| Jove1711 | 23.06.2013 15:05 |
MSE/alle erkannten Elemente: "PSW:Win32/Zbot.gen!Y"
Hallo,
mein System ist ein betagteres Notebook mit WinXP-SP3 - für eigentlich alles...
Es soll (teilweise) ersetzt werden durch ein neueres, das bereits vorhanden ist; da aber seit einiger Zeit o.g. Fehler vorhanden ist, habe ich mich nicht zur Kopplung übers Netzwerk oder eine externe Platte zwecks Datenübertragung getraut.
Auf dem Rechner laufen MS Security-Essentuals und Die MS Firewall. Er wird an drei Orten, zweimal im Netzwerk hinter eine Fritz-Box, einmal an einem Web-Stick betrieben.
Soweit das allgemeine. Habe, nachdem mir das ganze aufgefallen war, zuerst versucht mit MSE-Scan dem ganzen zu Leibe zu rücken, woraufhin die entsprechende Meldung auch manchmal mehrere Tage nicht mehr erschien. Erschien sowieso nur immer kurz unten rechts mit dem MSE-Hinweis: Keine weiteren Aktionen erforderlich (sinngemäß). Zwei oder dreimal war in den letzten Tagen laut MSE ein Neustart erforderlich, die Meldungen beim Start fast täglich (im wesentlichen über den Web-Stick im Netz).
Edit: Beim div. einloggen in soziale Netzwerke oder auch Banking kann es passieren, muss aber nicht, das der Feuerfuchs ca. eine Minute Bedenkzeit braucht und MsMpEng.exe extreme CPU-Auslastung bis über 70 % verursacht.
Log-Files wurden nach Anweisung erstellt und sind angehängt: Code:
OTL logfile created on: 23.06.2013 11:51:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Joachim\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,94 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 72,32% Memory free
3,72 Gb Paging File | 3,31 Gb Available in Paging File | 88,86% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 52,75 Gb Total Space | 0,70 Gb Free Space | 1,33% Space Free | Partition Type: NTFS
Drive D: | 994,23 Mb Total Space | 559,46 Mb Free Space | 56,27% Space Free | Partition Type: FAT32
Drive E: | 660,13 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: JOACHIM-NB-AMD | User Name: Joachim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.06.23 11:23:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Joachim\Desktop\OTL.exe
PRC - [2013.05.05 11:43:14 | 000,358,968 | ---- | M] () -- C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
PRC - [2013.05.05 11:43:13 | 000,510,520 | ---- | M] () -- C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
PRC - [2013.04.04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2013.03.12 07:32:50 | 000,253,816 | ---- | M] (Oracle Corporation) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\MsMpEng.exe
PRC - [2013.01.27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe
PRC - [2012.12.20 19:44:28 | 000,310,280 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011.07.06 14:34:19 | 000,688,128 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
PRC - [2009.05.11 10:45:18 | 000,024,576 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\HP\HP UT\bin\hppusg.exe
PRC - [2008.11.24 02:00:00 | 000,077,312 | ---- | M] (DATEV eG) -- C:\DATEV\PROGRAMM\B0001442\PSNTServ.exe
PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.03 19:14:44 | 000,065,536 | ---- | M] () -- C:\Programme\Brother\BRAdmin Professional 3\bratimer.exe
PRC - [2005.12.16 10:53:38 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPLpr.exe
PRC - [2005.12.16 10:41:58 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005.07.22 21:36:10 | 000,933,888 | ---- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\ControlCenter2\brctrcen.exe
PRC - [2005.01.27 17:33:58 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\o2flash.exe
========== Modules (No Company Name) ==========
MOD - [2013.05.26 17:53:32 | 000,093,696 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll
MOD - [2013.05.17 01:59:29 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\17440cd05eee7f87026b3c17119eed58\System.Configuration.ni.dll
MOD - [2013.05.17 01:48:40 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\81b85db6e9fe04e4d1c9547b993acfce\System.Windows.Forms.ni.dll
MOD - [2013.05.17 01:29:00 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2013.05.05 11:43:14 | 000,358,968 | ---- | M] () -- C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
MOD - [2013.05.05 11:43:13 | 000,510,520 | ---- | M] () -- C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
MOD - [2013.02.14 09:24:54 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\024c898ad1ccfde466d033c0a08d0564\Microsoft.VisualBasic.ni.dll
MOD - [2013.01.10 13:06:47 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\07de14823c42ee36ffa303d9c89ded36\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2013.01.10 10:08:15 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
MOD - [2013.01.10 10:07:28 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll
MOD - [2013.01.10 10:01:11 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013.01.10 09:58:57 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2011.07.06 14:34:19 | 000,688,128 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
MOD - [2011.06.21 09:42:38 | 000,024,064 | ---- | M] () -- C:\WINDOWS\system32\sst3cl3.dll
MOD - [2011.06.21 04:23:16 | 000,540,672 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\sst3cdu.dll
MOD - [2010.06.28 16:00:23 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
MOD - [2010.06.28 16:00:14 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2007.09.03 19:14:44 | 000,065,536 | ---- | M] () -- C:\Programme\Brother\BRAdmin Professional 3\bratimer.exe
MOD - [2007.08.21 12:59:12 | 000,014,616 | ---- | M] () -- C:\WINDOWS\system32\skypdfmonpro.dll
MOD - [2005.01.27 17:33:58 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\o2flash.exe
MOD - [2002.11.26 14:43:18 | 000,106,496 | ---- | M] () -- C:\WINDOWS\system32\BrMuSNMP.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.06.12 08:20:33 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.17 21:49:15 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.05 11:43:14 | 000,358,968 | ---- | M] () [Auto | Running] -- C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe -- (ALDITALKVerbindungsassistent_Service)
SRV - [2013.04.04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Programme\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009.08.26 02:43:00 | 000,146,016 | ---- | M] (DATEV eG) [On_Demand | Stopped] -- C:\DATEV\PROGRAMM\Install\DvInesASDSvc.Exe -- (DATEV Update-Service)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Programme\Ashampoo\Plus Windows-Optimierer\DfSdkS.exe -- (DfSdkS)
SRV - [2008.11.24 02:00:00 | 000,077,312 | ---- | M] (DATEV eG) [Auto | Running] -- C:\DATEV\PROGRAMM\B0001442\PSNTServ.exe -- (DatevPrintService)
SRV - [2007.09.03 19:14:44 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Programme\Brother\BRAdmin Professional 3\bratimer.exe -- (BRA_Scheduler)
SRV - [2005.01.27 17:33:58 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\o2flash.exe -- (O2Flash)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\MGHwCtrl.sys -- (MGHwCtrl)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013.04.25 21:54:45 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2013.04.25 21:54:45 | 000,106,496 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2013.04.25 21:54:45 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2012.12.18 11:06:00 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2011.12.08 06:22:26 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.12.08 06:22:26 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.12.08 06:22:26 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.12.08 06:22:26 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.12.08 06:22:26 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010.06.25 19:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2010.06.14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008.04.14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2006.01.19 22:10:50 | 000,363,008 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61)
DRV - [2005.12.16 10:52:06 | 001,270,540 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005.12.16 10:50:18 | 000,071,168 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005.12.16 10:40:54 | 002,300,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2005.08.26 20:06:28 | 000,660,992 | R--- | M] (Animation Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVHybrid.sys -- (LVHybrid)
DRV - [2005.03.16 07:47:00 | 000,032,320 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2005.03.16 02:48:40 | 000,023,200 | ---- | M] (O2 Micro ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\o2sd.sys -- (O2SDRDR)
DRV - [2005.03.09 16:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.02.24 13:36:34 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2005.01.19 23:25:38 | 000,965,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004.03.12 20:48:06 | 000,074,400 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\umpusbxp.sys -- (umpusbxp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B37E4D8EA-8BDA-4831-8EA1-89053939A250%7D:3.0.0.2
FF - prefs.js..extensions.enabledAddons: %7BDB2EA31C-58F5-48b7-8D60-CB0739257904%7D:0.25.1
FF - prefs.js..extensions.enabledAddons: fb_add_on%40avm.de:1.7.0
FF - prefs.js..extensions.enabledAddons: %7Ba7c6cf7f-112c-4500-a7ea-39801a327e5f%7D:2.0.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Programme\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.06.04 13:51:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.06.04 13:55:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2013.06.12 08:23:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
[2010.03.02 15:10:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Mozilla\Extensions
[2010.03.02 15:10:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013.06.04 13:33:15 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Mozilla\Firefox\Profiles\kt9z9wz5.default\extensions
[2011.03.01 08:45:15 | 000,000,000 | ---D | M] (PDF Download) -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Mozilla\Firefox\Profiles\kt9z9wz5.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2013.01.02 21:06:23 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Mozilla\Firefox\Profiles\kt9z9wz5.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2013.06.04 13:33:15 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Mozilla\Firefox\Profiles\kt9z9wz5.default\extensions\fb_add_on@avm.de
[2011.03.23 14:09:48 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Mozilla\Firefox\Profiles\kt9z9wz5.default\extensions\nostmp
[2013.06.04 13:33:11 | 000,868,550 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Mozilla\Firefox\Profiles\kt9z9wz5.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
[2012.08.11 13:52:54 | 000,084,005 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Mozilla\Firefox\Profiles\kt9z9wz5.default\extensions\{DB2EA31C-58F5-48b7-8D60-CB0739257904}.xpi
[2013.05.17 21:49:31 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.17 21:49:31 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [HPUsageTracking] C:\Programme\HP\HP UT\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [MSC] c:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [OEM-Reset] File not found
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [KiesAirMessage] C:\Programme\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesPreload] C:\Programme\Samsung\Kies\Kies.exe (Samsung)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Launcher.lnk = C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\SkyUserDevmode-Update.lnk = C:\DATEV\PROGRAMM\B0001401\UpdateDevmode.exe (DATEV eG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135788096890 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1276278501437 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?39810.6369444444 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.21.2)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Joachim\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Joachim\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.12.19 08:16:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004.01.15 10:25:14 | 000,000,053 | ---- | M] () - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2004.01.20 15:50:52 | 000,020,480 | ---- | M] (TARGA GmbH) - D:\Autorun.exe -- [ FAT32 ]
O32 - AutoRun File - [2010.08.17 19:17:50 | 000,000,106 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{bfcceb50-c92e-11de-8fba-0013d3f0fc94}\Shell\AutoRun\command - "" = G:\Toshiba\more4you.exe
O33 - MountPoints2\{d0a0e50a-81f2-11da-b16b-00038a000015}\Shell\AutoRun\command - "" = I:\Autorun.exe
O33 - MountPoints2\{dafda0ee-addd-11e2-9244-0013d3f0fc94}\Shell - "" = AutoRun
O33 - MountPoints2\{dafda0ee-addd-11e2-9244-0013d3f0fc94}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{dafda0ee-addd-11e2-9244-0013d3f0fc94}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (DfSDKBt)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.06.23 11:49:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\CrashDump
[2013.06.23 11:22:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Joachim\Desktop\OTL.exe
[2013.06.18 23:42:07 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Joachim\Recent
[2013.06.12 08:23:20 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Thunderbird
[2013.06.12 08:21:15 | 004,808,816 | ---- | C] (FileZilla Project) -- C:\Dokumente und Einstellungen\Joachim\Desktop\FileZilla_3.7.0.2_win32-setup.exe
[2013.06.05 09:14:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ElsterFormular
[2013.06.04 14:35:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2013.06.04 13:50:13 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2013.06.04 13:50:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple Computer
[2013.06.04 13:12:58 | 074,378,072 | ---- | C] (Landesfinanzdirektion Thüringen) -- C:\Dokumente und Einstellungen\All Users\Dokumente\ElsterFormular-12.4.0.7094k.exe
[2013.06.04 13:01:30 | 135,559,568 | ---- | C] (Landesfinanzdirektion Thüringen) -- C:\Dokumente und Einstellungen\All Users\Dokumente\ElsterFormular-14.3.20130522k.exe
[2013.06.04 12:58:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Joachim\Lokale Einstellungen\Anwendungsdaten\.elfohilfe
[2013.06.04 12:48:48 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2013.06.04 11:29:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\elsterformular
[2013.05.28 07:02:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Lohn & Gehalt 2012
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.06.23 11:28:54 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Joachim\defogger_reenable
[2013.06.23 11:23:45 | 000,377,856 | ---- | M] () -- C:\Dokumente und Einstellungen\Joachim\Desktop\gmer_2.1.19163.exe
[2013.06.23 11:23:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Joachim\Desktop\OTL.exe
[2013.06.23 11:22:28 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Joachim\Desktop\Defogger.exe
[2013.06.23 10:16:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.06.23 10:15:55 | 2079,182,848 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.20 21:33:31 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.06.12 08:39:01 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.06.12 08:21:32 | 004,808,816 | ---- | M] (FileZilla Project) -- C:\Dokumente und Einstellungen\Joachim\Desktop\FileZilla_3.7.0.2_win32-setup.exe
[2013.06.12 08:20:33 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.05 09:48:02 | 000,000,432 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2013.06.05 09:14:50 | 000,000,864 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ElsterFormular.lnk
[2013.06.04 13:15:32 | 074,378,072 | ---- | M] (Landesfinanzdirektion Thüringen) -- C:\Dokumente und Einstellungen\All Users\Dokumente\ElsterFormular-12.4.0.7094k.exe
[2013.06.04 13:06:16 | 135,559,568 | ---- | M] (Landesfinanzdirektion Thüringen) -- C:\Dokumente und Einstellungen\All Users\Dokumente\ElsterFormular-14.3.20130522k.exe
[2013.05.28 18:44:51 | 000,014,203 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\A_***_Gehalt_Differenz_2009-12.ods
[2013.05.28 07:02:23 | 000,001,699 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Lohn & Gehalt 2012.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.06.23 11:28:54 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Joachim\defogger_reenable
[2013.06.23 11:23:42 | 000,377,856 | ---- | C] () -- C:\Dokumente und Einstellungen\Joachim\Desktop\gmer_2.1.19163.exe
[2013.06.23 11:22:25 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Joachim\Desktop\Defogger.exe
[2013.06.05 09:14:50 | 000,000,864 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ElsterFormular.lnk
[2013.06.04 13:35:01 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.05.28 18:44:51 | 000,014,203 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\A_***_Gehalt_Differenz_2009-12.ods
[2013.05.28 07:02:00 | 000,001,699 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Lohn & Gehalt 2012.lnk
[2012.12.18 11:06:10 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2012.08.11 13:29:00 | 000,199,668 | ---- | C] () -- C:\WINDOWS\hppins11.dat
[2012.08.11 13:28:59 | 000,005,707 | ---- | C] () -- C:\WINDOWS\hppmdl11.dat
[2012.07.15 15:24:50 | 000,000,055 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2012.07.15 15:24:50 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2012.05.30 11:42:28 | 000,493,432 | ---- | C] () -- C:\WINDOWS\ssndii.exe
[2012.05.30 11:41:08 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\sst3cl3.dll
[2012.02.16 08:10:05 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.07.31 13:15:56 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011.07.31 13:15:56 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011.07.26 17:26:46 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011.07.26 17:26:46 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011.07.26 17:26:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011.07.26 17:26:46 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2010.06.12 17:40:55 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\$_hpcst$.hpc
[2010.06.11 18:12:49 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\$_hpcst$.hpc
[2010.03.02 16:56:36 | 000,000,898 | ---- | C] () -- C:\Dokumente und Einstellungen\Joachim\.recently-used.xbel
[2007.03.18 16:30:00 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\wklnhst.dat
[2006.10.08 01:52:08 | 000,009,216 | ---- | C] () -- C:\Dokumente und Einstellungen\Joachim\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.06.06 21:12:31 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\Joachim\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
========== ZeroAccess Check ==========
[2005.12.19 08:21:22 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 07:52:26 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2007.07.14 18:56:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bitstream Font Navigator
[2009.04.07 07:50:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2012.07.04 15:37:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CAT5
[2013.06.05 09:13:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2005.12.30 11:27:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fun communications
[2013.02.17 12:12:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Hagos
[2009.12.19 13:54:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ISDNWatch
[2008.03.11 13:42:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Philips
[2013.01.02 21:25:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2007.02.18 13:00:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2007.06.11 06:26:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SkyCom
[2006.01.02 10:21:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2007.07.13 22:23:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\1&1
[2013.06.12 08:20:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\ALDITALKVerbindungsassistent
[2007.10.10 08:45:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\AnotherUnzipper
[2007.10.10 08:45:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\AnotherZipper
[2013.06.04 11:53:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\elsterformular
[2013.06.12 08:33:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\FileZilla
[2009.12.19 14:06:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\FRITZ!
[2009.12.19 13:54:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\FRITZ!fax für FRITZ!Box
[2010.03.02 16:56:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\gtk-2.0
[2010.12.28 21:48:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\IrfanView
[2008.08.31 19:58:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Learn2.com
[2011.08.01 13:10:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\LibreOffice
[2013.04.27 10:27:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Meine Traffic
[2013.06.12 08:45:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Notepad++
[2010.08.28 16:06:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\OpenOffice.org
[2012.07.04 10:33:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Oracle
[2008.02.09 12:49:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\PDFEditorSDK
[2013.01.02 21:21:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Samsung
[2007.02.20 23:15:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\ScanSoft
[2008.11.04 16:23:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\SkyCom
[2013.05.05 11:47:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Temp
[2007.03.18 16:30:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Template
[2010.03.02 15:09:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Thunderbird
[2013.04.27 10:46:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Joachim\Anwendungsdaten\Wireshark
========== Purity Check ==========
< End of report >
Code:
OTL Extras logfile created on: 23.06.2013 11:51:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Joachim\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,94 Gb Total Physical Memory | 1,40 Gb Available Physical Memory | 72,32% Memory free
3,72 Gb Paging File | 3,31 Gb Available in Paging File | 88,86% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 52,75 Gb Total Space | 0,70 Gb Free Space | 1,33% Space Free | Partition Type: NTFS
Drive D: | 994,23 Mb Total Space | 559,46 Mb Free Space | 56,27% Space Free | Partition Type: FAT32
Drive E: | 660,13 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: JOACHIM-NB-AMD | User Name: Joachim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] --
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\DATEV\PROGRAMM\SWS\Limaservice.exe" = C:\DATEV\PROGRAMM\SWS\LimaService.exe:*:Enabled:LimaService.exe -- (DATEV eG)
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\DATEV\PROGRAMM\Install\ExecDll\ExecDllExe.exe" = C:\DATEV\PROGRAMM\Install\ExecDll\ExecDllExe.exe:*:Enabled:ExecDllExe.exe -- (DATEV eG)
"C:\DATEV\PROGRAMM\Install\Uninstal.exe" = C:\DATEV\PROGRAMM\Install\Uninstal.exe:*:Enabled:Uninstal.exe -- (DATEV eG)
"C:\DATEV\PROGRAMM\SWS\LimaServer.exe" = C:\DATEV\PROGRAMM\SWS\LimaServer.exe:*:Enabled:LimaServer.exe -- (DATEV eG)
"C:\DATEV\PROGRAMM\R0000135\EOR.EXE" = C:\DATEV\PROGRAMM\R0000135\EOR:*:Enabled:EOR.exe -- (DATEV e.G.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Philips\Network storage wizard\Philips network storage wizard.exe" = C:\Programme\Philips\Network storage wizard\Philips network storage wizard.exe:*:Enabled:Philips network storage wizard -- (Philips Consumer Electronics)
"C:\Programme\Philips\Intelligent Agent\Philips Intelligent Agent.exe" = C:\Programme\Philips\Intelligent Agent\Philips Intelligent Agent.exe:*:Enabled:Philips Intelligent Agent -- (Philips Consumer Electronics)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\AnalogX\FastCache\fc.exe" = C:\Programme\AnalogX\FastCache\fc.exe:*:Enabled:fc
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\FileZilla FTP Client\filezilla.exe" = C:\Programme\FileZilla FTP Client\filezilla.exe:*:Enabled:FileZilla FTP Client -- (FileZilla Project)
"C:\Programme\Palm\HOTSYNC.EXE" = C:\Programme\Palm\HOTSYNC.EXE:*:Enabled:HotSync® Manager Application -- (Palm, Inc.)
"C:\DATEV\PROGRAMM\SWS\Limaservice.exe" = C:\DATEV\PROGRAMM\SWS\LimaService.exe:*:Enabled:LimaService.exe -- (DATEV eG)
"C:\Programme\FRITZ!\igd_finder.exe" = C:\Programme\FRITZ!\igd_finder.exe:LocalSubNet:Enabled:AVM FRITZ!fax for FRITZ!Box - igd_finder.exe -- ()
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\DATEV\PROGRAMM\Install\Uninstal.exe" = C:\DATEV\PROGRAMM\Install\Uninstal.exe:*:Enabled:Uninstal.exe -- (DATEV eG)
"C:\DATEV\PROGRAMM\SWS\LimaServer.exe" = C:\DATEV\PROGRAMM\SWS\LimaServer.exe:*:Enabled:LimaServer.exe -- (DATEV eG)
"C:\DATEV\PROGRAMM\R0000135\EOR.EXE" = C:\DATEV\PROGRAMM\R0000135\EOR:*:Enabled:EOR.exe -- (DATEV e.G.)
"C:\Programme\CA\Etrust Antivirus\Realmon.exe" = C:\Programme\CA\Etrust Antivirus\Realmon.exe:*:Disabled:Realmon
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Disabled:AOL
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Disabled:AOL
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Disabled:AOL 9.0
"C:\wamp\bin\apache\apache2.2.6\bin\httpd.exe" = C:\wamp\bin\apache\apache2.2.6\bin\httpd.exe:*:Disabled:Apache HTTP Server
"C:\DATEV\PROGRAMM\Install\ExecDll\ExecDllExe.exe" = C:\DATEV\PROGRAMM\Install\ExecDll\ExecDllExe.exe:*:Disabled:ExecDllExe.exe -- (DATEV eG)
"C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server
"C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server
"C:\Programme\FRITZ!\FriFax32.exe" = C:\Programme\FRITZ!\FriFax32.exe:*:Enabled:FRITZ!fax -- (AVM Berlin)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
"E:\setup\HPPNIPRINT01.EXE" = E:\setup\HPPNIPRINT01.EXE:*:Enabled:hppniprint01.exe
"E:\setup\HPPNIPRINT64.EXE" = E:\setup\HPPNIPRINT64.EXE:*:Enabled:hppniprint64.exe
"E:\setup\HPPNICIFS01.EXE" = E:\setup\HPPNICIFS01.EXE:*:Enabled:hppnicifs01.exe
"E:\setup\CustomPrnDnld\HPPCSTPG.EXE" = E:\setup\CustomPrnDnld\HPPCSTPG.EXE:*:Enabled:hppcstpg.exe
"E:\setup\HPBTPG.EXE" = E:\setup\HPBTPG.EXE:*:Enabled:hpbtpg.exe
"E:\setup\LaunchApp.exe" = E:\setup\LaunchApp.exe:*:Enabled:launchapp.exe
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Programme\WISO\Business\Buero Plus NexT\BpNexT.exe" = C:\Programme\WISO\Business\Buero Plus NexT\BpNexT.exe:*:Enabled:Lohn & Gehalt 2012 -- (microtech GmbH)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (DATEV_CL_DE01)
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0881ECE5-DCA1-462D-B515-F1732875EC74}" = DATEV Infragistics Runtime V.3.2
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{13CE6A18-2936-49E5-B10C-148A12C035DD}" = Lohn & Gehalt 2012
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}" = Corel Graphics Suite 11
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{255E0D2A-6AC9-40CB-8F5E-84C8FD7E9DA9}" = hppscanCM1312
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{325D1D94-4F34-46A7-A489-737C801B931D}" = hppusgCM1312
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3BB2AA79-6623-48F4-B288-0CE1C88D40D6}" = O2Micro Flash Memory Card Windows Driver
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows-Journal-Viewer
"{442275EC-C9DE-4AB1-9D9C-A35CE09EE22A}" = TI3410Installer
"{484A13AB-A4C1-41FD-87E0-EBE2DA01250E}" = hppSendFaxCM1312
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{51E89658-5D6B-4F0D-B72B-57863C3AD06C}" = Brother MFL-Pro Suite
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{583EDB12-4CEA-48B5-A7BA-88069DD47BA2}" = hppQFolderCM1312
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}" = Logitech Harmony Remote Software
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C97545-E547-4A8B-B0C8-61FF853270AC}" = PaperPort
"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{75C885D4-C758-4896-A3B4-90DA34B44C31}" = BRAdmin Professional 3
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7985C7FA-B151-4BA7-B19E-1577A7B527F1}" = hppFaxDrvCM1312
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{80BA9DC6-D628-4752-A1C3-15349C71BB42}" = hppManualsCM1312
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}" = HP Color LaserJet CM1312 MFP Series 5.0
"{909B62B0-8ACA-4061-A83B-09CAEF609619}" = MSXML 6.0 Parser
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{995F2783-8311-49BF-833E-DB659774B4F6}" = hppFonts
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A70ABAD3-7887-4F7F-9DA3-80363E70FDC2}" = Buhl Buero komplett
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A925C778-5E00-477D-A282-B772C9E76DC7}" = hppScanToCM1312
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B480BD2A-F1BA-4FE6-8C8E-34C6111B72C9}" = ElsterFormular 2007/2008
"{B4FC780C-94E2-41CB-970D-4B61C1905E5E}" = SQLXML4
"{B645E138-3386-442F-B8A3-5237D82E7365}" = LibreOffice 3.4 Help Pack (German)
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BF638E12-90F1-443D-B93F-51BCCFD487BA}" = hppCLJCM1312
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C5EC81D0-3DED-435D-A46E-E3F60F7DC8AD}" = Palm Desktop
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBBCBE04-EA5E-4201-A924-E7ED3E8686AE}" = ElsterFormular 2006/2007
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D64833F8-860D-4216-8EDC-DD08AD68C0B5}" = LibreOffice 3.4
"{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{ECDC2BC0-0449-48EA-9EBA-95048591DA17}" = hppFaxUtilityCM1312
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F8AEA743-A9CB-453C-9B3C-53D7F1D0CC22}" = B1315AppGuid
"{F917D282-C247-4E91-8ACB-99D13788403B}" = PhoneDesktop
"{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Ralink Wireless LAN Card
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1&1 EasyLogin" = 1&1 EasyLogin
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem v2147DC
"ALDITALKVerbindungsassistent" = ALDI TALK Verbindungsassistent
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"Applian FLV Player2.0.24" = Applian FLV Player
"ATI Display Driver" = ATI Display Driver
"BertramsPLAN" = BertramsPLAN
"CANONBJ_Deinstall_CNMCP5x.DLL" = Canon i9950
"DATEVB00000482.0" = DATEV Installation V.2.72
"DivX Codec" = DivX Codec
"ElsterFormular" = ElsterFormular
"FileZilla Client" = FileZilla Client 3.7.0.2
"FRITZ! 2.0" = AVM FRITZ!fax für FRITZ!Box
"GPL Ghostscript 8.71" = GPL Ghostscript 8.71
"HAGOS-Katalog" = HAGOS-Katalog Ausgabe August 2011
"HAGOS-Katalog-Cat5" = HAGOS-Katalog-Cat5 Ausgabe Januar 2013
"HAGOSKeramik" = HAGOSKeramik Ausgabe Januar 2013
"HAPROF" = HAPROF 5.40
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}" = CorelDRAW Graphics Suite 11
"InstallShield_{3BB2AA79-6623-48F4-B288-0CE1C88D40D6}" = O2Micro Flash Memory Card Windows Driver
"InstallShield_{442275EC-C9DE-4AB1-9D9C-A35CE09EE22A}" = TI3410Installer
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"IrfanView" = IrfanView (remove only)
"LetsTrade" = LetsTrade Komponenten
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MeineTraffic" = Meine Traffic 2.20
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Notepad++" = Notepad++
"Philips Intelligent Agent_is1" = Philips Intelligent Agent
"Philips Network Attached Storage_is1" = Philips network storage wizard
"Plus Windows-Optimierer_is1" = Plus Windows-Optimierer
"RealPlayer 6.0" = RealPlayer Basic
"Samsung CLP-320 Series" = Wartung Samsung CLP-320 Series
"Shop for HP Supplies" = Shop for HP Supplies
"SIPPS!UninstallKey" = SIPPS
"sv.net" = sv.net
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ThumbsPlus 2002" = ThumbsPlus Version 2002-R (Standard-Edition)
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.8.6 (32-bit)
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20.06.2013 16:25:49 | Computer Name = JOACHIM-NB-AMD | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich -678153289.
Error - 21.06.2013 01:40:29 | Computer Name = JOACHIM-NB-AMD | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile,
P4 4.2.223.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
Error - 21.06.2013 01:40:29 | Computer Name = JOACHIM-NB-AMD | Source = MPSampleSubmission | ID = 5000
Description = EventType antimalwaresettingschange, P1 2147632168, P2 NIL, P3 NIL,
P4 NIL, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.
Error - 21.06.2013 01:40:41 | Computer Name = JOACHIM-NB-AMD | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 4.2.223.0, P3 timeout, P4 1.1.9607.0, P5 fixed, P6 1 _ 2048, P7 5 _ not boot,
P8 NIL, P9 NIL, P10 NIL.
Error - 21.06.2013 01:40:41 | Computer Name = JOACHIM-NB-AMD | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 4.2.223.0, P3 timeout, P4 1.1.9607.0, P5 fixed, P6 1 _ 2048, P7 5 _ not boot,
P8 NIL, P9 NIL, P10 NIL.
Error - 21.06.2013 01:40:42 | Computer Name = JOACHIM-NB-AMD | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 4.2.223.0, P3 timeout, P4 1.1.9607.0, P5 fixed, P6 1 _ 2048, P7 5 _ not boot,
P8 NIL, P9 NIL, P10 NIL.
Error - 21.06.2013 01:40:42 | Computer Name = JOACHIM-NB-AMD | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 4.2.223.0, P3 timeout, P4 1.1.9607.0, P5 fixed, P6 1 _ 2048, P7 5 _ not boot,
P8 NIL, P9 NIL, P10 NIL.
Error - 21.06.2013 01:40:42 | Computer Name = JOACHIM-NB-AMD | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 4.2.223.0, P3 passthrough, P4 1.1.9607.0, P5 fixed, P6 1 _ 2048, P7 5 _ not
boot, P8 NIL, P9 NIL, P10 NIL.
Error - 21.06.2013 04:39:58 | Computer Name = JOACHIM-NB-AMD | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 4.2.223.0, P3 timeout, P4 1.1.9607.0, P5 fixed, P6 1 _ 2048, P7 5 _ not boot,
P8 NIL, P9 NIL, P10 NIL.
Error - 21.06.2013 04:40:01 | Computer Name = JOACHIM-NB-AMD | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile,
P4 4.2.223.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
[ System Events ]
Error - 20.06.2013 21:50:31 | Computer Name = JOACHIM-NB-AMD | Source = Service Control Manager | ID = 7034
Description = Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits
3 Mal passiert.
Error - 21.06.2013 01:05:31 | Computer Name = JOACHIM-NB-AMD | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß
gestartet.
Error - 21.06.2013 01:40:37 | Computer Name = JOACHIM-NB-AMD | Source = Microsoft Antimalware | ID = 3002
Description = Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt
Feature:
%%834 Fehlercode: 0x80004005 Fehlerbeschreibung: Unbekannter Fehler Grund: %%838
Error - 21.06.2013 01:45:10 | Computer Name = JOACHIM-NB-AMD | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß
gestartet.
Error - 22.06.2013 02:39:26 | Computer Name = JOACHIM-NB-AMD | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß
gestartet.
Error - 22.06.2013 02:47:12 | Computer Name = JOACHIM-NB-AMD | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.153.274.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.9607.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 22.06.2013 14:12:36 | Computer Name = JOACHIM-NB-AMD | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.153.274.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.9607.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 23.06.2013 04:11:15 | Computer Name = JOACHIM-NB-AMD | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.153.274.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.9607.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 23.06.2013 04:18:49 | Computer Name = JOACHIM-NB-AMD | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß
gestartet.
Error - 23.06.2013 04:27:55 | Computer Name = JOACHIM-NB-AMD | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.153.274.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.9607.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
< End of report >
Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-06-23 13:53:07
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD600UE-22HCT0 rev.09.07D09 55,89GB
Running: gmer_2.1.19163.exe; Driver: C:\DOKUME~1\Joachim\LOKALE~1\Temp\ufddapow.sys
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys
Device mrxsmb.sys
Device Fastfat.SYS
AttachedDevice fltmgr.sys
Device Cdfs.SYS
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 961357
---- EOF - GMER 2.1 ----
Ich hoffe auch mir kann jemand weiterhelfen und sage schon mal Danke!
Gruß Joachim
P.S. Bin kein Youngster mehr, denke aber ein bisschen Rechner-Erfahrung zu haben... |
Bitte lesen:
SecurityCheck und:
