Thanks a lot, Caroline, for that quick and precise answer. It seems that the scans didn't find anything. Here are the requested blogs:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.orgDatenbank Version: 6367
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019
15.04.2011 15:47:01
mbam-log-2011-04-15 (15-47-01).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|)
Durchsuchte Objekte: 359576
Laufzeit: 1 Stunde(n), 51 Minute(n), 35 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
========================================================
OTL logfile created on: 15.04.2011 15:51:32 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Philipp\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 28,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 52,70 Gb Free Space | 23,64% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 1,34 Gb Free Space | 14,93% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 1020,00 Mb Total Space | 995,37 Mb Free Space | 97,59% Space Free | Partition Type: FAT32
Computer Name: PHILIPP-PC | User Name: Philipp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - File not found --
PRC - [2011.04.15 15:50:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe
PRC - [2011.03.28 08:43:37 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10o_ActiveX.exe
PRC - [2011.03.17 22:30:03 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.12.20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010.12.18 08:28:35 | 000,638,232 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2010.12.08 21:17:46 | 001,226,608 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.11.10 02:54:18 | 004,240,760 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Messenger\msnmsgr.exe
PRC - [2010.11.10 01:13:30 | 000,025,456 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Contacts\wlcomm.exe
PRC - [2010.11.04 07:59:43 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.11.04 07:59:43 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.09.21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010.09.13 15:56:02 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmplayer.exe
PRC - [2010.08.27 01:34:22 | 000,107,008 | ---- | M] () -- C:\Programme\VideoLAN\VLC\vlc.exe
PRC - [2010.08.17 18:09:16 | 003,605,504 | ---- | M] () -- C:\Programme\capella-software\capella 7\capella.exe
PRC - [2010.04.02 11:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 04:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.04.10 23:28:04 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.06.21 01:37:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.06.21 01:37:24 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.06.10 20:21:16 | 000,238,896 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
PRC - [2008.06.10 20:13:58 | 000,018,944 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
PRC - [2008.06.06 02:07:52 | 000,256,512 | ---- | M] (SafeBoot International) -- c:\Programme\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2008.06.03 04:38:36 | 002,058,776 | ---- | M] (Intel Corporation) -- C:\Programme\Common Files\Intel\Privacy Icon\UNS\UNS.exe
PRC - [2008.06.03 04:38:34 | 000,367,128 | ---- | M] (Intel Corporation) -- C:\Programme\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
PRC - [2008.06.03 04:38:30 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\AMT\LMS.exe
PRC - [2008.06.02 22:11:34 | 000,065,808 | ---- | M] (Bioscrypt Inc.) -- c:\Programme\Hewlett-Packard\IAM\Bin\asghost.exe
PRC - [2008.05.16 00:11:12 | 001,176,824 | ---- | M] (AuthenTec, Inc.) -- c:\Programme\Fingerprint Sensor\AtService.exe
PRC - [2008.03.31 23:41:22 | 000,091,440 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2008.01.21 04:25:56 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:56 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.12.11 22:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007.10.19 17:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2007.05.16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) -- c:\Programme\ActivIdentity\ActivClient\accoca.exe
PRC - [2007.05.16 01:08:38 | 000,095,024 | ---- | M] (ActivIdentity) -- c:\Programme\ActivIdentity\ActivClient\acevents.exe
PRC - [2007.05.16 01:08:08 | 000,293,168 | ---- | M] (ActivIdentity) -- C:\Programme\ActivIdentity\ActivClient\accrdsub.exe
========== Modules (SafeList) ========== MOD - [2011.04.15 15:50:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2008.03.25 22:17:04 | 000,076,048 | ---- | M] (Bioscrypt Inc.) -- C:\Windows\System32\APSHook.dll
========== Win32 Services (SafeList) ========== SRV - [2011.03.17 22:30:03 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.11.04 07:59:43 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.03.25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2008.06.21 01:37:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.06.10 20:13:58 | 000,018,944 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2008.06.06 02:07:52 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2008.06.03 04:38:36 | 002,058,776 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\Privacy Icon\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2008.06.03 04:38:30 | 000,174,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\AMT\LMS.exe -- (LMS) Intel(R)
SRV - [2008.06.02 22:06:56 | 000,112,400 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2008.06.02 22:06:50 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Programme\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2008.05.16 00:11:12 | 001,176,824 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- c:\Programme\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008.01.21 04:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.11 22:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007.10.19 17:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007.05.16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
========== Driver Services (SafeList) ========== DRV - [2011.03.17 22:30:03 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.11.23 11:05:16 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.06.06 02:08:44 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2008.06.06 02:08:42 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2008.06.06 02:08:40 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2008.06.06 02:08:38 | 000,109,184 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2008.05.15 22:29:32 | 000,475,520 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2008.05.08 09:32:14 | 000,046,080 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008.04.28 16:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.04.14 23:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008.04.10 17:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.04.08 04:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008.04.08 04:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.03.27 21:39:58 | 000,224,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel(R)
DRV - [2008.03.27 00:12:56 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2008.03.01 02:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.21 04:23:51 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2007.06.19 02:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006.12.20 11:08:00 | 000,047,616 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rismc32.sys -- (rismc32)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnbIE - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
https://idlmail08.lotus.uzh.ch/mail/pka ... enDatabaseIE - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = 192.168.1.1
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Programme\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CognizanceTS] c:\Programme\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [picon] C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation)
O4 - HKLM..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-CH\local\search.html ()
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C}
https://idlmail08.lotus.uzh.ch/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6165e06c-4186-11e0-84bd-0026555798f6}\Shell - "" = AutoRun
O33 - MountPoints2\{6165e06c-4186-11e0-84bd-0026555798f6}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011.04.15 15:50:15 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe
[2011.04.15 13:58:12 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\Noch bist du da
[2011.04.15 13:54:34 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Malwarebytes
[2011.04.15 13:54:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011.04.15 13:54:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.15 13:54:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.15 13:54:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011.04.15 13:54:17 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.04.15 13:51:46 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Philipp\Desktop\mbam-setup-1.50.1.1100.exe
[2011.04.15 13:48:34 | 000,000,000 | ---D | C] -- C:\windows\System32\appmgmt
[2011.04.15 07:29:05 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{C5893BC2-97B8-4E37-A257-5CC5AA8C6723}
[2011.04.14 18:50:02 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{50E88A48-374B-470D-894D-0F62C17008CD}
[2011.04.13 09:21:46 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{FC5B780D-B553-4A6F-B29B-3D5F0A3419DA}
[2011.04.12 20:06:08 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{913323F5-165E-411E-8AA9-9FB9B8D2FBFB}
[2011.04.12 08:05:27 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{D7F9417C-DB89-4A50-8454-7F71880A6DB2}
[2011.04.11 20:04:29 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{C22DED24-3565-43A4-9C5D-17E75C806F28}
