDCA-0913-D8CE-F4E1-E0F8D0200B87}" = CCC Help Norwegian
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8CC5F040-44F2-4FB7-9720-47F53F96D180}" = MSCU for Microsoft Vista
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}" = Adobe Illustrator CS
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{990BA001-D69F-9DB2-56CE-88E0399B30FB}" = ccc-core-static
"{995A7F95-907E-4C25-8A2A-39CDCB7EC69C}" = Nero BackItUp
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C4AED81-8040-28D3-FCE3-E87DC2B948EC}" = Catalyst Control Center Localization German
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A1A34147-C621-1D90-3C27-D90CF2E1ADFA}" = CCC Help Czech
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA2F07A9-7EB5-4185-BAA9-A02F56F1396A}" = CCC Help Dutch
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AB5C4115-57A5-4B30-B103-3DDF65FB5034}" = Nero BackItUp
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{ABDA9912-5D00-11D4-BAE7-9367CA097955}" = Macromedia Dreamweaver 4
"{AC76BA86-1033-F400-7760-100000000002}" = Adobe Acrobat 7.0 Professional - English, Français, Deutsch
"{B19B5C55-573E-14F3-0047-7029B5618529}" = Catalyst Control Center Graphics Light
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B33E503B-8A82-E0EF-1ABE-06BF0489A6F9}" = CCC Help Swedish
"{B668B2B8-70D4-4754-A890-17C1DDDA9418}" = PS_AIO_Software_min
"{B7A7937C-B0B5-1040-FC2E-EB05872EF72C}" = Catalyst Control Center Localization Turkish
"{B7F2B452-4461-88FF-EFD0-8E888D1A4C2D}" = CCC Help Spanish
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BBE5C83E-4DC5-494F-8A23-3AAE242E94C2}" = HP Easy Setup - Frontend
"{BC281B89-4AF1-D881-ABB3-853444E7C1D5}" = Catalyst Control Center Localization Greek
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{BE41F3D2-FC73-4C3E-A2C2-5D2B08A5B2D0}" = Credential Manager for HP ProtectTools
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C41A421C-59F6-8393-014A-F655460AD5F5}" = CCC Help Finnish
"{C6271F2D-3D0A-439B-BD78-584E017C636E}" = Vista Default Settings
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D02B9787-3152-A4A0-43E9-AF5E62715D4E}" = Catalyst Control Center Localization Polish
"{D32067CD-7409-4792-BFA0-1469BCD8F0C8}" = HP Wireless Assistant
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{DB11E77A-8184-C8D3-55DF-73F937EE2F3D}" = Catalyst Control Center Localization Norwegian
"{DDDBC1AF-504A-3E17-4A74-E8C69D2C0D0E}" = Catalyst Control Center Localization Finnish
"{DFE967A8-9C30-413C-B2D5-C0D576949553}" = ESU for Microsoft Vista
"{E03D8FE4-70BF-26F8-DA3B-974E3A561308}" = CCC Help Chinese Standard
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E25074CB-A222-3A2D-0542-CC5BAD57ED76}" = Catalyst Control Center Localization Russian
"{E25AA53F-6878-4C64-8130-EB8D678DF303}" = HP User Guides 0064
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E4DDBA93-769B-49D8-BA33-8814E45ED0C1}" = HP Help and Support
"{E65CA2A8-1F2A-4400-AE55-FFD43D3B6980}" = c4200_Help
"{E728441A-7820-4B1C-87C9-DE7BE37B2953}" = Download Navigator
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EC04A654-128B-5439-0198-E1178E1E6E76}" = Catalyst Control Center Core Implementation
"{EF6CEC13-B014-8BD5-5E56-78E68494A167}" = Catalyst Control Center Localization Italian
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F1C6C824-FF4F-4CD6-9B25-E40F750FC2E8}" = funkwerk Eumex 401 WIN-Tools V1.00
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{F4144B54-EA3B-72F5-D464-211A1D7BAB95}" = Catalyst Control Center Localization Portuguese
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7B5554B-5CDE-4D16-9ACF-00BFB1ACD668}" = HP BIOS Configuration for ProtectTools
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
"{FAFC99FB-4361-7B69-AF2B-87A60406B60C}" = Catalyst Control Center Localization French
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FE0C305A-37EE-4499-B4CF-0182E37B20C4}" = PS_AIO_ProductContext
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat 7.0 Professional - English, Français, Deutsch - V" = Adobe Acrobat 7.0 Professional - English, Français, Deutsch
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe FrameMaker 7.1" = Adobe FrameMaker v7.1
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"ATI Uninstaller" = ATI Uninstaller
"Avira AntiVir Desktop" = Avira Free Antivirus
"Billard2_is1" = Billard2
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"CCleaner" = CCleaner (remove only)
"CDex" = CDex extraction audio
"ElsterFormular" = ElsterFormular
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"EPSON WP-4535 Series" = EPSON WP-4535 Series Printer Uninstall
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"FRITZ!DSL" = AVM FRITZ!DSL
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"InstallShield_{46AE0161-4BB6-4F01-AB45-AEB7144FF739}" = CA 01 - der interaktive Katalog von Drive Technologies and Industry Automation 10-2008 Deutsch
"InstallShield_{F1C6C824-FF4F-4CD6-9B25-E40F750FC2E8}" = funkwerk Eumex 401 WIN-Tools V1.00
"MAGIX Foto Manager 2008 D" = MAGIX Foto Manager 2008 5.0.0.255 (D)
"MAGIX Music Cleaning Lab 2008 deluxe D" = MAGIX Music Cleaning Lab 2008 deluxe 9.0.2.0 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 3.4.3.0 (D)
"MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MPE" = MyPhoneExplorer
"Mufin MusicFinder Base D" = Mufin MusicFinder Base 1.5.3.255 (D)
"PDF Complete" = PDF Complete
"POKER" = POKER
"Samsung ML-2010 Series" = Samsung ML-2010 Series
"SynTPDeinstKey" = Synaptics Pointing Device Driver
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1339485197-3170389898-3667348218-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.04.2013 16:23:11 | Computer Name = Uli***-PC | Source = EventSystem | ID = 4621
Description =
Error - 27.04.2013 03:54:02 | Computer Name = Uli***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung FwebProt.exe, Version 1.3.0.0, Zeitstempel 0x42285760,
fehlerhaftes Modul FwebProt.exe, Version 1.3.0.0, Zeitstempel 0x42285760, Ausnahmecode
0xc0000005, Fehleroffset 0x0000ed69, Prozess-ID 0xb38, Anwendungsstartzeit 01ce431bdce6a9a0.
Error - 27.04.2013 05:10:11 | Computer Name = Uli***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.19088, Zeitstempel
0x4de07b1b, fehlerhaftes Modul mshtml.dll, Version 8.0.6001.19088, Zeitstempel
0x4de090ed, Ausnahmecode 0xc0000005, Fehleroffset 0x000678d8, Prozess-ID 0x1398,
Anwendungsstartzeit 01ce431df8593598.
Error - 27.04.2013 05:10:30 | Computer Name = Uli***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.19088, Zeitstempel
0x4de07b1b, fehlerhaftes Modul mshtml.dll, Version 8.0.6001.19088, Zeitstempel
0x4de090ed, Ausnahmecode 0xc0000005, Fehleroffset 0x000678d8, Prozess-ID 0x102c,
Anwendungsstartzeit 01ce43270f7385ac.
Error - 27.04.2013 05:10:54 | Computer Name = Uli***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.19088, Zeitstempel
0x4de07b1b, fehlerhaftes Modul mshtml.dll, Version 8.0.6001.19088, Zeitstempel
0x4de090ed, Ausnahmecode 0xc0000005, Fehleroffset 0x000678d8, Prozess-ID 0x1254,
Anwendungsstartzeit 01ce43271dcf0aa4.
Error - 27.04.2013 05:37:45 | Computer Name = Uli***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.19088, Zeitstempel
0x4de07b1b, fehlerhaftes Modul mshtml.dll, Version 8.0.6001.19088, Zeitstempel
0x4de090ed, Ausnahmecode 0xc0000005, Fehleroffset 0x000678d8, Prozess-ID 0x13d8,
Anwendungsstartzeit 01ce432acba34bd1.
Error - 28.04.2013 07:02:46 | Computer Name = Uli***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung FwebProt.exe, Version 1.3.0.0, Zeitstempel 0x42285760,
fehlerhaftes Modul FwebProt.exe, Version 1.3.0.0, Zeitstempel 0x42285760, Ausnahmecode
0xc0000005, Fehleroffset 0x0000ed69, Prozess-ID 0x118c, Anwendungsstartzeit 01ce43f15356733d.
