Ich habe auf eine Anweisung gehofft "Sollte Defogger dir eine Fehlermeldung ausgeben, poste bitte die defogger_disable Log von deinem Desktop.
Klicke den Re-enable Button nicht ohne Anweisung."
Denn Defogger hat nichts neu gestartet...
Aber nun hab ich folgendes Problem: http://img521.imageshack.us/img521/3871/img0081yq.jpg
Ich kann rein gar nichts mehr machen...
Werde gleich mal den abgesicherten Modus antesten...
OTL.txt (im abgesicherten Modus erstellt):OTL Logfile: Code:
OTL logfile created on: 27.10.2011 08:40:57 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = G:\Software\Windows
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,47 Gb Available Physical Memory | 82,24% Memory free
6,19 Gb Paging File | 5,88 Gb Available in Paging File | 94,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 216,41 Gb Total Space | 158,45 Gb Free Space | 73,22% Space Free | Partition Type: NTFS
Drive D: | 107,22 Gb Total Space | 107,13 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
Drive E: | 664,14 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 7,47 Gb Total Space | 3,25 Gb Free Space | 43,56% Space Free | Partition Type: FAT32
Computer Name: xy-PC | User Name: xy| Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found -- C:\Windows\1497257308:2745876902.exe
PRC - [2011.10.27 07:31:46 | 000,283,648 | ---- | M] () -- C:\Programme\LP\936B\0A0.exe
PRC - [2011.10.27 07:31:39 | 000,190,464 | ---- | M] () -- C:\Programme\CCC28\lvvm.exe
PRC - [2011.10.27 07:31:18 | 000,173,056 | ---- | M] () -- C:\Users\YX\AppData\Roaming\B4CCC\F1193.exe
PRC - [2011.10.26 16:29:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- G:\Software\Windows\OTL.exe
PRC - [2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2006.11.02 14:36:04 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
========== Modules (No Company Name) ==========
MOD - [2011.10.27 07:31:46 | 000,283,648 | ---- | M] () -- C:\Programme\LP\936B\0A0.exe
MOD - [2011.10.27 07:31:39 | 000,190,464 | ---- | M] () -- C:\Programme\CCC28\lvvm.exe
MOD - [2011.10.27 07:31:18 | 000,173,056 | ---- | M] () -- C:\Users\YX\AppData\Roaming\B4CCC\F1193.exe
MOD - [2006.11.02 11:46:10 | 000,227,328 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010.05.09 14:48:07 | 001,452,944 | ---- | M] (mquadr.at softwareengineering und consulting gmbh) [Auto | Stopped] -- C:\Windows\System32\ieconfig_1und1_svc.exe -- (serviceIEConfig)
SRV - [2009.05.06 11:11:20 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2008.03.26 15:34:45 | 000,148,992 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2008.03.07 12:00:05 | 000,070,656 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2006.12.08 11:52:04 | 000,208,896 | ---- | M] (Fujitsu Siemens Computers) [Auto | Stopped] -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
========== Driver Services (SafeList) ==========
DRV - [2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2008.10.09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008.09.22 03:20:42 | 000,043,520 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fetnd6v.sys -- (FETND6V)
DRV - [2008.03.04 13:28:49 | 000,079,424 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2008.02.18 17:07:53 | 000,049,472 | ---- | M] (Avira GmbH) [File_System | On_Demand | Stopped] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2007.11.08 19:03:26 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007.07.02 17:37:10 | 000,131,616 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007.07.02 17:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007.06.13 23:47:12 | 000,048,256 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2007.06.01 17:46:00 | 007,479,008 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.03.26 15:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ViPrt.sys -- (ViPrt)
DRV - [2007.03.26 15:26:00 | 000,016,896 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ViBus.sys -- (ViBus)
DRV - [2007.02.27 15:24:55 | 000,011,840 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/home
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://go.gmx.net/tab2 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://home.1und1.de/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:54545
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\YX\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\YX\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ==========
CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\YX\AppData\Local\Google\Chrome\Application\14.0.835.186\gcswf32.dll
CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U17 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\YX\AppData\Local\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\YX\AppData\Local\Google\Chrome\Application\14.0.835.186\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\YX\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O2 - BHO: (1&&1 Internet AG Browser Configuration by mquadr.at) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\System32\ieconfig_1und1.dll (mquadr.at softwareengineering und consulting gmbh)
O3 - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [0A0.exe] C:\Programme\LP\936B\0A0.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [F6sWK7fRLgXjCkB] C:\Users\YX\AppData\Roaming\svhostu.exe ()
O4 - HKLM..\Run: [gG5sQJ6dE8R9YwU8234A] C:\Windows\System32\dekIVrzONxuSoFp.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [lt6ow0jc.exe] C:\Users\YX\AppData\Roaming\lt6ow0jc.exe (Alcatel Microelectronics)
O4 - HKCU..\Run: [vasja] C:\Users\YX\Desktop\0.9056710880911472.exe (Home)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\system32\pnrpnsp.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA7E6FA1-2790-4FD2-BF0E-221DB4B3954A}: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\YX\AppData\Roaming\B4CCC\F1193.exe) -C:\Users\YX\AppData\Roaming\B4CCC\F1193.exe ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007.04.26 14:02:32 | 000,191,826 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2011.06.20 07:52:08 | 000,000,061 | RHS- | M] () - G:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{77929b51-ffdf-11e0-b22d-806e6f6e6963}\Shell\AutoRun\command - "" = 1j038ki.exe
O33 - MountPoints2\{77929b51-ffdf-11e0-b22d-806e6f6e6963}\Shell\open\Command - "" = 1j038ki.exe
O33 - MountPoints2\{a9b99377-2c7b-11dd-bad4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a9b99377-2c7b-11dd-bad4-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2005.04.27 20:38:10 | 000,401,408 | R--- | M] (Hewlett-Packard)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {11775326-DDFD-465E-9DF5-00EE8605E24D} - GMX Browser Add-on
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {65331F58-91DC-4555-AEFB-840EB40D0022} - GMX Update
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX: >{D507B452-F6F2-477B-AFCF-C12FC21A2782} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: 1und1 Update - hkey= - key= - C:\Programme\1&1\LiveUpdate\m2LUTray.exe (mquadr.at software engineering und consulting GmbH)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: GMX Update - hkey= - key= - C:\Programme\GMX\LiveUpdate\m2LUTray.exe ()
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\YX\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Programme\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Programme\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: PDFPrint - hkey= - key= - C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: toolbar_eula_launcher - hkey= - key= - File not found
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - StartUpReg: zeiv.exe - hkey= - key= - C:\Users\YX\AppData\Roaming\Haleok\zeiv.exe ()
MsConfig - State: "startup" - 2
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\Windows\System32\
[2011.10.27 07:37:02 | 000,000,000 | ---D | C] -- C:\Users\YX\AppData\Roaming\vdEK8gRZ9YwUeOt
[2011.10.27 07:37:02 | 000,000,000 | ---D | C] -- C:\Users\YX\AppData\Roaming\qNyxA0uvSoFpGsJ
[2011.10.27 07:31:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCC28
[2011.10.27 07:31:11 | 000,000,000 | ---D | C] -- C:\Users\YX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Security 2011
[2011.10.27 07:31:10 | 000,000,000 | ---D | C] -- C:\Users\YX\AppData\Roaming\pL8gTZqhYwIr
[2011.10.27 07:31:10 | 000,000,000 | ---D | C] -- C:\Users\YX\AppData\Roaming\DcA1uvD2oFpHJd
[2011.10.27 07:31:05 | 000,000,000 | ---D | C] -- C:\Users\YX\AppData\Roaming\kOBtxP0yc1b3n4Q
[2011.10.27 07:31:04 | 000,000,000 | ---D | C] -- C:\Users\YX\AppData\Roaming\a3onF4amHsJfLgZ
[2011.10.27 07:30:59 | 000,000,000 | ---D | C] -- C:\Users\YX\AppData\Roaming\B4CCC
[2011.10.27 07:30:56 | 000,000,000 | ---D | C] -- C:\Program Files\LP
[2011.10.27 07:30:55 | 000,000,000 | ---D | C] -- C:\Users\YX\AppData\Roaming\Oline
[2011.10.27 07:30:55 | 000,000,000 | ---D | C] -- C:\Users\YX\AppData\Roaming\Acesu
[2011.10.27 07:30:53 | 000,165,376 | ---- | C] (Alcatel Microelectronics) -- C:\Users\YX\AppData\Roaming\lt6ow0jc.exe
[2011.10.27 07:30:51 | 000,168,960 | ---- | C] (Home) -- C:\Users\YX\Desktop\0.9056710880911472.exe
[2011.10.27 07:30:51 | 000,165,376 | ---- | C] (Alcatel Microelectronics) -- C:\Users\YX\Desktop\0.64406117213402.exe
[2011.10.27 07:30:50 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.10.26 16:34:38 | 000,000,000 | ---D | C] -- C:\Users\YX\Desktop\LOGs
[2011.10.26 13:35:46 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\YX\Desktop\mbam-setup-1.51.2.1300.exe
[2011.10.26 13:34:54 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\YX\Desktop\HiJackThis204.exe
[2011.10.26 13:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiVir PersonalEdition Classic
[2011.10.26 13:31:37 | 000,079,424 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.10.26 13:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.10.26 13:24:32 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.10.26 13:23:16 | 000,000,000 | ---D | C] -- C:\Users\YX\AppData\Roaming\Malwarebytes
[2011.10.26 13:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.26 13:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.10.26 13:23:07 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.10.26 13:23:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.10.26 13:20:45 | 000,200,976 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2011.10.26 12:18:26 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.10.26 11:56:39 | 000,000,000 | ---D | C] -- C:\Users\YX\Desktop\Neuer Ordner
[2011.10.20 18:33:13 | 000,000,000 | ---D | C] -- C:\Users\YX\AppData\Roaming\Haleok
[2011.10.20 18:33:13 | 000,000,000 | ---D | C] -- C:\Users\YX\AppData\Roaming\Axso
[2011.10.18 21:49:59 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\Windows\System32\
[2011.10.27 08:15:19 | 000,667,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.10.27 08:15:19 | 000,159,266 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.10.27 08:15:18 | 000,837,386 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.10.27 08:15:18 | 000,177,586 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.10.27 08:08:50 | 000,000,000 | ---- | M] () -- C:\Windows\1497257308
[2011.10.27 08:08:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.27 07:36:56 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.27 07:36:56 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.27 07:31:12 | 000,001,213 | ---- | M] () -- C:\Users\YX\AppData\Roaming\ldr.ini
[2011.10.27 07:31:05 | 000,099,840 | ---- | M] () -- C:\Users\YX\AppData\Roaming\svhostu.exe
[2011.10.27 07:31:04 | 001,776,640 | ---- | M] () -- C:\Windows\System32\dekIVrzONxuSoFp.exe
[2011.10.27 07:31:00 | 000,283,648 | ---- | M] () -- C:\Users\YX\Desktop\0.6136625930725045.exe
[2011.10.27 07:30:55 | 000,168,960 | ---- | M] (Home) -- C:\Users\YX\Desktop\0.9056710880911472.exe
[2011.10.27 07:30:53 | 000,000,008 | ---- | M] () -- C:\Users\YX\AppData\Roaming\cbawfxrmd876sqdc.dat
[2011.10.27 07:30:52 | 000,165,376 | ---- | M] (Alcatel Microelectronics) -- C:\Users\YX\AppData\Roaming\lt6ow0jc.exe
[2011.10.27 07:30:52 | 000,165,376 | ---- | M] (Alcatel Microelectronics) -- C:\Users\YX\Desktop\0.64406117213402.exe
[2011.10.27 07:25:01 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1320125211-2353226351-2167843232-1000UA.job
[2011.10.26 19:38:17 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1320125211-2353226351-2167843232-1000Core.job
[2011.10.26 16:37:07 | 000,000,000 | ---- | M] () -- C:\Users\YX\defogger_reenable
[2011.10.26 13:38:38 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.10.26 13:36:24 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.26 13:35:49 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\YX\Desktop\mbam-setup-1.51.2.1300.exe
[2011.10.26 13:34:55 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\YX\Desktop\HiJackThis204.exe
[2011.10.26 13:31:42 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\AntiVir PE Classic.lnk
[2011.10.26 13:20:42 | 000,000,036 | ---- | M] () -- C:\Users\YX\AppData\Local\housecall.guid.cache
[2011.10.26 11:55:42 | 103,714,870 | ---- | M] () -- C:\Users\YX\Desktop\EmsisoftEmergencyKit.zip
[2011.10.24 19:41:31 | 000,025,099 | ---- | M] () -- C:\Users\YX\Desktop\Bestandsregister Schweine.odt
[2011.10.23 21:37:08 | 000,001,898 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.10.23 10:05:43 | 000,014,946 | ---- | M] () -- C:\Users\YX\Desktop\Mieteinnahmen Schmmüllingstr.ods
[2011.10.17 13:00:39 | 000,000,215 | ---- | M] () -- C:\Users\YX\Desktop\freenetMail E-Mail, SMS, Fax, Mobil - kostenlos anmelden.url
[2011.10.16 13:21:41 | 000,016,953 | ---- | M] () -- C:\Users\YX\Desktop\Pflanzenschutz.odt
[2011.10.14 19:59:07 | 048,324,552 | ---- | M] () -- C:\Windows\System32\mrt.exe
[2011.10.14 19:35:26 | 234,480,917 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.10.02 13:19:48 | 000,000,000 | -HS- | M] () -- C:\Windows\{2521BB91-29B1-4d7e-9137-AC9875D77735}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.10.27 07:31:11 | 000,001,213 | ---- | C] () -- C:\Users\YX\AppData\Roaming\ldr.ini
[2011.10.27 07:31:05 | 000,099,840 | ---- | C] () -- C:\Users\YX\AppData\Roaming\svhostu.exe
[2011.10.27 07:31:04 | 001,776,640 | ---- | C] () -- C:\Windows\System32\dekIVrzONxuSoFp.exe
[2011.10.27 07:30:59 | 000,283,648 | ---- | C] () -- C:\Users\YX\Desktop\0.6136625930725045.exe
[2011.10.27 07:30:53 | 000,000,008 | ---- | C] () -- C:\Users\YX\AppData\Roaming\cbawfxrmd876sqdc.dat
[2011.10.26 16:37:07 | 000,000,000 | ---- | C] () -- C:\Users\YX\defogger_reenable
[2011.10.26 13:31:42 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\AntiVir PE Classic.lnk
[2011.10.26 13:23:11 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.26 13:20:42 | 000,000,036 | ---- | C] () -- C:\Users\YX\AppData\Local\housecall.guid.cache
[2011.10.26 11:55:37 | 103,714,870 | ---- | C] () -- C:\Users\YX\Desktop\EmsisoftEmergencyKit.zip
[2011.10.23 21:37:08 | 000,001,898 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.10.23 21:37:07 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.10.02 13:19:48 | 000,000,000 | -HS- | C] () -- C:\Windows\{2521BB91-29B1-4d7e-9137-AC9875D77735}
[2011.10.02 13:19:30 | 000,000,000 | ---- | C] () -- C:\Windows\1497257308
[2009.06.11 13:31:44 | 000,024,206 | ---- | C] () -- C:\Users\YX\AppData\Roaming\UserTile.png
[2008.12.21 22:24:13 | 000,004,608 | ---- | C] () -- C:\Users\YX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.05.30 09:31:26 | 000,164,377 | ---- | C] () -- C:\Windows\hpoins19.dat
[2008.05.28 09:19:56 | 000,260,531 | ---- | C] () -- C:\Windows\System32\ADINIT.DAT
[2008.05.28 09:19:56 | 000,171,887 | ---- | C] () -- C:\Windows\System32\geocalc.dat
[2008.05.28 09:19:56 | 000,061,440 | ---- | C] () -- C:\Windows\System32\GVRES32.dll
[2008.01.23 04:22:21 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll
[2007.03.13 22:01:59 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2006.11.02 17:33:31 | 000,837,386 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,177,586 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,279,776 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,667,980 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,159,266 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:24:01 | 048,324,552 | ---- | C] () -- C:\Windows\System32\mrt.exe
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006.08.11 10:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
========== LOP Check ==========
[2011.10.27 07:31:04 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\a3onF4amHsJfLgZ
[2011.10.27 07:30:55 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\Acesu
[2008.05.28 09:30:29 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\AOMobil
[2011.10.24 21:34:09 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\Axso
[2011.10.27 07:31:18 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\B4CCC
[2011.10.27 07:31:10 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\DcA1uvD2oFpHJd
[2011.10.20 18:33:13 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\Haleok
[2011.07.03 13:41:20 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\Image Zone Express
[2011.10.27 07:31:05 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\kOBtxP0yc1b3n4Q
[2011.10.27 07:30:55 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\Oline
[2009.03.06 14:53:02 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\OpenOffice.org
[2011.10.27 07:31:11 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\pL8gTZqhYwIr
[2008.06.06 23:22:29 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\Printer Info Cache
[2011.10.27 07:37:02 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\qNyxA0uvSoFpGsJ
[2009.05.17 12:11:10 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\TeamViewer
[2011.10.27 07:37:02 | 000,000,000 | ---D | M] -- C:\Users\YX\AppData\Roaming\vdEK8gRZ9YwUeOt
[2011.10.26 19:38:41 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2008.05.28 08:19:00 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2008.06.03 15:15:03 | 000,000,000 | ---D | M] -- C:\Big Fish Games
[2008.01.23 13:08:58 | 000,000,000 | -HSD | M] -- C:\Boot
[2011.10.25 19:14:37 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2008.05.28 08:15:43 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2008.01.23 04:22:44 | 000,000,000 | R--D | M] -- C:\DRIVER
[2008.05.28 08:20:30 | 000,000,000 | ---D | M] -- C:\ebay
[2011.03.20 10:44:46 | 000,000,000 | ---D | M] -- C:\ELAN_NW
[2008.05.28 08:20:30 | 000,000,000 | ---D | M] -- C:\FirstSteps
[2008.01.23 04:24:47 | 000,000,000 | ---D | M] -- C:\GDATA
[2008.05.28 08:20:40 | 000,000,000 | ---D | M] -- C:\Google
[2008.01.23 04:22:44 | 000,000,000 | R--D | M] -- C:\MANUAL
[2008.05.28 08:22:46 | 000,000,000 | ---D | M] -- C:\nero
[2008.01.23 04:31:44 | 000,000,000 | ---D | M] -- C:\Off2007HSt
[2011.10.27 07:31:20 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.10.26 13:31:35 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2008.05.28 08:15:43 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.10.27 08:29:04 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2008.01.23 14:38:48 | 000,000,000 | ---D | M] -- C:\TMP
[2008.05.28 08:18:41 | 000,000,000 | R--D | M] -- C:\Users
[2011.10.27 07:30:50 | 000,000,000 | ---D | M] -- C:\Windows
[2008.01.23 04:17:29 | 000,000,000 | ---D | M] -- C:\x86
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.manifest /3 >
< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007.11.03 01:52:27 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007.11.03 01:52:27 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
< MD5 for: REGEDIT.EXE >
[2006.11.02 11:45:35 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=F13123E76FDA33E55F11E0EB832E832A -- C:\Windows\regedit.exe
[2006.11.02 11:45:35 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=F13123E76FDA33E55F11E0EB832E832A -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6000.16386_none_f1f7f368deed95c3\regedit.exe
< MD5 for: USERINIT.EXE >
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WININIT.EXE >
[2007.11.03 01:17:50 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=39D959CD9F3BC44F78DB3C6588AAC3FE -- C:\Windows\System32\wininit.exe
[2007.11.03 01:17:50 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=39D959CD9F3BC44F78DB3C6588AAC3FE -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.20593_none_2f37c4ba208e02ab\wininit.exe
[2006.11.02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
< MD5 for: WINLOGON.EXE >
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2007.11.03 01:17:50 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=A3FEA6ED9FD3CF07219A632E4A716226 -- C:\Windows\System32\winlogon.exe
[2007.11.03 01:17:50 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=A3FEA6ED9FD3CF07219A632E4A716226 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.20593_none_6e080d01f12ed7fe\winlogon.exe
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install >
"LastSuccessTime" = 2011-10-26 17:38:40
"LastError" = 0
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB40435$] -> Error: Cannot create file handle -> Unknown point type
========== Alternate Data Streams ==========
@Alternate Data Stream - 816 bytes -> C:\Windows\1497257308:2745876902.exe
< End of report > --- --- ---
Extras.txt(im abgesicherten Modus erstellt):OTL Logfile: Code:
OTL Extras logfile created on: 27.10.2011 08:40:57 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = G:\Software\Windows
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,47 Gb Available Physical Memory | 82,24% Memory free
6,19 Gb Paging File | 5,88 Gb Available in Paging File | 94,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 216,41 Gb Total Space | 158,45 Gb Free Space | 73,22% Space Free | Partition Type: NTFS
Drive D: | 107,22 Gb Total Space | 107,13 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
Drive E: | 664,14 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 7,47 Gb Total Space | 3,25 Gb Free Space | 43,56% Space Free | Partition Type: FAT32
Computer Name: GARBERT-PC | User Name: Garbert | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{017A3543-CC36-4347-A0CC-761FC333957A}" = lport=139 | protocol=6 | dir=in | app=system |
"{28FDBB23-2300-426B-9666-9F9D62C6DA86}" = rport=138 | protocol=17 | dir=out | app=system |
"{33295F91-7A61-4EB6-B59C-378DB01A685A}" = rport=139 | protocol=6 | dir=out | app=system |
"{50F68251-18A0-40BD-BFDE-810392023C31}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{59D9980C-C355-478F-954D-ED23F1D596B8}" = rport=137 | protocol=17 | dir=out | app=system |
"{64D0EBCD-9A06-4F44-85D2-F18C19CF5939}" = lport=138 | protocol=17 | dir=in | app=system |
"{734075CA-2547-4DF2-BC45-31BEBF67CDF3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{753D2A30-6876-493C-B888-97393EA391DE}" = lport=445 | protocol=6 | dir=in | app=system |
"{7A4004B4-F622-4684-8718-1854C590F717}" = rport=445 | protocol=6 | dir=out | app=system |
"{D5D88FA6-DF0D-4E9E-B61B-3CFC0402B6A2}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{22FC6656-B24C-4A32-B204-0AD75165DC13}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4BF43035-E2DF-46EE-84E0-3C2E17B60D72}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{83D32F0A-AA79-43B9-91DD-EF1A3D1C9CC6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BC86582B-5800-4655-954D-F4B7500DD348}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{000BB303-E1DB-4A5B-9391-48B28AC08875}C:\program files\java\jre6\bin\jucheck.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\jucheck.exe |
"TCP Query User{06647C14-B04F-4164-B9C6-F34F35424485}C:\users\garbert\appdata\local\temp\googletoolbarinstaller_en32_signed.exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\local\temp\googletoolbarinstaller_en32_signed.exe |
"TCP Query User{0FC8D9AC-6EC1-4E3E-9F82-1422B2E98BD0}C:\program files\ccc28\lvvm.exe" = protocol=6 | dir=in | app=c:\program files\ccc28\lvvm.exe |
"TCP Query User{0FE06FE6-B66C-46E6-8434-D6CC4EC77793}C:\program files\1&1\liveupdate\m2lutray.exe" = protocol=6 | dir=in | app=c:\program files\1&1\liveupdate\m2lutray.exe |
"TCP Query User{167090EC-203E-410E-B4BE-5ABF3FCA0428}C:\users\garbert\appdata\local\google\update\googleupdate.exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\local\google\update\googleupdate.exe |
"TCP Query User{1893BA36-6338-4818-A900-0FB90C7C9624}C:\program files\google\google toolbar\component\googletoolbarmanager_4e7d715d860e20e1.exe" = protocol=6 | dir=in | app=c:\program files\google\google toolbar\component\googletoolbarmanager_4e7d715d860e20e1.exe |
"TCP Query User{1F117856-F19E-45B9-9B25-BEC66979B65F}C:\users\garbert\appdata\local\temp\0.311055798381219exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\local\temp\0.311055798381219exe |
"TCP Query User{2215DB90-AC95-4461-A5CC-075357FD1F9A}C:\windows\system32\dekivrzonxusofp.exe" = protocol=6 | dir=in | app=c:\windows\system32\dekivrzonxusofp.exe |
"TCP Query User{2547BD5B-92A5-4232-BDA2-CE6F3EB355AA}C:\users\garbert\appdata\local\temp\7zs2906.tmp\setup.exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\local\temp\7zs2906.tmp\setup.exe |
"TCP Query User{2779A0CF-C103-4D4C-A1FA-35C84B436F30}C:\program files\gmx\liveupdate\m2lutray.exe" = protocol=6 | dir=in | app=c:\program files\gmx\liveupdate\m2lutray.exe |
"TCP Query User{28EA8CFA-D5E2-43BE-9C4D-99C9728E83D9}C:\program files\google\update\googleupdate.exe" = protocol=6 | dir=in | app=c:\program files\google\update\googleupdate.exe |
"TCP Query User{2ADB4D98-1E7C-4F79-9C00-F2FAF61A888C}C:\windows\system32\werfault.exe" = protocol=6 | dir=in | app=c:\windows\system32\werfault.exe |
"TCP Query User{313206E2-0781-48CD-9D09-23B8363ADEA6}C:\users\garbert\appdata\roaming\lt6ow0jc.exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\roaming\lt6ow0jc.exe |
"TCP Query User{34B375D9-8C1C-4CFC-984A-AEC706B431C0}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{369CC55C-DE6E-48C9-8086-2DC3758DDA35}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{39376ABC-33B4-4CF2-A2FC-54CB5698AF76}C:\users\garbert\appdata\local\temp\gumf571.tmp\googleupdate.exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\local\temp\gumf571.tmp\googleupdate.exe |
"TCP Query User{3BC6EB6E-F924-4E2C-9190-B387F90E674D}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{3C5E34A6-5553-4C19-9C51-6605E6DE5112}C:\users\garbert\appdata\local\temp\svhostu.exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\local\temp\svhostu.exe |
"TCP Query User{41C4E375-E89C-47FF-97B8-D925543D1D1B}C:\users\garbert\appdata\local\temp\rarsfx0\setup.exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\local\temp\rarsfx0\setup.exe |
"TCP Query User{47DF1270-A967-4E63-84B6-94ED89524A89}C:\program files\avira\antivir desktop\ipmgui.exe" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\ipmgui.exe |
"TCP Query User{4899E999-EF79-4300-B04A-F519BD2254F8}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{4BFCE9DB-DA7A-4AEE-B9FB-1AAACE284BD7}C:\users\garbert\appdata\local\temp\install_reader10_de_gtba_aih[1].exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\local\temp\install_reader10_de_gtba_aih[1].exe |
"TCP Query User{4D954606-1971-4AC8-94E1-A08C26D9E0E1}C:\users\garbert\appdata\local\temp\7zs4e88.tmp\setup.exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\local\temp\7zs4e88.tmp\setup.exe |
"TCP Query User{54FF02F7-F455-47DD-93F7-48229B66D105}C:\program files\lp\936b\0a0.exe" = protocol=6 | dir=in | app=c:\program files\lp\936b\0a0.exe |
"TCP Query User{553336A9-D2C9-4200-9A4B-3202899DA99B}C:\program files\malwarebytes' anti-malware\mbam.exe" = protocol=6 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |
"TCP Query User{5BE5DA3B-1A7B-4A5D-B037-A66AB87A0D99}C:\users\garbert\appdata\local\google\update\googleupdate.exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\local\google\update\googleupdate.exe |
"TCP Query User{5DE914E2-1066-44BE-8A04-9ED50957F44B}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{633EFFEB-36A1-40A4-9D32-608E48420B04}C:\users\garbert\desktop\0.9056710880911472.exe" = protocol=6 | dir=in | app=c:\users\garbert\desktop\0.9056710880911472.exe |
"TCP Query User{6997E525-02F9-4893-A185-D33B59C36064}C:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe" = protocol=6 | dir=in | app=c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe |
"TCP Query User{6DE62BAF-6686-4630-AE7A-5C738F1D20F5}C:\windows\system32\wermgr.exe" = protocol=6 | dir=in | app=c:\windows\system32\wermgr.exe |
"TCP Query User{7ED9675F-FBC2-4B5E-9F4D-24D194025F60}C:\program files\1&1\liveupdate\m2lutray.exe" = protocol=6 | dir=in | app=c:\program files\1&1\liveupdate\m2lutray.exe |
"TCP Query User{80D76B55-32C8-42D9-B8B5-5E593B60932B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{810E63DC-11B7-4DD0-A1C9-E210AA414838}C:\windows\system32\dekivrzonxusofp.exe" = protocol=6 | dir=in | app=c:\windows\system32\dekivrzonxusofp.exe |
"TCP Query User{8164DE2D-9763-49F8-BFD9-9E9E4A492441}C:\users\garbert\appdata\roaming\b4ccc\f1193.exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\roaming\b4ccc\f1193.exe |
"TCP Query User{85517CB6-6F67-4DB2-8A94-E63A10D3D28E}C:\program files\adobe\reader 10.0\reader\acrord32.exe" = protocol=6 | dir=in | app=c:\program files\adobe\reader 10.0\reader\acrord32.exe |
"TCP Query User{8750EE3F-E9A9-44F2-B574-164EA91E966C}C:\windows\system32\wercon.exe" = protocol=6 | dir=in | app=c:\windows\system32\wercon.exe |
"TCP Query User{885A33DB-84E6-4BB9-A503-803DD9F9D35B}C:\program files\avira\antivir desktop\ipmgui.exe" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\ipmgui.exe |
"TCP Query User{8FDF66D5-7C3A-43C3-9DB7-54A4075F49C0}C:\users\garbert\appdata\roaming\svhostu.exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\roaming\svhostu.exe |
"TCP Query User{97EFD739-4544-441B-84DF-A12A1F6C432A}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{993D702D-3209-45DD-8A52-DF80759BAAAD}C:\program files\lp\936b\0a0.exe" = protocol=6 | dir=in | app=c:\program files\lp\936b\0a0.exe |
"TCP Query User{A2D6A2B5-DBFA-43E4-9650-1A1991F694E3}C:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe" = protocol=6 | dir=in | app=c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe |
"TCP Query User{A9223F05-82C9-44BE-9FAF-818320A08111}C:\users\garbert\appdata\local\temp\rarsfx0\apnstub.exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\local\temp\rarsfx0\apnstub.exe |
"TCP Query User{B160A99A-2AE9-43F0-A297-BAE56A404C40}C:\users\garbert\appdata\local\temp\housecall\housecall.bin" = protocol=6 | dir=in | app=c:\users\garbert\appdata\local\temp\housecall\housecall.bin |
"TCP Query User{B636DBD8-8149-457A-9597-BCEF43645133}C:\program files\pdf24\pdf24-updater.exe" = protocol=6 | dir=in | app=c:\program files\pdf24\pdf24-updater.exe |
"TCP Query User{B7191C3F-8AC1-47AE-BE2F-8EFEEA5486E8}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{B747320F-DFE8-4B83-8B51-700E00691ACF}C:\program files\windows defender\msascui.exe" = protocol=6 | dir=in | app=c:\program files\windows defender\msascui.exe |
"TCP Query User{BAB1106F-6D22-4157-BB65-2FDB077CA2EE}C:\program files\openoffice.org 3\program\soffice.bin" = protocol=6 | dir=in | app=c:\program files\openoffice.org 3\program\soffice.bin |
"TCP Query User{BC66BC57-BB72-4302-963A-53E1F6CAD0B6}C:\program files\avira\antivir personaledition classic\avnotify.exe" = protocol=6 | dir=in | app=c:\program files\avira\antivir personaledition classic\avnotify.exe |
"TCP Query User{BC826D6E-6E50-4B95-A708-CEE3BEC640ED}C:\program files\common files\adobe\arm\1.0\adobearm.exe" = protocol=6 | dir=in | app=c:\program files\common files\adobe\arm\1.0\adobearm.exe |
"TCP Query User{C2B44BEB-11FF-4CB5-B9D4-C495736453CD}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{C4AFF4B8-E882-45AE-9C2E-893774FF36BF}C:\program files\java\jre6\bin\jusched.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\jusched.exe |
"TCP Query User{C796A715-AE8E-4278-A7BB-7710790662C2}C:\program files\openoffice.org 3\program\soffice.bin" = protocol=6 | dir=in | app=c:\program files\openoffice.org 3\program\soffice.bin |
"TCP Query User{CF1A22DC-3839-4A57-8DB0-11E985AC1F69}C:\program files\ccc28\lvvm.exe" = protocol=6 | dir=in | app=c:\program files\ccc28\lvvm.exe |
"TCP Query User{D0320FB1-CC32-40DC-854D-9E35C3624DDB}C:\windows\system32\wercon.exe" = protocol=6 | dir=in | app=c:\windows\system32\wercon.exe |
"TCP Query User{D790A158-9786-4DA2-AF97-C205E6E26F63}C:\program files\avira\antivir desktop\avnotify.exe" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avnotify.exe |
"TCP Query User{E1CEF85D-0399-4EF6-8BF6-CCBB2505DE5A}C:\users\garbert\appdata\roaming\b4ccc\f1193.exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\roaming\b4ccc\f1193.exe |
"TCP Query User{E8729F19-D3C1-4806-B0B3-61C1B11260DC}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F26BCA3E-07DE-45E2-B528-CE3A10901009}C:\program files\gmx\liveupdate\m2lutray.exe" = protocol=6 | dir=in | app=c:\program files\gmx\liveupdate\m2lutray.exe |
"TCP Query User{FA7ED1CA-0C0F-400D-B35E-E3BD65E22097}C:\program files\lp\936b\30e8.tmp" = protocol=6 | dir=in | app=c:\program files\lp\936b\30e8.tmp |
"TCP Query User{FB63F94C-8CA9-43DE-B8AF-21CB9398E5B8}C:\users\garbert\appdata\roaming\lt6ow0jc.exe" = protocol=6 | dir=in | app=c:\users\garbert\appdata\roaming\lt6ow0jc.exe |
"UDP Query User{03BB56A2-F691-4922-80EB-ABE129D06144}C:\users\garbert\appdata\roaming\b4ccc\f1193.exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\roaming\b4ccc\f1193.exe |
"UDP Query User{066DDA28-CFAB-44CF-A80A-070AD5EE3B0B}C:\program files\1&1\liveupdate\m2lutray.exe" = protocol=17 | dir=in | app=c:\program files\1&1\liveupdate\m2lutray.exe |
"UDP Query User{07945749-0256-41CD-93C7-45C1623C37B1}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{0A0E071F-0B0C-4CD2-863F-1ADA4E1EEBF5}C:\users\garbert\appdata\roaming\svhostu.exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\roaming\svhostu.exe |
"UDP Query User{0F3A2D56-DF60-4FA7-B20E-3F6B5C197B2D}C:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe" = protocol=17 | dir=in | app=c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe |
"UDP Query User{10AABA16-6C48-4E43-B504-CA8238E1592F}C:\program files\google\google toolbar\component\googletoolbarmanager_4e7d715d860e20e1.exe" = protocol=17 | dir=in | app=c:\program files\google\google toolbar\component\googletoolbarmanager_4e7d715d860e20e1.exe |
"UDP Query User{11F11FF6-6B95-4DC3-AA5A-807503192F49}C:\program files\openoffice.org 3\program\soffice.bin" = protocol=17 | dir=in | app=c:\program files\openoffice.org 3\program\soffice.bin |
"UDP Query User{19DCDCB8-114C-4083-A2ED-072FE3BAB175}C:\windows\system32\werfault.exe" = protocol=17 | dir=in | app=c:\windows\system32\werfault.exe |
"UDP Query User{1EC9A674-B168-498A-B784-E41ECE18FFA1}C:\program files\windows defender\msascui.exe" = protocol=17 | dir=in | app=c:\program files\windows defender\msascui.exe |
"UDP Query User{1F4C6A05-E8B6-47F5-8E6F-7092284228B7}C:\program files\avira\antivir desktop\ipmgui.exe" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\ipmgui.exe |
"UDP Query User{20AE5BA1-4D52-4B51-8D9E-E6584C8F3753}C:\program files\java\jre6\bin\jusched.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\jusched.exe |
"UDP Query User{2997A4C4-8BE6-45FE-AF8A-871F36429985}C:\users\garbert\appdata\local\temp\googletoolbarinstaller_en32_signed.exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\local\temp\googletoolbarinstaller_en32_signed.exe |
"UDP Query User{2B55AA74-80D1-4DC2-9DEA-378AA82EB707}C:\program files\malwarebytes' anti-malware\mbam.exe" = protocol=17 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |
"UDP Query User{33E082A3-DA3C-42F7-9A1D-AB1B089609EB}C:\program files\avira\antivir personaledition classic\avnotify.exe" = protocol=17 | dir=in | app=c:\program files\avira\antivir personaledition classic\avnotify.exe |
"UDP Query User{358B4DF5-95AF-4CA2-807B-31CBF0A24B17}C:\users\garbert\desktop\0.9056710880911472.exe" = protocol=17 | dir=in | app=c:\users\garbert\desktop\0.9056710880911472.exe |
"UDP Query User{39E5474C-485C-478B-B44E-A83742A1345D}C:\users\garbert\appdata\local\google\update\googleupdate.exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\local\google\update\googleupdate.exe |
"UDP Query User{3CA5DD51-9314-4FF8-9248-281C66132F47}C:\program files\avira\antivir desktop\avnotify.exe" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avnotify.exe |
"UDP Query User{3DADCF2B-86A9-42B4-A909-687456098778}C:\program files\lp\936b\0a0.exe" = protocol=17 | dir=in | app=c:\program files\lp\936b\0a0.exe |
"UDP Query User{3E9F4F1C-D913-4821-9F79-75A50788C4C0}C:\program files\gmx\liveupdate\m2lutray.exe" = protocol=17 | dir=in | app=c:\program files\gmx\liveupdate\m2lutray.exe |
"UDP Query User{4A01492A-8244-4739-8796-7F2BB895E4B5}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{4B93ECEC-A7C4-45AA-B9B9-446B2514C852}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{52D0B562-B061-4BF3-A903-700F17EAD469}C:\program files\adobe\reader 10.0\reader\acrord32.exe" = protocol=17 | dir=in | app=c:\program files\adobe\reader 10.0\reader\acrord32.exe |
"UDP Query User{62CCD707-FE2B-4500-9621-A048757A8F88}C:\program files\java\jre6\bin\jucheck.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\jucheck.exe |
"UDP Query User{6E2D11ED-2464-43CF-96E0-F61055C4BA07}C:\users\garbert\appdata\local\temp\gumf571.tmp\googleupdate.exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\local\temp\gumf571.tmp\googleupdate.exe |
"UDP Query User{6EF1075C-D016-440A-994A-D7F94310F493}C:\program files\openoffice.org 3\program\soffice.bin" = protocol=17 | dir=in | app=c:\program files\openoffice.org 3\program\soffice.bin |
"UDP Query User{745B33AB-5FDA-4526-8E69-5D4D30B5096A}C:\windows\system32\wermgr.exe" = protocol=17 | dir=in | app=c:\windows\system32\wermgr.exe |
"UDP Query User{7ED4E65B-A668-46DD-95BA-C2C4C003D331}C:\program files\google\update\googleupdate.exe" = protocol=17 | dir=in | app=c:\program files\google\update\googleupdate.exe |
"UDP Query User{7FC02FDF-7A8A-4731-B379-6CC42B4B9D28}C:\users\garbert\appdata\roaming\lt6ow0jc.exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\roaming\lt6ow0jc.exe |
"UDP Query User{81491885-FAEF-4A9F-8133-C7068335554D}C:\users\garbert\appdata\local\google\update\googleupdate.exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\local\google\update\googleupdate.exe |
"UDP Query User{8B784F44-1474-4087-B58F-04E1819E09D6}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{925C2950-CCFC-4F4F-9CE1-2026174EDF36}C:\program files\lp\936b\0a0.exe" = protocol=17 | dir=in | app=c:\program files\lp\936b\0a0.exe |
"UDP Query User{95572E92-9356-441F-8441-187A1FFBD409}C:\windows\system32\wercon.exe" = protocol=17 | dir=in | app=c:\windows\system32\wercon.exe |
"UDP Query User{95B56FB7-CDB1-4B41-926F-F6F91CF16FC1}C:\users\garbert\appdata\local\temp\install_reader10_de_gtba_aih[1].exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\local\temp\install_reader10_de_gtba_aih[1].exe |
"UDP Query User{97B9ADC5-2352-4FB6-B531-61842F12090E}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{97EBD866-7C65-4DA8-B95D-D6EBBD193ED0}C:\windows\system32\dekivrzonxusofp.exe" = protocol=17 | dir=in | app=c:\windows\system32\dekivrzonxusofp.exe |
"UDP Query User{993730A5-24DD-4565-8904-82560A027CDC}C:\users\garbert\appdata\local\temp\housecall\housecall.bin" = protocol=17 | dir=in | app=c:\users\garbert\appdata\local\temp\housecall\housecall.bin |
"UDP Query User{9CD84880-4743-4788-9437-133B459CEF6D}C:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe" = protocol=17 | dir=in | app=c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe |
"UDP Query User{A0A3D81F-ED5B-42C5-83E7-9ABC84298458}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{A25558F9-F6C0-48D0-9B3B-AF31D92F7D80}C:\program files\common files\adobe\arm\1.0\adobearm.exe" = protocol=17 | dir=in | app=c:\program files\common files\adobe\arm\1.0\adobearm.exe |
"UDP Query User{A2E67958-9CB2-4760-A695-7076F5380F92}C:\program files\ccc28\lvvm.exe" = protocol=17 | dir=in | app=c:\program files\ccc28\lvvm.exe |
"UDP Query User{A7B9523E-5ED9-4A90-B022-5A831A1E7A2C}C:\users\garbert\appdata\roaming\b4ccc\f1193.exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\roaming\b4ccc\f1193.exe |
"UDP Query User{B2A8D85F-EF64-41FF-BC6D-FE0374394516}C:\users\garbert\appdata\local\temp\rarsfx0\setup.exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\local\temp\rarsfx0\setup.exe |
"UDP Query User{BBFFA4DD-4D2D-4A2D-8495-1AF112334938}C:\windows\system32\dekivrzonxusofp.exe" = protocol=17 | dir=in | app=c:\windows\system32\dekivrzonxusofp.exe |
"UDP Query User{C1B7190D-4441-4A2A-95D5-3B678615CB47}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{C59381B4-50BE-4336-BA4C-B84AABC1389C}C:\program files\1&1\liveupdate\m2lutray.exe" = protocol=17 | dir=in | app=c:\program files\1&1\liveupdate\m2lutray.exe |
"UDP Query User{C6C14200-DBC9-4620-8F1C-BD68210A77DF}C:\users\garbert\appdata\local\temp\rarsfx0\apnstub.exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\local\temp\rarsfx0\apnstub.exe |
"UDP Query User{C79CDBBC-BE38-4333-8F5B-B047173DBE34}C:\windows\system32\wercon.exe" = protocol=17 | dir=in | app=c:\windows\system32\wercon.exe |
"UDP Query User{CC17B17D-64D4-4E15-82FA-29909EF857C8}C:\program files\avira\antivir desktop\ipmgui.exe" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\ipmgui.exe |
"UDP Query User{D0FADD32-E64B-4816-92E1-61080CAA8BC3}C:\users\garbert\appdata\local\temp\7zs4e88.tmp\setup.exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\local\temp\7zs4e88.tmp\setup.exe |
"UDP Query User{D477B569-EC52-4A12-A0C1-3845DFD6E8A0}C:\users\garbert\appdata\local\temp\0.311055798381219exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\local\temp\0.311055798381219exe |
"UDP Query User{D4E74CCB-813A-4D50-8AFD-C5B69CCE1C2D}C:\users\garbert\appdata\local\temp\svhostu.exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\local\temp\svhostu.exe |
"UDP Query User{D80A8700-3E3E-4F33-8902-8C8965708999}C:\program files\pdf24\pdf24-updater.exe" = protocol=17 | dir=in | app=c:\program files\pdf24\pdf24-updater.exe |
"UDP Query User{DB9A6DAE-D4A7-485C-8CAF-0EE6E625E553}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{DF9A7C72-7933-4997-905F-28B1DB21E6A7}C:\program files\ccc28\lvvm.exe" = protocol=17 | dir=in | app=c:\program files\ccc28\lvvm.exe |
"UDP Query User{E16C9E84-8C9A-4E01-9A84-89F48988B8AC}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{E765AEF8-88FE-4D5D-9CE1-2F1D4F7A5DA3}C:\users\garbert\appdata\local\temp\7zs2906.tmp\setup.exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\local\temp\7zs2906.tmp\setup.exe |
"UDP Query User{F0E6E7D1-F099-42C1-81F8-66FAD3502CD1}C:\program files\gmx\liveupdate\m2lutray.exe" = protocol=17 | dir=in | app=c:\program files\gmx\liveupdate\m2lutray.exe |
"UDP Query User{F1F5AC40-FBD7-4111-AB7F-A1282F3D67E4}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{F3466136-5606-4FD2-8064-A38B0DEB13B9}C:\program files\lp\936b\30e8.tmp" = protocol=17 | dir=in | app=c:\program files\lp\936b\30e8.tmp |
"UDP Query User{F8630047-3477-4EF9-8FA6-F8432BF02C6A}C:\users\garbert\appdata\roaming\lt6ow0jc.exe" = protocol=17 | dir=in | app=c:\users\garbert\appdata\roaming\lt6ow0jc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{016B58FA-6D8C-4EE2-B2F1-5E78628E4AD5}" = 1&1 Update
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0F5C38CB-DCA7-44E0-A654-26121331557A}" = GMX Update
"{0FE6B77F-54CD-45ED-BB64-A99477B0A8F1}" = 5600
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{2605461E-AB2E-49F5-8A16-64B7F3595030}" = 5600Trb
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 17
"{2F6D47A9-D946-4472-8D25-24151AC1A3CD}" = Internet Explorer 8 1&1 Addon
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{5C97698A-FAB5-41DB-ADB0-5FCB2BC84588}" = InternetExplorer-GMX-Addon
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6803A6E6-48FF-48AB-B558-7B651BBE1031}" = Nero 8 Essentials
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7DCBC3D8-8954-491D-A1B9-8C61C563B004}" = 5600_Help
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.1.0
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B27F2F79-879F-45F9-B2B7-08EF9B95502F}" = Internet Explorer 8 1&1 Edition
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1&1 Update" = 1&1 Update
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AgrarOfficeJKEKLZT_is1" = AO Agrar-Office 5.0.9.0
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal – Free Antivirus
"ELAN 2009 NW" = ELAN 2009 NW
"ELAN 2010 NW" = ELAN 2010 NW
"ELAN 2011 NW " = ELAN 2011 NW
"GMX Update" = GMX Update
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"Internet Explorer 8 1&1 Addon" = Internet Explorer 8 1&1 Addon
"Internet Explorer 8 1&1 Edition" = Internet Explorer 8 1&1 Edition
"InternetExplorer-GMX-Addon" = InternetExplorer-GMX-Addon
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"TeamViewer 4" = TeamViewer 4
"VN_VUIns_Rhine_VIA" = VIA Rhine Family Fast Ethernet Adapter
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 27.10.2011 01:39:40 | Computer Name = Garbert-PC | Source = WerSvc | ID = 5007
Description =
Error - 27.10.2011 01:41:11 | Computer Name = Garbert-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul Flash10c.ocx, Version 10.0.32.18, Zeitstempel 0x4a613d79,
Ausnahmecode 0xc0000005, Fehleroffset 0x000dea73, Prozess-ID 0x220, Anwendungsstartzeit
01cc946af0e299bb.
Error - 27.10.2011 01:41:34 | Computer Name = Garbert-PC | Source = LoadPerf | ID = 3012
Description =
Error - 27.10.2011 01:41:35 | Computer Name = Garbert-PC | Source = LoadPerf | ID = 3012
Description =
Error - 27.10.2011 01:41:35 | Computer Name = Garbert-PC | Source = LoadPerf | ID = 3011
Description =
Error - 27.10.2011 02:09:07 | Computer Name = Garbert-PC | Source = EventSystem | ID = 4609
Description =
Error - 27.10.2011 02:15:15 | Computer Name = Garbert-PC | Source = LoadPerf | ID = 3012
Description =
Error - 27.10.2011 02:15:15 | Computer Name = Garbert-PC | Source = LoadPerf | ID = 3012
Description =
Error - 27.10.2011 02:15:15 | Computer Name = Garbert-PC | Source = LoadPerf | ID = 3011
Description =
Error - 27.10.2011 02:34:44 | Computer Name = Garbert-PC | Source = System Restore | ID = 8193
Description =
[ System Events ]
Error - 27.10.2011 02:09:01 | Computer Name = Garbert-PC | Source = DCOM | ID = 10005
Description =
Error - 27.10.2011 02:09:04 | Computer Name = Garbert-PC | Source = DCOM | ID = 10005
Description =
Error - 27.10.2011 02:09:05 | Computer Name = Garbert-PC | Source = DCOM | ID = 10005
Description =
Error - 27.10.2011 02:09:07 | Computer Name = Garbert-PC | Source = DCOM | ID = 10005
Description =
Error - 27.10.2011 02:09:09 | Computer Name = Garbert-PC | Source = DCOM | ID = 10005
Description =
Error - 27.10.2011 02:09:13 | Computer Name = Garbert-PC | Source = DCOM | ID = 10005
Description =
Error - 27.10.2011 02:09:23 | Computer Name = Garbert-PC | Source = DCOM | ID = 10005
Description =
Error - 27.10.2011 02:09:59 | Computer Name = Garbert-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 27.10.2011 02:09:59 | Computer Name = Garbert-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 27.10.2011 02:18:06 | Computer Name = Garbert-PC | Source = DCOM | ID = 10005
Description =
< End of report > --- --- --- |