Erfolgsmeldung Nr. 2 :applaus:
Toll, wenn mal was funktioniert .... :singsing:
OTL scannt gerade ....
Files folgen in Kürze
(habe wieder 60 Tage gewählt, weil ich den Trojaner jetzt so um die 30 Tage drauf habe). So, hier jetzt das Update mit den Logfiles: Zitat:
Computer Name: ACER-LAPTOP | User Name: Admin | Logged in as Administrator.
| OTL logfile (60 Tage) Code:
OTL logfile created on: 11.05.2013 00:27:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Admin\Desktop\Schritt 2 OTL
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1014,36 Mb Total Physical Memory | 350,39 Mb Available Physical Memory | 34,54% Memory free
2,38 Gb Paging File | 1,70 Gb Available in Paging File | 71,36% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 71,33 Gb Total Space | 5,66 Gb Free Space | 7,94% Space Free | Partition Type: NTFS
Drive D: | 71,84 Gb Total Space | 19,58 Gb Free Space | 27,25% Space Free | Partition Type: FAT32
Computer Name: ACER-LAPTOP | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Admin\Desktop\Schritt 2 OTL\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Dokumente und Einstellungen\Anwender\Desktop\Nadine Grundschule\AZ 6-1\Kids\az6-1.launcher.exe ()
PRC - C:\Dokumente und Einstellungen\Anwender\Desktop\Nadine Grundschule\AZ 6-1\jre1.6.0\bin\java.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe ()
PRC - C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ()
PRC - C:\Dokumente und Einstellungen\Anwender\Desktop\Nadine Grundschule\AZ 6-1\derby\wrapper.exe ()
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
PRC - C:\WINDOWS\vsnpstd3.exe ()
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Acer\Empowering Technology\ePresentation\ePresentation.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe ( )
PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU ()
MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2ae42fd7\mscorlib.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_97e900cf\system.drawing.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_d8fb7d05\system.xml.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_d8985eb5\system.windows.forms.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_3842bc82\system.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll ()
MOD - C:\Dokumente und Einstellungen\Anwender\Desktop\Nadine Grundschule\AZ 6-1\Kids\az6-1.launcher.exe ()
MOD - C:\WINDOWS\system32\preflib.dll ()
MOD - C:\WINDOWS\system32\bcm1xsup.dll ()
MOD - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe ()
MOD - C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ()
MOD - C:\Acer\Empowering Technology\eSettings\CPUID.dll ()
MOD - C:\Dokumente und Einstellungen\Anwender\Desktop\Nadine Grundschule\AZ 6-1\derby\wrapper.exe ()
MOD - C:\Dokumente und Einstellungen\Anwender\Desktop\Nadine Grundschule\AZ 6-1\derby\wrapper.dll ()
MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()
MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll ()
MOD - c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll ()
MOD - c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll ()
MOD - c:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll ()
MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll ()
MOD - C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
MOD - C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
MOD - c:\Acer\Empowering Technology\eDataSecurity\eDSCS2CClassLib.dll ()
MOD - C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application LauncherBmp.dll ()
MOD - C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application LauncherLg.dll ()
MOD - C:\WINDOWS\vsnpstd3.exe ()
MOD - C:\Acer\Empowering Technology\eRecovery\it41.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Teleca Shared\boost_log-vc71-mt-1_33.dll ()
MOD - C:\Acer\Empowering Technology\eRecovery\imagefile.dll ()
MOD - C:\Acer\Empowering Technology\ePower\DialogDLL.dll ()
MOD - C:\Acer\Empowering Technology\ePower\SysHook.dll ()
MOD - C:\Programme\Launch Manager\PowerUtl.dll ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()
========== Services (SafeList) ==========
SRV - (CLTNetCnService) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe /h ccCommon File not found
SRV - (Live Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (BlueSoleil Hid Service) -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe ()
SRV - (Start BT in service) -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ()
SRV - (derby) -- C:\Dokumente und Einstellungen\Anwender\Desktop\Nadine Grundschule\AZ 6-1\derby\wrapper.exe ()
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe ( )
SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (hwusbfake) -- system32\DRIVERS\ewusbfake.sys File not found
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (ewusbnet) -- system32\DRIVERS\ewusbnet.sys File not found
DRV - (Changer) -- File not found
DRV - (ssudmdm) -- C:\WINDOWS\system32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (dgderdrv) -- C:\WINDOWS\system32\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV - (ssadmdm) -- C:\WINDOWS\system32\drivers\ssadmdm.sys (MCCI Corporation)
DRV - (ssadbus) -- C:\WINDOWS\system32\drivers\ssadbus.sys (MCCI Corporation)
DRV - (ssadserd) -- C:\WINDOWS\system32\drivers\ssadserd.sys (MCCI Corporation)
DRV - (ssadmdfl) -- C:\WINDOWS\system32\drivers\ssadmdfl.sys (MCCI Corporation)
DRV - (sscdmdm) -- C:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdbus) -- C:\WINDOWS\system32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (androidusb) -- C:\WINDOWS\system32\drivers\ssadadb.sys (Google Inc)
DRV - (sscdmdfl) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (tvicport) -- C:\WINDOWS\system32\drivers\TVicPort.sys (EnTech Taiwan)
DRV - (zntport) -- C:\WINDOWS\system32\drivers\zntport.sys (Zeal SoftStudio)
DRV - (int15) -- C:\WINDOWS\system32\drivers\int15.sys (Acer, Inc.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corp.)
DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation.)
DRV - (BlueletSCOAudio) -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (SNPSTD3) -- C:\WINDOWS\system32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (s116unic) -- C:\WINDOWS\system32\drivers\s116unic.sys (MCCI Corporation)
DRV - (s116obex) -- C:\WINDOWS\system32\drivers\s116obex.sys (MCCI Corporation)
DRV - (s116nd5) -- C:\WINDOWS\system32\drivers\s116nd5.sys (MCCI Corporation)
DRV - (s116mgmt) -- C:\WINDOWS\system32\drivers\s116mgmt.sys (MCCI Corporation)
DRV - (s116mdm) -- C:\WINDOWS\system32\drivers\s116mdm.sys (MCCI Corporation)
DRV - (s116mdfl) -- C:\WINDOWS\system32\drivers\s116mdfl.sys (MCCI Corporation)
DRV - (s116bus) -- C:\WINDOWS\system32\drivers\s116bus.sys (MCCI Corporation)
DRV - (BT) -- C:\WINDOWS\system32\drivers\btnetdrv.sys (IVT Corporation.)
DRV - (VHidMinidrv) -- C:\WINDOWS\system32\drivers\VHIDMini.sys (IVT Corporation.)
DRV - (BTHidMgr) -- C:\WINDOWS\system32\drivers\BTHidMgr.sys (IVT Corporation.)
DRV - (BTHidEnum) -- C:\WINDOWS\system32\drivers\vbtenum.sys (IVT Corporation.)
DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation.)
DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (se27unic) -- C:\WINDOWS\system32\drivers\se27unic.sys (MCCI)
DRV - (SE27obex) -- C:\WINDOWS\system32\drivers\SE27obex.sys (MCCI)
DRV - (se27nd5) -- C:\WINDOWS\system32\drivers\se27nd5.sys (MCCI)
DRV - (SE27mgmt) -- C:\WINDOWS\system32\drivers\SE27mgmt.sys (MCCI)
DRV - (SE27mdm) -- C:\WINDOWS\system32\drivers\SE27mdm.sys (MCCI)
DRV - (SE27mdfl) -- C:\WINDOWS\system32\drivers\SE27mdfl.sys (MCCI)
DRV - (SE27bus) -- C:\WINDOWS\system32\drivers\SE27bus.sys (MCCI)
DRV - (int15.sys) -- C:\Acer\Empowering Technology\eRecovery\int15.sys ()
DRV - (Ca533av) -- C:\WINDOWS\system32\drivers\Ca533av.sys (Digital Camera)
DRV - (USBCamera) -- C:\WINDOWS\system32\drivers\Bulk533.sys (USB BULK)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-558968738-4057579624-2930823220-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-558968738-4057579624-2930823220-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://de.yahoo.com
IE - HKU\S-1-5-21-558968738-4057579624-2930823220-1010\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-558968738-4057579624-2930823220-1010\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-558968738-4057579624-2930823220-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ebay.de/
IE - HKU\S-1-5-21-558968738-4057579624-2930823220-1010\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch =
IE - HKU\S-1-5-21-558968738-4057579624-2930823220-1010\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-558968738-4057579624-2930823220-1010\..\SearchScopes,DefaultScope = {21B87A7E-CDF4-46F5-9CD0-2DBDB4E0F98C}
IE - HKU\S-1-5-21-558968738-4057579624-2930823220-1010\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-558968738-4057579624-2930823220-1010\..\SearchScopes\{21B87A7E-CDF4-46F5-9CD0-2DBDB4E0F98C}: "URL" = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-558968738-4057579624-2930823220-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2004.08.04 05:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar mit Pop-Up-Blocker) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-558968738-4057579624-2930823220-1010\..\Toolbar\WebBrowser: (Yahoo! Toolbar mit Pop-Up-Blocker) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe (Acer Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe ()
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe File not found
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [preload] C:\WINDOWS\RunXMLPL.exe (Wistron Corp.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AZ 6-1.launcher.kids.lnk = C:\Dokumente und Einstellungen\Anwender\Desktop\Nadine Grundschule\AZ 6-1\Kids\az6-1.launcher.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\phase-6 Reminder.lnk = C:\Programme\phase-6\phase-6\reminder\reminder.exe (phase-6)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-558968738-4057579624-2930823220-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_29.dll (Sun Microsystems, Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} hxxp://www3.snapfish.de/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} hxxp://picasaweb.google.com/s/v/30.66/uploader2.cab (UploadListView Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {AC3FC1E2-26B3-46E5-8EC2-B1D5E4C90331} hxxp://www.microseven.com/hrctech/front/CameraOCX.cab (CameraOCX Control)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://217.91.155.3:2250/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{342C4028-4608-4654-9639-67ABEC754DE0}: DhcpNameServer = 195.182.110.132 62.134.11.4
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 60 Days ==========
[2013.05.11 00:24:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\.az61.sound
[2013.05.11 00:24:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\.az61
[2013.05.11 00:23:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Startmenü\Programme\CyberLink PowerDVD
[2013.05.08 12:27:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Desktop\Schritt 2 OTL
[2013.05.08 12:27:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Temp
[2013.04.16 22:38:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hvxi
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 60 Days ==========
[2013.05.11 00:33:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DE629F5D-64E1-4DDE-B3E4-D66254841F57}.job
[2013.05.11 00:24:09 | 000,001,241 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AZ 6-1.launcher.kids.lnk
[2013.05.11 00:23:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.11 00:23:12 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.10 23:33:50 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.05.08 14:36:00 | 000,000,454 | ---- | M] () -- C:\WINDOWS\tasks\DriverBoost-RTMUpdater.job
[2013.05.08 12:27:06 | 000,004,608 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.08 12:21:15 | 000,159,954 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Trojaner-Board.JPG
[2013.04.17 00:23:20 | 000,031,229 | ---- | M] () -- C:\WINDOWS\hit.pir
[2013.04.17 00:20:56 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.04.16 23:50:40 | 000,061,564 | ---- | M] () -- C:\WINDOWS\gkj.xar
[2013.04.16 23:05:06 | 000,069,674 | ---- | M] () -- C:\WINDOWS\njgmzk.yvc
[2013.04.16 23:04:25 | 000,031,092 | ---- | M] () -- C:\WINDOWS\cjtbphe.ufq
[2013.04.16 22:42:30 | 000,101,089 | ---- | M] () -- C:\WINDOWS\htr.ivo
[2013.04.16 22:38:38 | 000,243,622 | ---- | M] () -- C:\WINDOWS\zkkv.fnk
[2013.04.16 22:36:46 | 000,211,604 | ---- | M] () -- C:\WINDOWS\larnas.vyk
[2013.04.13 08:52:56 | 000,532,548 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.04.13 08:52:56 | 000,098,706 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.04.13 08:52:55 | 000,564,920 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.04.13 08:52:55 | 000,120,612 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.04.02 09:25:06 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\DriverBoost-RTMScan.job
[2013.04.02 08:23:06 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\DriverBoost-RTMRules.job
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.11 00:23:12 | 1063,702,528 | -HS- | C] () -- C:\hiberfil.sys
[2013.05.08 12:21:15 | 000,159,954 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Trojaner-Board.JPG
[2013.04.16 23:04:37 | 000,069,674 | ---- | C] () -- C:\WINDOWS\njgmzk.yvc
[2013.04.16 22:42:16 | 000,101,089 | ---- | C] () -- C:\WINDOWS\htr.ivo
[2013.04.16 22:42:16 | 000,031,092 | ---- | C] () -- C:\WINDOWS\cjtbphe.ufq
[2013.04.16 22:38:38 | 000,243,622 | ---- | C] () -- C:\WINDOWS\zkkv.fnk
[2013.04.16 22:36:48 | 000,031,229 | ---- | C] () -- C:\WINDOWS\hit.pir
[2013.04.16 22:36:46 | 000,211,604 | ---- | C] () -- C:\WINDOWS\larnas.vyk
[2013.04.16 22:35:33 | 000,061,564 | ---- | C] () -- C:\WINDOWS\gkj.xar
[2012.06.17 23:55:33 | 000,154,104 | ---- | C] () -- C:\WINDOWS\hpoins21.dat
[2012.06.17 23:55:33 | 000,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat
[2012.06.17 23:48:09 | 000,154,121 | ---- | C] () -- C:\WINDOWS\hpoins21.dat.temp
[2012.06.17 23:48:09 | 000,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat.temp
[2011.07.01 02:51:38 | 000,434,416 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2011.06.16 22:58:04 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.06.16 03:18:03 | 001,300,918 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-558968738-4057579624-2930823220-1008-0.dat
[2011.06.11 12:05:39 | 000,319,662 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2011.06.07 11:13:38 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2009.10.20 22:31:08 | 000,008,628 | -H-- | C] () -- C:\Programme\Gemeinsame Dateien\Fontinfo.GID
[2008.05.24 15:23:04 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.05.24 08:22:50 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
========== ZeroAccess Check ==========
[2007.08.10 12:40:42 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.02.16 10:59:29 | 001,494,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:00:58 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004.08.04 05:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
OTL Extras logfile (60 Tage) Code:
OTL Extras logfile created on: 11.05.2013 00:27:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Admin\Desktop\Schritt 2 OTL
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1014,36 Mb Total Physical Memory | 350,39 Mb Available Physical Memory | 34,54% Memory free
2,38 Gb Paging File | 1,70 Gb Available in Paging File | 71,36% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 71,33 Gb Total Space | 5,66 Gb Free Space | 7,94% Space Free | Partition Type: NTFS
Drive D: | 71,84 Gb Total Space | 19,58 Gb Free Space | 27,25% Space Free | Partition Type: FAT32
Computer Name: ACER-LAPTOP | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\Videoplayer\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Eigene Programme\dm Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [dm Fotowelt] -- "C:\Eigene Programme\dm Fotowelt\dm Fotowelt.exe" "%1" ()
Directory [dm-Fotowelt] -- "C:\Eigene Programme\dm Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\Videoplayer\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\Anwender\Desktop\Phoner lite 147\PhonerLite.exe" = C:\Dokumente und Einstellungen\Anwender\Desktop\Phoner lite 147\PhonerLite.exe:*:Enabled:VoIP Softphone -- (Heiko Sommerfeldt)
"C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation.)
"G:\Phoner-Lite\PhonerLite.exe" = G:\Phoner-Lite\PhonerLite.exe:*:Enabled:VoIP Softphone
"C:\Dokumente und Einstellungen\Anwender\Desktop\OTRs\APWizard-German.exe" = C:\Dokumente und Einstellungen\Anwender\Desktop\OTRs\APWizard-German.exe:*:Enabled:EZmax Wizard
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Programme\Unified Remote\RemoteServer.exe" = C:\Programme\Unified Remote\RemoteServer.exe:*:Enabled:Unified Remote -- (Unified Remote)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner lite132\PhonerLite.exe" = C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner lite132\PhonerLite.exe:*:Enabled:VoIP Softphone -- (Heiko Sommerfeldt)
"C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner lite147\PhonerLite.exe" = C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner lite147\PhonerLite.exe:*:Enabled:VoIP Softphone -- (Heiko Sommerfeldt)
"C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner-Lite141\PhonerLite.exe" = C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner-Lite141\PhonerLite.exe:*:Enabled:VoIP Softphone -- (Heiko Sommerfeldt)
"C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner-lite144\PhonerLite.exe" = C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner-lite144\PhonerLite.exe:*:Enabled:VoIP Softphone -- (Heiko Sommerfeldt)
"C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner-lite184\PhonerLite.exe" = C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner-lite184\PhonerLite.exe:*:Enabled:VoIP Softphone -- (Heiko Sommerfeldt)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner-lite191\PhonerLite.exe" = C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner-lite191\PhonerLite.exe:*:Enabled:PhonerLite VoIP Softphone -- (Heiko Sommerfeldt)
"C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner-lite195\PhonerLite.exe" = C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner-lite195\PhonerLite.exe:*:Enabled:PhonerLite VoIP Softphone -- (Heiko Sommerfeldt)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Dokumente und Einstellungen\Anwender\Lokale Einstellungen\Temp\7zS495B\setup\HPZnui01.exe" = C:\Dokumente und Einstellungen\Anwender\Lokale Einstellungen\Temp\7zS495B\setup\HPZnui01.exe:*:Enabled:hpznui01.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner-lite207\PhonerLite.exe" = C:\Dokumente und Einstellungen\Anwender\Desktop\Daten\Phoner Lite\Phoner-lite207\PhonerLite.exe:*:Enabled:PhonerLite VoIP Softphone -- (Heiko Sommerfeldt)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{044E78D2-8F54-4F6F-AD2B-A122F8111EDB}" = DriverBoost
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}" = 32 Bit HP CIO Components Installer
"{0F2AF8BE-03A3-4845-81A2-9C9B3CCAE605}" = WGW Heimat- und Sachkunde 1 und 2
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{153F839F-0A63-41D8-890F-7324C0E13743}" = Broadcom Driver v4.170.25.12_Foxconn Installation Program
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management
"{25BEC3AB-5CD4-481D-9143-215C1BBB189E}" = Sony Ericsson PC Suite
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 29
"{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}" = Microsoft SQL Server VSS Writer
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}" = Microsoft SQL Server Native Client
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{64F974D4-135B-4BB9-9791-CD94AEBDAE5C}" = WGW Deutsch 1
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6ABA8CC0-E3DE-4434-A7C7-180E153429B4}" = Unified Remote
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B56E0F8-762D-46F8-846D-D9609116997E}" = WGW Deutsch 3
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{86D3D561-D1FD-4d57-8395-20030467E0F9}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{8E17C794-618A-4258-B817-5C81821B0CCA}" = WGW Heimat- und Sachkunde 3 und 4
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{93FFBCB3-9DC8-4807-8E2B-D36E9C18A289}" = WGW Deutsch 4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{ACDE260A-602B-4cfb-A650-D0DBA6FFAD85}" = NetDeviceManager
"{B9A17C96-1348-45CB-BB0A-1BCB3A0F854E}" = Bluesoleil2.7.0.35 VoIP Release 080317
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}" = Sony Ericsson Drivers
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D47F8150-0A94-416D-8A59-0A2E9B9D6773}" = MediaXW
"{D4CB7852-8308-4BBB-AF7D-48F073B58507}" = Digital Cam
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{E024F0D3-63D6-4C2A-BB94-7667FB125822}" = WGW Deutsch 2
"{EABE970D-5025-4F24-9727-240742AC8A98}" = BilliBanni Vorschule Weiche Landung in Ballonien!
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = USB PC Camera-168
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"AZ 6-1.kids" = AZ 6-1.kids (remove only)
"Broadcom 802.11 Application" = Broadcom Wireless-Dienstprogramm
"Broadcom 802.11b Network Adapter" = Broadcom 802.11-WLAN-Adapter
"Business Contact Manager für Outlook 2007" = Business Contact Manager für Outlook 2007
"Casino Tropez" = Casino Tropez
"casinoshare" = Casino Share
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"dm Fotowelt" = dm Fotowelt
"dm-Fotowelt" = dm-Fotowelt
"Etiketten professionell" = Etiketten professionell
"GridVista" = Acer GridVista
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Infothek kompakt" = Infothek kompakt
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"InstallShield_{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management 2.0.4088
"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"IPCameraDSFilter" = IP Camera DS Filter
"Lern-Karteikasten Englisch Grundschule" = Lern-Karteikasten Englisch Grundschule
"Lern-Karteikasten Mathe ab Klasse 2" = Lern-Karteikasten Mathe ab Klasse 2
"LManager" = Launch Manager
"Mathe Klasse 1 - 4" = Mathe Klasse 1 - 4
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PC-Kids Mathematik 2_is1" = PC-Kids Mathematik 2
"phase-6" = phase-6 2.3.2
"PROHYBRIDR" = 2007 Microsoft Office system
"Ravensburger tiptoi" = Ravensburger tiptoi
"Schlaumäuse 2_is1" = Schlaumäuse 2
"Schulschriften" = Schulschriften
"SolveigMM AVI Trimmer" = SolveigMM AVI Trimmer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"tulox-Demo" = tulox (Demoversion)
"VLC media player" = VLC media player 1.0.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar mit Pop-Up-Blocker
"Yahoo! Toolbar" = Yahoo! Toolbar
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16.04.2013 16:53:13 | Computer Name = ACER-LAPTOP | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 1.
Error - 16.04.2013 16:55:31 | Computer Name = ACER-LAPTOP | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
zurückgegeben. .
Error - 16.04.2013 16:58:34 | Computer Name = ACER-LAPTOP | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = Fehler beim Entschlüsseln.
Error - 16.04.2013 16:58:37 | Computer Name = ACER-LAPTOP | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 1.
Error - 08.05.2013 02:26:31 | Computer Name = ACER-LAPTOP | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = Fehler beim Entschlüsseln.
Error - 08.05.2013 02:26:32 | Computer Name = ACER-LAPTOP | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 1.
Error - 10.05.2013 17:37:32 | Computer Name = ACER-LAPTOP | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = Fehler beim Entschlüsseln.
Error - 10.05.2013 17:37:32 | Computer Name = ACER-LAPTOP | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 1.
Error - 10.05.2013 18:23:41 | Computer Name = ACER-LAPTOP | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = Fehler beim Entschlüsseln.
Error - 10.05.2013 18:23:42 | Computer Name = ACER-LAPTOP | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 1.
[ OSession Events ]
Error - 15.07.2012 15:09:03 | Computer Name = ACER-LAPTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18295
seconds with 3420 seconds of active time. This session ended with a crash.
Error - 14.01.2013 19:52:58 | Computer Name = ACER-LAPTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 29588
seconds with 5280 seconds of active time. This session ended with a crash.
Error - 15.04.2013 06:42:53 | Computer Name = ACER-LAPTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6300
seconds with 780 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 10.05.2013 17:41:17 | Computer Name = ACER-LAPTOP | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek USB Device nicht laden.
Error - 10.05.2013 17:41:22 | Computer Name = ACER-LAPTOP | Source = Wechselmediendienst | ID = 262255
Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der
Bibliothek USB Device nicht laden.
Error - 10.05.2013 18:00:58 | Computer Name = ACER-LAPTOP | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 10.05.2013 18:01:34 | Computer Name = ACER-LAPTOP | Source = Service Control Manager | ID = 7001
Description = Der Dienst "DHCP-Client" ist vom Dienst "NetBios über TCP/IP" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 10.05.2013 18:01:34 | Computer Name = ACER-LAPTOP | Source = Service Control Manager | ID = 7001
Description = Der Dienst "DNS-Client" ist vom Dienst "TCP/IP-Protokolltreiber" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 10.05.2013 18:01:34 | Computer Name = ACER-LAPTOP | Source = Service Control Manager | ID = 7001
Description = Der Dienst "TCP/IP-NetBIOS-Hilfsprogramm" ist vom Dienst "AFD" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 10.05.2013 18:01:34 | Computer Name = ACER-LAPTOP | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IPSEC-Dienste" ist vom Dienst "IPSEC-Treiber" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 10.05.2013 18:01:34 | Computer Name = ACER-LAPTOP | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFD avgio avipbb Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss ssmdrv Tcpip
Error - 10.05.2013 18:21:57 | Computer Name = ACER-LAPTOP | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 10.05.2013 18:23:38 | Computer Name = ACER-LAPTOP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WWL 401 Video Camera Device" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
< End of report >
|
GMER herunter: (Dateiname zufällig) 
Tauchen Probleme auf? 
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.