Error - 28.04.2013 07:32:22 | Computer Name = Uli***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.19088, Zeitstempel
0x4de07b1b, fehlerhaftes Modul mshtml.dll, Version 8.0.6001.19088, Zeitstempel
0x4de090ed, Ausnahmecode 0xc0000005, Fehleroffset 0x000678d8, Prozess-ID 0x1018,
Anwendungsstartzeit 01ce4400330ef096.
Error - 28.04.2013 09:20:50 | Computer Name = Uli***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung FwebProt.exe, Version 1.3.0.0, Zeitstempel 0x42285760,
fehlerhaftes Modul FwebProt.exe, Version 1.3.0.0, Zeitstempel 0x42285760, Ausnahmecode
0xc0000005, Fehleroffset 0x0000ed69, Prozess-ID 0x2c4, Anwendungsstartzeit 01ce440f5feac2c0.
Error - 28.04.2013 14:47:32 | Computer Name = Uli***-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung FwebProt.exe, Version 1.3.0.0, Zeitstempel 0x42285760,
fehlerhaftes Modul FwebProt.exe, Version 1.3.0.0, Zeitstempel 0x42285760, Ausnahmecode
0xc0000005, Fehleroffset 0x0000ed69, Prozess-ID 0xbec, Anwendungsstartzeit 01ce4440aac17ec0.
[ Credential Manager Events ]
Error - 09.03.2011 05:51:22 | Computer Name = Uli***-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Uli ***@ULI***-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 09.03.2011 05:51:33 | Computer Name = Uli***-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Uli ***@ULI***-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 12.03.2011 14:54:11 | Computer Name = Uli***-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Uli ***@ULI***-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 13.03.2011 16:23:39 | Computer Name = Uli***-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Uli ***@ULI***-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 18.03.2011 14:06:10 | Computer Name = Uli***-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Uli ***@ULI***-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 16.04.2011 05:05:02 | Computer Name = Uli***-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Uli ***@ULI***-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 11.06.2011 03:47:10 | Computer Name = Uli***-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Uli ***@ULI***-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 26.03.2013 14:23:47 | Computer Name = Uli***-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Uli ***@ULI***-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 05.04.2013 11:35:26 | Computer Name = Uli***-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Uli ***@ULI***-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 14.04.2013 10:15:21 | Computer Name = Uli***-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Uli ***@ULI***-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
[ OSession Events ]
Error - 31.08.2010 11:12:38 | Computer Name = Uli***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 642
seconds with 240 seconds of active time. This session ended with a crash.
Error - 16.01.2011 14:20:15 | Computer Name = Uli***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1942
seconds with 480 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 28.04.2013 08:53:16 | Computer Name = Uli***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 28.04.2013 08:53:16 | Computer Name = Uli***-PC | Source = Service Control Manager | ID = 7003
Description =
Error - 28.04.2013 08:53:16 | Computer Name = Uli***-PC | Source = Service Control Manager | ID = 7003
Description =
Error - 28.04.2013 10:02:24 | Computer Name = Uli***-PC | Source = DCOM | ID = 10010
Description =
Error - 28.04.2013 14:44:17 | Computer Name = Uli***-PC | Source = HTTP | ID = 15016
Description =
Error - 28.04.2013 14:45:48 | Computer Name = Uli***-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 28.04.2013 14:45:48 | Computer Name = Uli***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 28.04.2013 14:45:48 | Computer Name = Uli***-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 28.04.2013 14:45:48 | Computer Name = Uli***-PC | Source = Service Control Manager | ID = 7003
Description =
Error - 28.04.2013 14:45:48 | Computer Name = Uli***-PC | Source = Service Control Manager | ID = 7003
Description =
< End of report >
GMER
Info: Beim Scann mit GMER ist PC abgestürzt, auch im abgesicherten Modus.
Anbei das Log-File des Scans vom Programm-Start Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit quick scan 2013-04-28 21:34:12
Windows 6.0.6001 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS541616J9SA00 rev.SB4OC7BP 149,05GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\******~1\AppData\Local\Temp\pxtdrkoc.sys
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
---- Processes - GMER 2.1 ----
Process (*** hidden *** ) [4] 84559910
---- EOF - GMER 2.1 ----
Vielen Dank und beste Grüße |
Lesestoff: