| monika.de | 10.07.2013 08:06 |
GMER-Scan stoppt mit "Kein Datenträger"
Guten Tag,
eigentlich bin ich noch bei der Vorbereitung zu meinem eigentlich Posting, habe aber jetzt das Problem, dass der Scan mit GMER ein Pop-Up-Fenster produziert mit der Meldung: "Es befindet sich kein Datenträger im Laufwerk. Legen Sie einen Datenträger in Laufwerk \Device\Harddisk1\DR1 ein." Die vorgegebenen Buttons "Abbrechen" "Wiederholen" und "Weiter" führen auch nicht weiter, das Pop-Up-Fenster bleibt offen.
Was kann ich tun?
Ich habe nicht viel Ahnung, habe bisher Eure Schritt-für Schritt-Anleitung befolgt, weil sich auf meinem Laptop vermutlich ein Virus befindet (Meldung "Ein kritischer Fehler ist aufgetreten, Windows wird in einer Minute neu gestartet").
Auf meinem Gerät läuft Win7-32bit, Virenscanner SophosAV. Ich benutze das System seit etwa drei Jahren bislang ohne Probleme. Aufgefallen ist mir, als die Meldung auftauchte, dass im Virenscanner die Auto-Update-Funktion (normalerweise alle 60 min, sowie beim Systemstart) deaktiviert war.
Die Logs von OTL:
OTL.txt Code:
OTL logfile created on: 7/9/2013 10:22:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Monika\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.75 Gb Total Physical Memory | 0.93 Gb Available Physical Memory | 53.08% Memory free
3.50 Gb Paging File | 2.53 Gb Available in Paging File | 72.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.00 Gb Total Space | 32.27 Gb Free Space | 32.27% Space Free | Partition Type: NTFS
Drive D: | 122.87 Gb Total Space | 31.90 Gb Free Space | 25.96% Space Free | Partition Type: NTFS
Computer Name: ZWERG | User Name: Monika | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/07/09 15:28:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe
PRC - [2012/12/07 17:10:36 | 002,869,824 | ---- | M] (Sophos Limited) -- C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
PRC - [2012/12/07 17:10:32 | 000,216,640 | ---- | M] (Sophos Limited) -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
PRC - [2012/11/23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/09/23 21:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/08/12 12:41:41 | 000,900,160 | ---- | M] (Sophos Limited) -- C:\Program Files\Sophos\AutoUpdate\ALMon.exe
PRC - [2012/08/12 12:41:39 | 000,232,512 | ---- | M] (Sophos Limited) -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
PRC - [2012/07/26 22:09:40 | 000,150,552 | ---- | M] (Sophos Limited) -- C:\Program Files\Sophos\Sophos Client Firewall\SCFManager.exe
PRC - [2012/07/26 22:09:40 | 000,089,112 | ---- | M] (Sophos Limited) -- C:\Program Files\Sophos\Sophos Client Firewall\SCFService.exe
PRC - [2012/07/26 22:07:12 | 000,357,400 | ---- | M] (Sophos Limited) -- C:\Program Files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
PRC - [2012/07/26 22:06:44 | 000,139,840 | ---- | M] (Sophos Limited) -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
PRC - [2011/03/02 17:20:58 | 000,224,256 | ---- | M] () -- C:\Program Files\GNU\GnuPG\dirmngr.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/06/23 19:17:06 | 000,197,632 | ---- | M] (Evoluent) -- C:\Program Files\Evoluent\VMouse\V4\EvoMouseExec.exe
PRC - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/10/17 07:43:28 | 001,021,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
PRC - [2009/10/07 18:11:20 | 000,283,648 | ---- | M] (ASUSTek) -- C:\Program Files\ASUS\DigitalZoomControl\DigitalZoomControl.exe
PRC - [2009/09/25 15:38:16 | 000,312,784 | ---- | M] () -- C:\Program Files\XSManager\WTGService.exe
PRC - [2009/09/17 18:37:48 | 000,157,968 | R--- | M] (4G Systems GmbH & Co. KG) -- C:\Windows\starter4g.exe
PRC - [2009/09/17 18:37:04 | 000,125,200 | R--- | M] (4G Systems GmbH & Co. KG) -- C:\Windows\service4g.exe
PRC - [2009/09/11 20:41:02 | 000,100,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
PRC - [2009/09/09 20:15:12 | 000,413,688 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
PRC - [2009/08/28 00:38:28 | 000,803,304 | ---- | M] () -- C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
PRC - [2009/08/19 02:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe
PRC - [2009/08/03 01:05:24 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/07/20 11:47:14 | 000,083,240 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
PRC - [2009/01/30 00:11:32 | 000,052,392 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files\VirtualCloneDrive\VCDDaemon.exe
PRC - [2008/04/23 02:08:13 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\acrotray.exe
========== Modules (No Company Name) ==========
MOD - [2009/09/15 15:30:42 | 000,376,832 | ---- | M] () -- C:\Program Files\ASUS\DigitalZoomControl\SMIUtility.dll
MOD - [2006/01/12 21:20:26 | 000,019,968 | ---- | M] () -- C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\acrotray.deu
MOD - [2006/01/12 21:13:46 | 000,019,968 | ---- | M] () -- C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\acrotray.FRA
========== Services (SafeList) ==========
SRV - [2013/07/03 09:58:26 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/15 18:54:40 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/07 17:10:36 | 002,869,824 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe -- (swi_service)
SRV - [2012/12/07 17:10:32 | 000,216,640 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe -- (SAVAdminService)
SRV - [2012/12/07 17:10:24 | 001,459,264 | ---- | M] (Sophos Limited) [Auto | Stopped] -- C:\ProgramData\Sophos\Web Intelligence\swi_update.exe -- (swi_update)
SRV - [2012/09/23 21:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/08/12 12:41:39 | 000,232,512 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe -- (Sophos AutoUpdate Service)
SRV - [2012/07/26 22:09:40 | 000,150,552 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files\Sophos\Sophos Client Firewall\SCFManager.exe -- (Sophos Client Firewall Manager)
SRV - [2012/07/26 22:09:40 | 000,089,112 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files\Sophos\Sophos Client Firewall\SCFService.exe -- (Sophos Client Firewall)
SRV - [2012/07/26 22:07:12 | 000,357,400 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe -- (Sophos Web Control Service)
SRV - [2012/07/26 22:06:44 | 000,139,840 | ---- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe -- (SAVService)
SRV - [2011/03/02 17:20:58 | 000,224,256 | ---- | M] () [Auto | Running] -- C:\Program Files\GNU\GnuPG\dirmngr.exe -- (DirMngr)
SRV - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/09/25 15:38:16 | 000,312,784 | ---- | M] () [Auto | Running] -- C:\Program Files\XSManager\WTGService.exe -- (WTGService)
SRV - [2009/09/17 18:37:04 | 000,125,200 | R--- | M] (4G Systems GmbH & Co. KG) [Auto | Running] -- C:\Windows\service4g.exe -- (XS Stick Service)
SRV - [2009/08/19 02:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService)
SRV - [2009/08/03 01:05:24 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009/07/14 03:15:36 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lpdsvc.dll -- (LPDSVC)
SRV - [2005/04/06 17:53:02 | 000,163,840 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe -- (Adobe Version Cue CS2)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\archlp.sys -- (archlp)
DRV - [2013/02/18 09:22:18 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2013/02/15 09:34:08 | 000,105,728 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaura.sys -- (avmaura)
DRV - [2012/07/26 22:09:30 | 000,045,856 | ---- | M] (Sophos Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\scfndis.sys -- (scfndis)
DRV - [2012/07/26 22:09:21 | 000,088,352 | ---- | M] (Sophos Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\scfdriver.sys -- (scfdriver)
DRV - [2012/07/26 22:07:32 | 000,033,696 | ---- | M] (Sophos Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sdcfilter.sys -- (sdcfilter)
DRV - [2012/07/26 22:07:25 | 000,123,680 | ---- | M] (Sophos Limited) [File_System | System | Running] -- C:\Windows\System32\drivers\savonaccess.sys -- (SAVOnAccess)
DRV - [2012/07/26 22:06:59 | 000,031,736 | ---- | M] (Sophos Plc) [Kernel | System | Running] -- C:\Windows\System32\drivers\skmscan.sys -- (SKMScan)
DRV - [2010/11/23 15:25:52 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaudio.sys -- (avmaudio)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/10/21 15:49:50 | 000,022,536 | ---- | M] (Sophos Plc) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\SophosBootDriver.sys -- (SophosBootDriver)
DRV - [2010/07/07 18:18:56 | 000,044,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2010/06/23 19:17:06 | 000,022,712 | ---- | M] (Evoluent) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EvoMouseDriverFilterHidUsb.sys -- (EvoMouseDriverFilterHidUsb)
DRV - [2010/06/23 19:17:04 | 000,020,024 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EvoMouseDriverMini.sys -- (EvoMouseDriverMini)
DRV - [2010/05/13 14:42:44 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/01/29 02:46:18 | 000,997,408 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009/11/19 15:32:02 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/11/13 09:47:50 | 000,058,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009/08/06 11:16:00 | 009,824,000 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/07/20 11:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 00:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/06 04:48:02 | 000,011,448 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2009/07/01 06:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2009/06/28 18:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009/04/09 13:38:30 | 000,110,592 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2009/04/09 13:38:30 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2009/04/09 13:38:30 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009/04/09 13:38:30 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009/04/09 13:38:30 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009/04/09 13:38:30 | 000,007,680 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2008/10/31 16:19:38 | 000,103,424 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmnsusbser.sys -- (cmnsusbser)
DRV - [2002/04/02 16:30:16 | 000,033,024 | ---- | M] (Colorvision Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cvspydr2.sys -- (cvspydr2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: add-to-searchbox%40maltekraus.de:2.0
FF - prefs.js..extensions.enabledAddons: %7B1ced4832-f06e-413f-aa14-9eb63ad40ace%7D:1.0.2
FF - prefs.js..extensions.enabledAddons: %7B6AC85730-7D0F-4de0-B3FA-21142DD85326%7D:2.8
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7Bc45c406e-ab73-11d8-be73-000a95be3b12%7D:1.2.5
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.9
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.9.6
FF - prefs.js..extensions.enabledAddons: https-everywhere%40eff.org:3.2.3
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {1ced4832-f06e-413f-aa14-9eb63ad40ace}:1.0.2
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.5.5
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: https-everywhere@eff.org:0.9.5
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Users\Monika\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Firefox\components [2013/07/03 09:58:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Firefox\plugins [2013/07/03 09:58:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Components: C:\Program Files\Thunderbird\components [2013/06/26 14:31:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Plugins: C:\Program Files\Thunderbird\plugins
[2010/02/07 21:01:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Extensions
[2010/02/07 21:01:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/07/03 15:37:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\vv20jxw2.default\extensions
[2012/11/30 22:14:14 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\vv20jxw2.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/02/07 21:59:05 | 000,000,000 | ---D | M] (Nuke Anything Enhanced) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\vv20jxw2.default\extensions\{1ced4832-f06e-413f-aa14-9eb63ad40ace}
[2012/08/02 08:28:21 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\vv20jxw2.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2013/06/29 22:59:27 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\vv20jxw2.default\extensions\firefox@ghostery.com
[2013/06/29 22:59:13 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Monika\AppData\Roaming\mozilla\Firefox\Profiles\vv20jxw2.default\extensions\https-everywhere@eff.org
[2012/01/20 20:27:14 | 000,025,781 | ---- | M] () (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\firefox\profiles\vv20jxw2.default\extensions\add-to-searchbox@maltekraus.de.xpi
[2013/07/03 15:37:13 | 000,534,371 | ---- | M] () (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\firefox\profiles\vv20jxw2.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/05/06 19:35:05 | 001,360,435 | ---- | M] () (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\firefox\profiles\vv20jxw2.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
[2013/05/10 16:01:39 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\firefox\profiles\vv20jxw2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/01/22 23:23:09 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\firefox\profiles\vv20jxw2.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013/05/23 18:39:15 | 000,269,448 | ---- | M] () (No name found) -- C:\Users\Monika\AppData\Roaming\mozilla\firefox\profiles\vv20jxw2.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2011/05/15 17:29:23 | 000,002,206 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\mozilla\firefox\profiles\vv20jxw2.default\searchplugins\googlede-bildersuche.xml
[2012/04/05 20:13:17 | 000,001,729 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\mozilla\firefox\profiles\vv20jxw2.default\searchplugins\linguee-de-en.xml
[2013/07/08 09:10:23 | 000,001,853 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\mozilla\firefox\profiles\vv20jxw2.default\searchplugins\metager2.xml
[2013/06/18 16:18:18 | 000,000,713 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\mozilla\firefox\profiles\vv20jxw2.default\searchplugins\openstreetmap-wiki-en.xml
[2011/04/12 16:14:40 | 000,002,160 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\mozilla\firefox\profiles\vv20jxw2.default\searchplugins\startpage-https.xml
[2012/01/20 20:28:38 | 000,001,312 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\mozilla\firefox\profiles\vv20jxw2.default\searchplugins\yandex.xml
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (ArcSoft Video Helper) - {4E18E9A4-95B3-4F8B-AE3B-AB7478DE92EE} - C:\PROGRA~1\ArcSoft\TOTALM~1\codec\ArcIEVideoUp.dll (ArcSoft Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DigitalZoomControl] C:\Program Files\ASUS\DigitalZoomControl\DigitalZoomControl.exe (ASUSTek)
O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [OOBESetup] C:\Program Files\asus\OOBERegBackup\OOBERegBackup.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [Sophos AutoUpdate Monitor] C:\Program Files\Sophos\AutoUpdate\almon.exe (Sophos Limited)
O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [DeskDriveStartup] C:\Program Files\Desk Drive\DeskDrive.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll (Sophos Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 1.7.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C7F9BFB-7B5C-4CD9-A012-29F01DBBCB56}: DhcpNameServer = 139.7.30.125 139.7.30.126
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9338612-FEEF-495A-9F36-4BA038B26BFE}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL) - C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Limited)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{021cb6f4-bc1a-11df-a795-e0cb4e65b84e}\Shell - "" = AutoRun
O33 - MountPoints2\{021cb6f4-bc1a-11df-a795-e0cb4e65b84e}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup\blank.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/07/09 22:10:11 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board-Dateien
[2013/07/09 15:28:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe
[2013/07/03 09:57:58 | 000,000,000 | ---D | C] -- C:\Program Files\Firefox
[2013/07/02 11:07:05 | 000,000,000 | ---D | C] -- D:\Audio\Musik\Noten\Documents\Meine Paletten
[2013/06/29 21:53:42 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Local\Apple Computer
[2013/06/26 14:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\Thunderbird
[2013/06/26 13:48:18 | 000,000,000 | ---D | C] -- C:\Users\Monika\Neuer Ordner
[2013/06/26 13:45:36 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents
[2013/06/13 23:28:56 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/06/10 19:38:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\phase-6
========== Files - Modified Within 30 Days ==========
[2013/07/09 22:21:42 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/09 22:21:42 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/09 22:14:10 | 000,000,022 | ---- | M] () -- C:\windows\S.dirmngr
[2013/07/09 22:14:00 | 000,000,142 | ---- | M] () -- C:\windows\ODBC.INI
[2013/07/09 22:13:20 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/07/09 22:13:14 | 1408,638,976 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/09 22:11:43 | 000,000,020 | ---- | M] () -- C:\Users\Monika\defogger_reenable
[2013/07/09 22:10:14 | 000,074,574 | ---- | M] () -- C:\Users\Monika\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.htm
[2013/07/09 15:32:24 | 000,000,269 | ---- | M] () -- C:\Users\Monika\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.URL
[2013/07/09 15:29:46 | 000,377,856 | ---- | M] () -- C:\Users\Monika\Desktop\gmer_2.1.19163.exe
[2013/07/09 15:28:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe
[2013/07/09 15:17:54 | 000,050,477 | ---- | M] () -- C:\Users\Monika\Desktop\Defogger.exe
[2013/07/08 12:22:25 | 000,697,082 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2013/07/08 12:22:25 | 000,652,360 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/07/08 12:22:25 | 000,148,346 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2013/07/08 12:22:25 | 000,121,292 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/06/27 21:47:06 | 000,137,188 | ---- | M] () -- C:\Users\Monika\Desktop\GPS 2013-06-23.gdb
[2013/06/27 20:40:56 | 001,433,536 | ---- | M] () -- C:\Users\Monika\Desktop\GPS 2013-06-23.gpx
[2013/06/26 07:46:36 | 000,748,064 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013/06/19 10:58:13 | 000,124,817 | ---- | M] () -- C:\Users\Monika\Desktop\osmfilter.exe
[2013/06/19 10:04:39 | 387,674,571 | ---- | M] () -- C:\Users\Monika\Desktop\africa-latest.osm.pbf
[2013/06/19 09:54:08 | 000,283,889 | ---- | M] () -- C:\Users\Monika\Desktop\osmconvert.exe
[2013/06/17 17:13:43 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/06/10 19:38:15 | 000,001,115 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk
========== Files Created - No Company Name ==========
[2013/07/09 22:14:09 | 000,000,022 | ---- | C] () -- C:\windows\S.dirmngr
[2013/07/09 22:10:41 | 000,000,020 | ---- | C] () -- C:\Users\Monika\defogger_reenable
[2013/07/09 22:10:10 | 000,074,574 | ---- | C] () -- C:\Users\Monika\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.htm
[2013/07/09 15:32:24 | 000,000,269 | ---- | C] () -- C:\Users\Monika\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.URL
[2013/07/09 15:29:35 | 000,377,856 | ---- | C] () -- C:\Users\Monika\Desktop\gmer_2.1.19163.exe
[2013/07/09 15:17:44 | 000,050,477 | ---- | C] () -- C:\Users\Monika\Desktop\Defogger.exe
[2013/06/27 20:40:52 | 001,433,536 | ---- | C] () -- C:\Users\Monika\Desktop\GPS 2013-06-23.gpx
[2013/06/23 11:06:00 | 000,137,188 | ---- | C] () -- C:\Users\Monika\Desktop\GPS 2013-06-23.gdb
[2013/06/19 10:58:00 | 000,124,817 | ---- | C] () -- C:\Users\Monika\Desktop\osmfilter.exe
[2013/06/19 09:56:11 | 387,674,571 | ---- | C] () -- C:\Users\Monika\Desktop\africa-latest.osm.pbf
[2013/06/19 09:54:07 | 000,283,889 | ---- | C] () -- C:\Users\Monika\Desktop\osmconvert.exe
[2013/05/29 10:07:23 | 000,000,218 | ---- | C] () -- C:\Users\Monika\.recently-used.xbel
[2013/05/26 14:21:30 | 000,001,211 | ---- | C] () -- C:\Users\Monika\Letzte Sitzung Monika.prj
[2013/05/10 16:13:47 | 000,012,124 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\gcstar.zip
[2013/03/21 20:27:13 | 000,765,952 | ---- | C] () -- C:\windows\System32\xvidcore.dll
[2013/03/21 20:27:12 | 000,180,224 | ---- | C] () -- C:\windows\System32\xvidvfw.dll
[2012/09/25 15:58:03 | 000,000,724 | ---- | C] () -- C:\windows\wacam.ini
[2012/04/09 16:02:48 | 000,000,809 | ---- | C] () -- C:\windows\WININIT.INI
[2012/04/09 15:54:58 | 000,000,892 | ---- | C] () -- C:\windows\ODBCINST.INI
[2012/01/04 16:03:33 | 000,019,968 | ---- | C] () -- C:\windows\System32\sha1sum.exe
[2011/12/13 17:43:02 | 000,212,992 | ---- | C] () -- C:\windows\System32\Bot.dll
[2011/11/07 19:15:28 | 000,018,944 | ---- | C] ( ) -- C:\windows\System32\IMPLODE.DLL
[2011/11/07 19:15:22 | 000,210,944 | ---- | C] () -- C:\windows\System32\Msvcrt10.dll
[2011/07/19 18:35:48 | 000,003,584 | ---- | C] () -- C:\Users\Monika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/18 18:21:06 | 000,020,000 | -H-- | C] () -- C:\ProgramData\R49LW
[2010/10/05 19:23:06 | 000,001,156 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\wklnhst.dat
[2010/06/30 17:09:45 | 000,000,600 | ---- | C] () -- C:\Users\Monika\AppData\Local\PUTTY.RND
[2010/05/04 20:49:03 | 000,007,609 | ---- | C] () -- C:\Users\Monika\AppData\Local\Resmon.ResmonCfg
[2010/05/02 09:54:00 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/22 15:23:25 | 000,000,600 | ---- | C] () -- C:\Users\Monika\PUTTY.RND
[2010/02/14 08:58:57 | 000,022,927 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\UserTile.png
[2009/10/10 00:54:20 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
========== ZeroAccess Check ==========
[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010/02/27 17:48:17 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\anpo.republika.pl
[2010/02/23 18:09:48 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Asus WebStorage
[2012/08/13 18:56:33 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Avery
[2010/12/21 17:37:04 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Canneverbe Limited
[2010/03/15 19:57:56 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Canon
[2011/01/20 21:12:31 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\capella-software
[2012/11/02 15:16:50 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\ComponentLib
[2013/02/10 23:22:09 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Cool Record Edit Pro
[2013/04/09 18:22:27 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\elsterformular
[2010/04/05 20:55:08 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\ESRI
[2010/02/28 21:41:30 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\EurekaLog
[2013/07/02 17:26:10 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\FileZilla
[2010/02/27 17:40:44 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\fltk.org
[2010/11/01 16:10:54 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Free Sound Recorder
[2012/05/03 21:21:33 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\GARMIN
[2013/05/10 17:04:27 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\gcstar
[2011/10/14 22:05:46 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\GNU Solfege
[2013/02/28 19:48:44 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\gnupg
[2013/05/06 20:13:35 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\GRASS6
[2013/05/28 21:31:48 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\GSAK
[2013/05/29 09:04:39 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\gtk-2.0
[2012/11/02 15:16:50 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\HomeCollection
[2011/02/26 23:57:43 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\ImgBurn
[2010/05/12 21:42:16 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\InfraRecorder
[2011/10/16 12:15:42 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\IrfanView
[2013/07/08 21:14:43 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\JOSM
[2011/07/18 18:21:07 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Lasersoft Imaging
[2010/11/04 23:34:36 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Mp3tag
[2012/04/05 19:26:23 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\MusE
[2011/10/26 21:14:38 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\OpenOffice.org
[2011/07/24 12:35:49 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Opera
[2011/08/02 17:07:28 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Phase6
[2012/11/02 14:23:00 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\qupil
[2010/03/02 20:30:37 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Spesoft Audio Converter
[2011/10/25 22:30:42 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\StarOffice8
[2010/07/16 21:37:22 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Sync App Settings
[2010/10/05 19:23:16 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Template
[2010/02/07 21:01:30 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Thunderbird
[2010/09/14 22:18:55 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Vodafone
[2010/03/10 23:03:18 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\VoiceCommand
[2013/07/02 17:36:57 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\XnView
[2011/08/07 18:49:42 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\XSManager
[2010/10/19 15:50:42 | 000,000,000 | -H-D | M] -- C:\Users\Monika\AppData\Roaming\_SYNCAPP
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:63238B95
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:5F64C164
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:B606BA34
< End of report >
Extras.txt Code:
OTL Extras logfile created on: 7/9/2013 10:22:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Monika\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.75 Gb Total Physical Memory | 0.93 Gb Available Physical Memory | 53.08% Memory free
3.50 Gb Paging File | 2.53 Gb Available in Paging File | 72.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.00 Gb Total Space | 32.27 Gb Free Space | 32.27% Space Free | Partition Type: NTFS
Drive D: | 122.87 Gb Total Space | 31.90 Gb Free Space | 25.96% Space Free | Partition Type: NTFS
Computer Name: ZWERG | User Name: Monika | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Betrachten mit XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, hxxp://www.xnview.com)
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm-Fotowelt] -- "C:\Program Files\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
"" =
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D0FAAA4-DE07-4FBE-A15F-D4409C9D81B3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{16F87BA7-08D2-49FF-99C0-C655183BE77B}" = lport=137 | protocol=17 | dir=in | app=system |
"{20014FFF-A01A-41FB-93D4-E3A29DE85B43}" = rport=138 | protocol=17 | dir=out | app=system |
"{380401BA-D498-4A52-AFA7-497B88AD2BFB}" = lport=138 | protocol=17 | dir=in | app=system |
"{41FD4256-BFB6-4979-AA5C-A8C04F6E2110}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{45060E4F-C2B6-4BC5-B826-123091C41183}" = rport=137 | protocol=17 | dir=out | app=system |
"{7743E5AD-487E-4A39-A2C8-C433D5B99FCC}" = rport=139 | protocol=6 | dir=out | app=system |
"{8E8575B7-E771-4D6F-B9E3-D5885A7F5859}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9EB8DABF-D565-428E-BDF0-347B126D7408}" = lport=445 | protocol=6 | dir=in | app=system |
"{BFA174B9-5BC7-49E4-AD87-50F6176C1A8F}" = lport=139 | protocol=6 | dir=in | app=system |
"{C2002633-857C-47B0-B1E1-ABB82F09D6AC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C4FC0B15-9FBE-4EE1-9A3D-3D5A59A5F956}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F55697D4-03AF-4904-BFD0-5799D22BBF52}" = rport=445 | protocol=6 | dir=out | app=system |
"{FFB9B829-8346-4C49-8FCC-266079919F0C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{031A1D15-70FF-4032-95EF-7B509E065855}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F4BCF19-067D-49DE-9A6F-BC986CD81D80}" = protocol=17 | dir=in | app=c:\users\monika\appdata\local\apps\2.0\ztl9g8l2.r0x\b3cyc0ay.kaz\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe |
"{29F77F33-A4DB-4DE2-8120-1767475D90DB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2C669514-9911-4F33-AF4F-31A4598C26AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3B435C33-F6D4-46C2-AEA6-EEDD299CDFC3}" = protocol=17 | dir=in | app=c:\users\monika\appdata\local\apps\2.0\ztl9g8l2.r0x\b3cyc0ay.kaz\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{3E60AD38-1FE9-48E7-9CBD-36B0667262D8}" = protocol=6 | dir=in | app=c:\users\monika\appdata\local\apps\2.0\ztl9g8l2.r0x\b3cyc0ay.kaz\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{5CC0883A-F7A9-412E-8DAA-9F47381C45B2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{947FAFDE-F786-435B-A8E0-0D2563054A73}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AD097F05-1BE5-43A8-8E68-5301776B43E8}" = protocol=6 | dir=in | app=c:\program files\adobe\adobe version cue cs2\bin\versioncuecs2.exe |
"{BAA37ECA-31BE-412F-8FE1-E3CDEBC788F9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BE5478BE-EA54-4A5C-9026-9143A90CAEEE}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{C0D12CC2-8E76-4B61-B9BD-D7642641BDB4}" = protocol=17 | dir=in | app=c:\users\monika\appdata\local\apps\2.0\ztl9g8l2.r0x\b3cyc0ay.kaz\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe |
"{CBAF28F6-C17C-4F91-A66D-F7C4DF3DAB91}" = protocol=6 | dir=in | app=c:\users\monika\appdata\local\apps\2.0\ztl9g8l2.r0x\b3cyc0ay.kaz\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe |
"{CF2F71B1-478F-4A85-86C5-136FA5FCAF1A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E53DD15F-8C5A-4C06-B27D-5277AE757B81}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EAABF408-73AE-4DFE-8B3F-16AA2EBACC48}" = protocol=6 | dir=in | app=c:\users\monika\appdata\local\apps\2.0\ztl9g8l2.r0x\b3cyc0ay.kaz\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe |
"{EC998D22-EA93-4212-BF5F-45E7C31C4D7C}" = protocol=17 | dir=in | app=c:\program files\adobe\adobe version cue cs2\bin\versioncuecs2.exe |
"{EF9E804B-81E9-475C-B637-D0301F1654DD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{F8DD966D-52B1-40B3-ABF3-72B46F0D6346}C:\users\monika\appdata\local\apps\2.0\ztl9g8l2.r0x\b3cyc0ay.kaz\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe" = protocol=6 | dir=in | app=c:\users\monika\appdata\local\apps\2.0\ztl9g8l2.r0x\b3cyc0ay.kaz\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe |
"UDP Query User{0CA31FF7-EE0E-4180-BB14-20D9C548462F}C:\users\monika\appdata\local\apps\2.0\ztl9g8l2.r0x\b3cyc0ay.kaz\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe" = protocol=17 | dir=in | app=c:\users\monika\appdata\local\apps\2.0\ztl9g8l2.r0x\b3cyc0ay.kaz\frit..tion_8488884cfbcefd60_0002.0001_383382c5c60b72bd\fritzbox-usb-fernanschluss.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"_{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}" = CorelDRAW Graphics Suite X5 - Extra Content
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00F93853-D9D3-4795-A89E-84CCBA0205C9}" = Microsoft IntelliPoint 8.0
"{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803" = CanoScan 4400F
"{12C00299-B8B4-40D3-9663-66ABEA3198AB}" = Sophos Client Firewall
"{15C418EB-7675-42be-B2B3-281952DA014D}" = Sophos AutoUpdate
"{15F4085A-BC98-4590-AFFD-03BBBE49524E}" = Garmin Communicator Plugin
"{1873789F-59D5-4002-8A2F-60A827B78F98}_is1" = GmapTool 0.4.8
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{328019A7-0012-401D-96A2-4CDDD02675A8}" = Garmin POI Loader
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{368FCA18-C510-4F87-B60E-192B9BDBAE3D}" = CorelDRAW Graphics Suite X5
"{38697498-F4AA-4A8A-81F6-C09446AD020D}" = Print Server Utilities
"{38E5A3B1-ADF1-47E0-8024-76310A30EB36}" = LiveUpdate
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{46548E80-0407-0000-7E8A-45000F855001}" = Adobe GoLive CS2
"{47D50190-9DAD-4FFE-9EFA-6D278B2C4810}" = MapSource Product Install
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5009EF05-59FF-465C-906C-5843C96D04CD}" = Agatha Christie - Und dann gabs keines mehr
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{5DC8D05F-2FEA-4D8B-B300-A8F2F758C53F}" = ArcGIS Desktop
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{67F04A32-38FA-4F77-AEDA-1EBA551605EC}" = ArcSoft TotalMedia Theatre 3
"{68EE5C41-2F79-4F36-BE85-22A814F55AF7}" = CorelDRAW Graphics Suite X5 - ES
"{69ACFA8D-5D36-4CD8-BFDB-5034C6C0B94F}" = IDL 8.1
"{6AC7F416-78D5-4D98-B104-F8A39B2CF3A7}" = ArcGIS Tutorial Data
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75E9CAA3-B336-439D-85FB-7C7B2ACA1A16}" = Digital Zoom Control
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E3FE83B-1A29-406C-80B3-E74CFB5CB1D2}" = capella reader 6.0
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"{818D064D-7F72-4A2B-A565-E8472E85F553}" = WASY WGEO 3.0a
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{8F18CFF8-8259-4148-AD00-2EE572754E92}" = CorelDRAW Graphics Suite X5 - FR
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{946135EF-3A4C-494F-AE05-1312913DF880}" = Dr.Eee
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}" = Sophos Anti-Virus
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A9111573-EF12-4D80-A5B9-55F620D5BCA1}" = PL-2303 USB-to-Serial
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-1033-F400-7760-100000000002}" = Adobe Acrobat 7.0 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{AD6E0AE0-DADF-480E-82AE-4CDA6035D341}" = Evoluent Mouse Manager
"{ADBE46EE-54E0-4610-B436-D7E93D829100}" = Adobe Version Cue CS2
"{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3B2E45F-A0FC-47C6-B399-72D9D8482C8A}" = Visual Basic for Applications (R) Core - German
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{BFE9A442-5D4B-4372-B994-FB4BCEA78662}" = CorelDRAW Graphics Suite X5 - NL
"{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}" = CorelDRAW Graphics Suite X5 - Extra Content
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DB2DA644-E019-49FE-9E0B-90DD2AEC8367}" = Z-Icon Tool
"{DC43FBD3-3E5D-419D-A981-519F1A3E6F53}" = CorelDRAW Graphics Suite X5 - IT
"{DCF22E37-A8B6-4F78-9D61-3BCB5ED38A50}" = CorelDRAW Graphics Suite X5 - DE
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}" = CorelDRAW Graphics Suite X5 - EN
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3D2DEDC-4732-4188-8A3A-1A3FFBD4D6C8}" = ebi.BookReader3J
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"{FAD8718D-950E-468D-BDE2-17D4D6F1EA6A}" = FontResizer
"{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}" = CorelDRAW Graphics Suite X5 - BR
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Allway Sync_is1" = Allway Sync version 10.3.25
"ATnotes_is1" = ATnotes Version 9.5
"AudibleDownloadManager" = Audible Download Manager
"B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE" = Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403)
"B5C82F3814F82FB37F1513B3185399BD88892B08" = Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"cGPSmapper Free_is1" = cGPSmapper Free 0100
"ColorVisionStartup" = ColorVisionStartup
"Cool Record Edit Pro" = Cool Record Edit Pro
"Defraggler" = Defraggler
"dm-Fotowelt" = dm-Fotowelt
"ElsterFormular" = ElsterFormular
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ExpressRip" = Express Rip Uninstall
"Free Convert to DIVX AVI WMV MP4 MPEG Converter_is1" = Free Convert to DIVX AVI WMV MP4 MPEG Converter 5.8
"Free Sound Recorder" = Free Sound Recorder
"GCstar" = GCstar 1.6.1
"GNU Solfege_is1" = GNU Solfege 3.20.3
"GPG4Win" = Gpg4win (2.1.0)
"GPS-Track-Analyse.NET 6.0_is1" = GPS-Track-Analyse.NET 6.0
"GRASS GIS 6.4.3RC3" = GRASS 6.4
"GSAK_is1" = GSAK 7.7.4.36 (Final)
"ImgBurn" = ImgBurn
"InfraRecorder" = InfraRecorder
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{69ACFA8D-5D36-4CD8-BFDB-5034C6C0B94F}" = IDL 8.1
"InstallShield_{946135EF-3A4C-494F-AE05-1312913DF880}" = Dr.Eee
"InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"IrfanView" = IrfanView (remove only)
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"Mozilla Thunderbird 17.0.7 (x86 de)" = Mozilla Thunderbird 17.0.7 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.47b
"MuseScore" = MuseScore 1.3
"NVIDIA Drivers" = NVIDIA Drivers
"OOBERegBackup_is1" = OOBERegBackup
"OSM generic routable" = OSM generic routable
"PDFtoMusic Pro" = PDFtoMusic Pro
"phase-6" = phase-6 2.3.3
"Quantum GIS Lisboa" = Quantum GIS Lisboa 1.8.0 Lisboa
"RealPlayer 15.0" = RealPlayer
"Riven 1.0GE" = Riven
"SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.3 for Windows
"Spesoft Audio Converter_is1" = Spesoft Audio Converter 2.20
"Spoiler Sync_is1" = Spoiler Sync
"Spyder2express" = Spyder2express
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.6
"VTBuilder_is1" = VTBuilder 1.5 (2013.02.12)
"WinGDB3" = WinGDB3 3.55.1
"WinHex" = WinHex
"XnView_is1" = XnView 1.99.5
"XSManager" = XSManager
"Xvid_is1" = Xvid 1.1.3 final uninstall
"Zak McKracken - Between Time and Space" = Zak McKracken - Between Time and Space
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ArcView GIS 3.2a" = ArcView GIS 3.2a
"f018cf21c0452c64" = FRITZ!Box USB-Fernanschluss
"FileZilla Client" = FileZilla Client 3.7.1
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/21/2012 10:31:17 AM | Computer Name = Zwerg | Source = Application Error | ID = 1000
Error - 7/1/2012 1:14:10 PM | Computer Name = Zwerg | Source = Application Hang
| ID = 1002
Description = Programm mscore.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 145c
Startzeit: 01cd57830d9e39d0
Endzeit: 101
Anwendungspfad: C:\Program Files\MuseScore\bin\mscore.exe
Berichts-ID: e9f68081-c39f-11e1-abd0-e0cb4e65b84e
Error - 7/6/2012 11:24:05 AM | Computer Name = Zwerg | Source = Application Error
| ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_262.exe, Version: 11.3.300.262, Zeitstempel: 0x4fe20fae
Name des fehlerhaften Moduls: NPSWF32_11_3_300_262.dll, Version: 11.3.300.262, Zeitstempel: 0x4fe21212
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000ea84c
ID des fehlerhaften Prozesses: 0x116c
Startzeit der fehlerhaften Anwendung: 0x01cd5b89a02c7640
Pfad der fehlerhaften Anwendung: C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
Pfad des fehlerhaften Moduls: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
Berichtskennung: 9f2413f0-c77e-11e1-b3a2-e0cb4e65b84e
Error - 7/8/2012 3:55:10 PM | Computer Name = Zwerg | Source = Application Hang
| ID = 1002
Description = Programm CorelDRW.exe, Version 15.2.0.686 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: adc
Startzeit: 01cd5d407dd3e7f0
Endzeit: 103
Anwendungspfad: C:\Program Files\CorelDRAW Graphics Suite X5\Programs\CorelDRW.exe
Berichts-ID: c44dcea1-c936-11e1-af2f-e0cb4e65b84e
Error - 7/20/2012 3:24:33 AM | Computer Name = Zwerg | Source = Application Error
| ID = 1000
Description = Name der fehlerhaften Anwendung: CorelDRW.exe, Version: 15.2.0.686, Zeitstempel: 0x4d9be3e1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c380b
ID des fehlerhaften Prozesses: 0x1784
Startzeit der fehlerhaften Anwendung: 0x01cd6644419167b0
Pfad der fehlerhaften Anwendung: C:\Program Files\CorelDRAW Graphics Suite X5\Programs\CorelDRW.exe
Pfad des fehlerhaften Moduls: C:\windows\SYSTEM32\ntdll.dll
Berichtskennung: f3211300-d23b-11e1-a4b1-e0cb4e65b84e
Error - 8/26/2012 6:36:29 PM | Computer Name = Zwerg | Source = SideBySide | ID
= 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 8/26/2012 6:46:30 PM | Computer Name = Zwerg | Source = SideBySide | ID
= 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll" in Zeile 2.
Ungültige XML-Syntax.
Error - 9/3/2012 4:20:11 PM | Computer Name = Zwerg | Source = MsiInstaller | ID
= 11719
Description =
Error - 9/10/2012 11:15:32 AM | Computer Name = Zwerg | Source = Application Error
| ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000303a2
ID des fehlerhaften Prozesses: 0xad0
Startzeit der fehlerhaften Anwendung: 0x01cd8f66e9b5f280
Pfad der fehlerhaften Anwendung: C:\windows\system32\svchost.exe
Pfad des fehlerhaften Moduls: C:\windows\SYSTEM32\ntdll.dll
Berichtskennung: 5c8424d0-fb5a-11e1-b3e9-e0cb4e65b84e
Error - 9/10/2012 11:42:34 AM | Computer Name = Zwerg | Source = Application Error
| ID = 1000
Description = Name der fehlerhaften Anwendung: capella800.exe, Version: 3.0.0.4, Zeitstempel: 0x3809e4d3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00024d50
ID des fehlerhaften Prozesses: 0x1418
Startzeit der fehlerhaften Anwendung: 0x01cd8f6aa7e3add0
Pfad der fehlerhaften Anwendung: D:\Audio\capella800\capella800.exe
Pfad des fehlerhaften Moduls: C:\windows\SYSTEM32\ntdll.dll
Berichtskennung: 237df360-fb5e-11e1-b3e9-e0cb4e65b84e
Error - 9/21/2012 12:31:32 PM | Computer Name = Zwerg | Source = Application Error
| ID = 1000
Description = Name der fehlerhaften Anwendung: GoLive.exe, Version: 8.0.1.0, Zeitstempel: 0x4371c083
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x146c
Startzeit der fehlerhaften Anwendung: 0x01cd9812493a30a0
Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe GoLive CS2\GoLive.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: cd23abe0-0409-11e2-94ca-e0cb4e65b84e
Error - 9/21/2012 12:32:29 PM | Computer Name = Zwerg | Source = Application Error
| ID = 1000
Description = Name der fehlerhaften Anwendung: GoLive.exe, Version: 8.0.1.0, Zeitstempel: 0x4371c083
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x146c
Startzeit der fehlerhaften Anwendung: 0x01cd9812493a30a0
Pfad der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe GoLive CS2\GoLive.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: eeefb5c0-0409-11e2-94ca-e0cb4e65b84e
Error encountered while reading event logs.
< End of report >
Derzeit habe ich das betroffene System unangetastet gelassen, ich schreibe von einem anderen Gerät...
Mit ratlosen Grüßen
Monika |
FRST 32-Bit | FRST 64-Bit