[2011.04.11 08:03:43 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{A2E89A8F-DBC2-4C4E-B4FD-2064100E6D45}
[2011.04.10 12:20:54 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{F3DDA1BA-7E6B-4F56-8F1B-CEDB24588BE0}
[2011.04.10 00:19:58 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{6A8D8B09-F78B-4272-8991-169AFACA7893}
[2011.04.09 06:37:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{51EAA2C8-38C0-48AC-AFD6-2F43C199C229}
[2011.04.08 06:36:00 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{07A081DC-E858-4F55-86F1-FD805D490715}
[2011.04.07 18:30:28 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{874ABAE4-5AD9-42A3-ACC2-941E182E4870}
[2011.04.07 15:55:35 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\Aufnahmen Zusammenhang
[2011.04.07 10:12:09 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\dvdcss
[2011.04.07 06:29:47 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{E2245E91-D8CE-4171-9A80-4B807F9FDEFB}
[2011.04.06 11:29:15 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{B8DC3EF3-6BB7-477C-A635-A54D3DBCFB53}
[2011.04.05 22:32:15 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{5DDE32D8-8DD5-46FA-B40E-5A8D611D6F96}
[2011.04.05 07:22:27 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{65ECE1B1-A893-4A6C-890E-C0B45D3E889D}
[2011.04.04 21:10:52 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\deployJava1.dll
[2011.04.04 21:10:52 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe
[2011.04.04 21:10:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe
[2011.04.04 21:10:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe
[2011.04.04 21:10:24 | 000,000,000 | ---D | C] -- C:\Users\Philipp\lib
[2011.04.04 19:21:34 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{3742F599-3C32-422B-AB67-5C845D83FD08}
[2011.04.04 07:20:53 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{2D8E595E-CC96-464A-AEE0-1276DE0A05B9}
[2011.04.02 07:39:05 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{2865A9F7-FE6B-493A-ACCE-ABC40E462CAC}
[2011.04.01 07:37:19 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{F054DC07-4D48-486E-BE94-B8514C25DD43}
[2011.03.31 06:30:20 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{E87F3BC7-AAD2-4547-A093-FEC7C8C96715}
[2011.03.24 02:24:29 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll
[2011.03.24 02:24:28 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll
[2010.10.11 23:48:07 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll
[2010.10.11 23:48:06 | 000,176,128 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll
[118 C:\Users\Philipp\Desktop\*.tmp files -> C:\Users\Philipp\Desktop\*.tmp -> ]
[1 C:\Users\Philipp\Documents\*.tmp files -> C:\Users\Philipp\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011.04.15 15:50:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe
[2011.04.15 14:32:26 | 000,003,344 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.15 14:32:26 | 000,003,344 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.15 13:54:26 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.15 13:51:59 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Philipp\Desktop\mbam-setup-1.50.1.1100.exe
[2011.04.15 09:31:11 | 000,674,582 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011.04.15 09:31:11 | 000,634,400 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011.04.15 09:31:11 | 000,146,234 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011.04.15 09:31:11 | 000,119,964 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011.04.15 08:50:36 | 000,000,426 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{CB254BC6-AF58-410C-B621-B7AA08168421}.job
[2011.04.15 08:32:15 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.04.15 08:31:59 | 3116,646,400 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.15 08:30:55 | 000,000,012 | ---- | M] () -- C:\windows\bthservsdp.dat
[2011.04.15 08:30:24 | 000,000,466 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011.04.07 10:26:36 | 000,052,506 | ---- | M] () -- C:\Users\Philipp\Desktop\STE-000.mp3
[2011.04.07 10:14:12 | 038,639,246 | ---- | M] () -- C:\Users\Philipp\Desktop\STE-002.wav
[2011.04.06 12:16:56 | 000,000,553 | ---- | M] () -- C:\windows\capella.INI
[2011.04.05 15:20:44 | 000,000,876 | ---- | M] () -- C:\windows\$_hpcst$.hpc
[2011.04.04 21:10:19 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe
[2011.04.04 21:10:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe
[2011.04.04 21:10:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe
[2011.04.04 21:10:17 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\deployJava1.dll
[2011.04.04 21:10:16 | 000,003,409 | ---- | M] () -- C:\Users\Philipp\COPYRIGHT
[2011.04.04 21:10:16 | 000,000,943 | ---- | M] () -- C:\Users\Philipp\Welcome.html
[2011.04.04 16:53:08 | 000,011,776 | ---- | M] () -- C:\Users\Philipp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.17 22:30:03 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys
[118 C:\Users\Philipp\Desktop\*.tmp files -> C:\Users\Philipp\Desktop\*.tmp -> ]
[1 C:\Users\Philipp\Documents\*.tmp files -> C:\Users\Philipp\Documents\*.tmp -> ]
========== Files Created - No Company Name ========== [2011.04.15 13:54:26 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.07 10:25:34 | 000,052,506 | ---- | C] () -- C:\Users\Philipp\Desktop\STE-000.mp3
[2011.04.07 10:13:36 | 038,639,246 | ---- | C] () -- C:\Users\Philipp\Desktop\STE-002.wav
[2011.04.06 12:16:55 | 000,000,553 | ---- | C] () -- C:\windows\capella.INI
[2011.04.06 12:16:03 | 000,000,466 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.04.05 15:20:44 | 000,000,876 | ---- | C] () -- C:\windows\$_hpcst$.hpc
[2011.04.04 21:10:16 | 000,003,409 | ---- | C] () -- C:\Users\Philipp\COPYRIGHT
[2011.04.04 21:10:16 | 000,000,943 | ---- | C] () -- C:\Users\Philipp\Welcome.html
[2010.11.09 19:51:21 | 000,000,286 | ---- | C] () -- C:\windows\reimage.ini
[2010.11.05 01:06:54 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll
[2010.10.14 08:45:26 | 000,000,400 | ---- | C] () -- C:\windows\ODBC.INI
[2010.10.13 12:00:31 | 000,011,776 | ---- | C] () -- C:\Users\Philipp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.13 10:39:36 | 000,062,976 | ---- | C] () -- C:\windows\System32\PrintBrmUi.exe
[2010.10.13 10:39:28 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll
[2010.10.13 10:39:01 | 000,107,612 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin
[2010.10.12 22:36:26 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin
[2010.10.12 06:58:28 | 000,022,720 | ---- | C] () -- C:\windows\System32\emptyregdb.dat
[2010.10.11 23:48:06 | 001,804,160 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys
[2010.10.11 23:48:06 | 000,028,160 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys
[2010.10.11 23:48:06 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2009.08.21 21:05:50 | 000,000,012 | ---- | C] () -- C:\windows\bthservsdp.dat
[2008.06.13 04:59:22 | 000,147,456 | ---- | C] () -- C:\windows\System32\igfxCoIn_v1502.dll
[2008.06.13 04:41:20 | 000,492,496 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2008.06.13 04:41:18 | 002,192,024 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2008.06.13 04:41:18 | 000,147,172 | ---- | C] () -- C:\windows\System32\igfcg550.bin
[2008.06.06 02:08:38 | 000,109,184 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys
[2008.04.15 22:22:46 | 000,290,748 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2008.04.15 22:22:45 | 000,674,582 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2008.04.15 22:22:45 | 000,146,234 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2008.04.15 22:22:45 | 000,036,916 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2006.11.02 14:56:48 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2006.11.02 14:47:43 | 000,382,720 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2006.11.02 12:33:01 | 000,634,400 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,119,964 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2006.11.02 12:25:26 | 000,557,568 | ---- | C] () -- C:\windows\System32\hpotscl1.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2006.03.09 19:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll
[2005.04.04 08:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll
[1998.05.07 13:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll
< End of report >
=============================================
OTL Extras logfile created on: 15.04.2011 15:51:32 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Philipp\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 28,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 52,70 Gb Free Space | 23,64% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 1,34 Gb Free Space | 14,93% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 1020,00 Mb Total Space | 995,37 Mb Free Space | 97,59% Space Free | Partition Type: FAT32
Computer Name: PHILIPP-PC | User Name: Philipp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{29E0E762-275A-4EF3-8F3B-023723A49EB0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{C739C380-F78A-4EF9-99A3-DCDA5612D092}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D85DB66E-3AE4-4DC1-BC6B-0C75B529BCCA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05283FDD-4DA1-46CC-9992-4CC12E6923A7}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{0B1A3730-577B-4351-B926-EA2A0DAF4143}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{1A802570-57E2-4E1C-8E65-6BD14AD1841D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{249785C2-AA29-48C9-96B8-806A55434CA6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{309B32B8-0395-47F0-9371-E2972C17CA65}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{34AC7414-01C7-4E40-B8A8-BEB635E0A403}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{3DFCEE33-CEE5-4500-A43F-66CF0B81B7C2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{529E6635-E55C-4213-8414-2427F17179FF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{757D0FD0-61E9-461D-A396-C43010E85D71}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{8383F0CB-DEBB-4818-9A66-A9A0FCA8A13D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{86AE5B07-56F5-4C3D-819B-FA2E2A6049F0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{9855DDF9-4C41-4130-A0B2-6C743C105695}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{A74A0521-F018-4291-BDA0-213E146C2D85}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{AA7CE3EB-722C-496D-9BA3-50F6C3A217DF}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{B18B32E1-EF13-40DE-9198-495D73CAD725}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{BF8C04C5-0577-4438-9C46-BE21016D52EF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{C0D33533-7786-45B0-B8AA-8AE86FC42052}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{C78418C0-E46E-4589-AAA0-09AEF378D17A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{D13917C2-111C-4388-A4B8-CEC17BC81DBC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{E3C93E91-0CEC-42DB-9674-6E8555A125D2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{E49762BF-1C78-45F1-B709-BDF17F7C779B}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"TCP Query User{A4049135-AB04-4847-9A7B-76242CDBED8E}C:\users\philipp\appdata\local\temp\usmt\migwiz.exe" = protocol=6 | dir=in | app=c:\users\philipp\appdata\local\temp\usmt\migwiz.exe |
"TCP Query User{D4E8E0F3-F0FA-4940-823A-C73760E58531}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{DE77423E-6DC2-49CC-9FC4-9804CEF5C6D3}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{5C5E9FD2-D005-4DC7-8174-22C89CC048C3}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{600EE1D9-77F7-4475-AD7B-549C3DAFF749}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{8A36BC46-7914-4453-960C-70DEFB61E313}C:\users\philipp\appdata\local\temp\usmt\migwiz.exe" = protocol=17 | dir=in | app=c:\users\philipp\appdata\local\temp\usmt\migwiz.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01F81577-D786-49D7-BAAF-B8A8B44CE251}" = ESU for Microsoft Vista SP1
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0FCA0973-24C0-48EA-8CF6-71B53C135C09}" = Microsoft Office Communicator 2007
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series" = Canon iP4800 series Printer Driver
"{154E4F71-DFC0-4B31-8D99-F97615031B02}" = HP Webcam Application
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{207A8D54-51C9-48B6-80E6-CBA5403B3ED4}" = Vista Default Settings
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{272253C3-D9DD-4C0C-A586-7E7ABC7E9AA2}" = Presto! BizCard 5
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 E1
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{420BBA1D-B275-4891-838C-EA88FE87A632}" = HP Customer Experience Enhancements
"{48DC0314-8310-4D35-B52D-878B5255F26A}" = HP JavaCard for HP ProtectTools
"{4C203E35-B5C7-4E35-9834-619668C0FFEE}" = HP 3D DriveGuard
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{583C712B-884A-424A-9DAC-F169C73FB275}" = Credential Manager for HP ProtectTools
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6BABB0C8-90D8-4622-A073-18C710458031}" = capella 7
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = HP Software Setup 5.00.A.7
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}" = HP ProtectTools Security Manager Suite
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A1F9988-F56D-4D70-B759-3189B56EB1B2}" = HP User Guides 0098
"{7CDBE27D-87EC-434E-AFE4-D0116AE876BB}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BB128BE-2670-485D-A221-B00715BCEBCF}" = HP Easy Setup - Frontend
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC194855-F7AC-4D04-B4C9-07BA46FCB697}" = ActivClient 6.1 x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43F0316-CAA1-45C3-AAA7-B2E52D7AE8CA}" = HP ProtectTools Security Manager
"{C4BEEB8C-B9D2-4CD9-A2AA-1F3A1F57DF21}" = Works Suite-Betriebssystem-Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}" = HP Help and Support
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F42A52C4-FCDE-4D9D-9FD4-D004B4E5F08D}" = Presto! BizCard 5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB05CD66-D5EC-4B2A-8C6C-D434133323F4}" = Drive Encryption for HP ProtectTools
"{FECEF9D2-9D3D-449B-9EA4-CFA775C99461}" = AuthenTec Fingerprint System
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AOL Toolbar" = AOL Toolbar 5.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Canon iP4800 series Benutzerregistrierung" = Canon iP4800 series Benutzerregistrierung
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"DivX Setup.divx.com" = DivX-Setup
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HECI" = Intel(R) Management Engine Interface
"HP QuickLook 2_is1" = HP QuickLook 2
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"MESOL" = Intel® Active-Management-Technologie
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.4
"WinLiveSuite" = Windows Live Essentials
"Works2003Setup" = Microsoft Works 2003-Setup-Start
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 14.04.2011 07:45:34 | Computer Name = Philipp-PC | Source = SignInAssistant | ID = 0
Description =
Error - 14.04.2011 07:49:11 | Computer Name = Philipp-PC | Source = Windows Search Service | ID = 3100
Description =
Error - 14.04.2011 07:53:12 | Computer Name = Philipp-PC | Source = Windows Search Service | ID = 3100
Description =
Error - 14.04.2011 07:57:12 | Computer Name = Philipp-PC | Source = Windows Search Service | ID = 3100
Description =
Error - 14.04.2011 08:01:31 | Computer Name = Philipp-PC | Source = WinMgmt | ID = 10
Description =
Error - 14.04.2011 08:07:15 | Computer Name = Philipp-PC | Source = Windows Search Service | ID = 3079
Description =
Error - 14.04.2011 16:24:00 | Computer Name = Philipp-PC | Source = Application Hang | ID = 1002
Description = Programm capella.exe, Version 7.0.2.6 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 1648 Anfangszeit: 01cbfaa53c75d5a5 Zeitpunkt der Beendigung:
31
Error - 14.04.2011 16:24:03 | Computer Name = Philipp-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung AsGHost.exe, Version 3.0.0.64, Zeitstempel 0x48443907,
fehlerhaftes Modul ItSSO.dll, Version 3.0.0.464, Zeitstempel 0x484439b8, Ausnahmecode
0xc0000005, Fehleroffset 0x0001683f, Prozess-ID 0xec0, Anwendungsstartzeit 01cbfa9b98f79ca5.
Error - 15.04.2011 01:27:42 | Computer Name = Philipp-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.04.2011 02:33:31 | Computer Name = Philipp-PC | Source = WinMgmt | ID = 10
Description =
[ Credential Manager Events ]
Error - 15.02.2011 18:24:20 | Computer Name = Philipp-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Philipp@Philipp-PC Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost
Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP
Error - 15.02.2011 18:24:20 | Computer Name = Philipp-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Philipp@Philipp-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 27.02.2011 18:19:05 | Computer Name = Philipp-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Philipp@Philipp-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 27.02.2011 18:19:05 | Computer Name = Philipp-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Philipp@Philipp-PC Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost
Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP
Error - 28.02.2011 03:29:06 | Computer Name = Philipp-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Philipp@Philipp-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 28.02.2011 03:29:06 | Computer Name = Philipp-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Philipp@Philipp-PC Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost
Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP
Error - 03.03.2011 03:27:13 | Computer Name = Philipp-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Philipp@Philipp-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 03.03.2011 03:27:13 | Computer Name = Philipp-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Philipp@Philipp-PC Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost
Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP
Error - 04.03.2011 15:38:42 | Computer Name = Philipp-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Philipp@Philipp-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 04.03.2011 15:38:42 | Computer Name = Philipp-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Philipp@Philipp-PC Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost
Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP
[ System Events ]
Error - 14.04.2011 07:44:06 | Computer Name = Philipp-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 14.04.2011 07:45:34 | Computer Name = Philipp-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 14.04.2011 07:45:34 | Computer Name = Philipp-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 14.04.2011 08:02:04 | Computer Name = Philipp-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 14.04.2011 08:07:36 | Computer Name = Philipp-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 15.04.2011 01:28:37 | Computer Name = Philipp-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 15.04.2011 02:33:19 | Computer Name = Philipp-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 15.04.2011 07:48:10 | Computer Name = Philipp-PC | Source = DCOM | ID = 10005
Description =
Error - 15.04.2011 07:48:10 | Computer Name = Philipp-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 15.04.2011 07:48:10 | Computer Name = Philipp-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >