|
Log-Analyse und Auswertung: Habe mir einen "virus" o.ä. eingefangen, Linker Mausklick geht nicht mehrWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
16.09.2011, 20:15 | #1 |
| Habe mir einen "virus" o.ä. eingefangen, Linker Mausklick geht nicht mehr Hallo Viren-Cracks, nachdem mein System ein paar Wochen "sauber" war habe ich mir schon wieder was eingefangen ... ich versuche grade mb an den start zu bekommen ohne Maus ... hier die 2 Logs vom OTL, das ging ohne Maus.... (mit dem BANDITEN drin vermute ich)OTL Logfile: Code:
ATTFilter OTL logfile created on: 16.09.2011 20:53:18 - Run 1 OTL by OldTimer - Version 3.2.28.0 Folder = F:\ Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 79,29% Memory free 6,34 Gb Paging File | 5,80 Gb Available in Paging File | 91,49% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 54,99 Gb Total Space | 4,03 Gb Free Space | 7,33% Space Free | Partition Type: NTFS Drive D: | 19,53 Gb Total Space | 8,35 Gb Free Space | 42,77% Space Free | Partition Type: NTFS Drive F: | 1,86 Gb Total Space | 1,85 Gb Free Space | 99,05% Space Free | Partition Type: FAT Drive I: | 930,39 Gb Total Space | 804,21 Gb Free Space | 86,44% Space Free | Partition Type: NTFS Drive Q: | 5496,93 Gb Total Space | 970,30 Gb Free Space | 17,65% Space Free | Partition Type: NTFS Drive R: | 458,10 Gb Total Space | 53,26 Gb Free Space | 11,63% Space Free | Partition Type: NTFS Drive S: | 458,10 Gb Total Space | 53,26 Gb Free Space | 11,63% Space Free | Partition Type: NTFS Drive U: | 232,83 Gb Total Space | 134,05 Gb Free Space | 57,57% Space Free | Partition Type: NTFS Computer Name: MCS-FRANK | User Name: frank | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.09.16 19:58:44 | 002,322,184 | ---- | M] (ESET) -- F:\esetsmartinstaller_enu.exe PRC - [2011.09.16 19:57:50 | 000,581,632 | ---- | M] (OldTimer Tools) -- F:\OTL.exe PRC - [2011.08.26 09:28:22 | 000,398,184 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe PRC - [2011.08.26 09:28:08 | 000,369,344 | ---- | M] (BitDefender) -- C:\Programme\BitDefender\BitDefender 2008\bdagent.exe PRC - [2011.08.26 09:28:06 | 001,790,744 | ---- | M] (BitDefender) -- C:\Programme\BitDefender\BitDefender 2008\vsserv.exe PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe PRC - [2011.07.06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.05.18 22:40:06 | 002,016,504 | ---- | M] (UltraVNC) -- C:\Programme\UltraVNC\winvnc.exe PRC - [2011.04.08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2011.03.17 18:37:17 | 004,942,336 | ---- | M] (FNet Co., Ltd.) -- C:\Programme\XFastUsb\XFastUsb.exe PRC - [2011.02.18 17:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.05.31 23:19:44 | 000,573,440 | ---- | M] (BitDefender) -- C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Management Agent\bdemagent.exe PRC - [2010.03.23 14:15:21 | 000,722,280 | ---- | M] (DisplayLink Corp.) -- C:\Programme\DisplayLink Core Software\DisplayLinkUI.exe PRC - [2010.03.23 14:15:19 | 000,808,296 | ---- | M] (DisplayLink Corp.) -- C:\Programme\DisplayLink Core Software\DisplayLinkUserAgent.exe PRC - [2010.03.23 14:15:18 | 004,752,744 | ---- | M] (DisplayLink Corp.) -- C:\Programme\DisplayLink Core Software\DisplayLinkManager.exe PRC - [2009.12.23 18:17:38 | 000,071,168 | ---- | M] () -- C:\WINDOWS\system32\LxrJD31s.exe PRC - [2009.02.09 15:46:12 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\U2VSvr.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008.02.29 13:59:20 | 000,245,760 | R--- | M] (BUFFALO INC.) -- C:\Programme\BUFFALO\NASNAVI\nassvc.exe PRC - [2007.11.27 18:46:32 | 000,086,016 | ---- | M] (BitDefender) -- C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Communicator\xcommsvr.exe PRC - [2007.11.14 22:46:00 | 000,131,072 | ---- | M] (Brio) -- C:\Programme\FolderSize\FolderSizeSvc.exe PRC - [2006.09.22 01:41:30 | 001,949,912 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe PRC - [2006.09.22 01:35:14 | 000,082,832 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe PRC - [2006.09.22 01:35:08 | 000,226,192 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe PRC - [2006.09.22 01:33:02 | 001,176,768 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2005.05.31 22:31:08 | 000,483,328 | ---- | M] (FinePrint Software, LLC) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\fppdis2a.exe PRC - [2005.05.31 22:23:24 | 000,483,328 | ---- | M] (FinePrint Software, LLC) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\fpdisp5a.exe PRC - [2004.08.05 20:28:42 | 000,090,112 | ---- | M] (ICSI Technology Ltd.) -- C:\WINDOWS\Dit.exe PRC - [2003.06.20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE ========== Modules (No Company Name) ========== MOD - [2011.08.27 20:50:05 | 000,056,224 | ---- | M] () -- \\?\C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Threat Scanner\av32bit_ent_21517\avxdisk.dll MOD - [2011.08.26 09:28:22 | 000,398,184 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe MOD - [2011.08.26 09:28:13 | 000,240,640 | ---- | M] () -- C:\Programme\BitDefender\BitDefender 2008\bdfltlib.dll MOD - [2011.08.26 09:27:16 | 000,212,480 | ---- | M] () -- c:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Threat Scanner\smartscn.dll MOD - [2011.08.26 09:27:15 | 000,345,600 | ---- | M] () -- \\?\C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Threat Scanner\trufos.dll MOD - [2009.12.23 18:17:38 | 000,071,168 | ---- | M] () -- C:\WINDOWS\system32\LxrJD31s.exe MOD - [2009.02.09 15:46:12 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\U2VSvr.exe MOD - [2007.05.22 10:59:22 | 000,128,512 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2007.04.18 18:11:26 | 000,196,608 | ---- | M] () -- C:\Programme\BitDefender\BitDefender 2008\libexpatw.dll MOD - [2006.09.22 00:38:24 | 000,045,968 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Acronis\Common\gc.dll MOD - [2003.05.15 03:15:50 | 000,753,664 | ---- | M] () -- C:\Programme\Adobe\Acrobat 6.0\Distillr\AdistRes.DEU ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (TeamViewer) SRV - File not found [On_Demand | Stopped] -- -- (gusvc) SRV - [2011.08.26 09:28:22 | 000,398,184 | ---- | M] () [Auto | Running] -- C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV) SRV - [2011.08.26 09:28:06 | 001,790,744 | ---- | M] (BitDefender) [Auto | Running] -- C:\Programme\BitDefender\BitDefender 2008\vsserv.exe -- (VSSERV) SRV - [2011.08.26 09:27:15 | 000,336,384 | ---- | M] (BitDefender) [On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan) SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE) SRV - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.05.18 22:40:06 | 002,016,504 | ---- | M] (UltraVNC) [Auto | Running] -- C:\Programme\UltraVNC\WinVNC.exe -- (uvnc_service) SRV - [2011.02.18 17:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.05.31 23:19:44 | 000,573,440 | ---- | M] (BitDefender) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Management Agent\bdemagent.exe -- (BitDefender Management Agent) SRV - [2010.03.23 14:15:18 | 004,752,744 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Programme\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService) SRV - [2009.12.23 18:17:38 | 000,071,168 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\LxrJD31s.exe -- (LxrJD31s) SRV - [2009.05.17 22:04:00 | 000,098,488 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe -- (SandraAgentSrv) SRV - [2009.04.11 14:16:58 | 000,361,728 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2009.02.09 15:46:12 | 000,192,512 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\U2VSvr.exe -- (U2VSvr) SRV - [2008.07.18 15:05:40 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2008.02.29 13:59:20 | 000,245,760 | R--- | M] (BUFFALO INC.) [Auto | Running] -- C:\Programme\BUFFALO\NASNAVI\nassvc.exe -- (NasPmService) SRV - [2007.11.27 18:46:32 | 000,086,016 | ---- | M] (BitDefender) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Communicator\xcommsvr.exe -- (XCOMM) SRV - [2007.11.14 22:46:00 | 000,131,072 | ---- | M] (Brio) [Auto | Running] -- C:\Programme\FolderSize\FolderSizeSvc.exe -- (FolderSize) SRV - [2006.09.22 01:35:08 | 000,226,192 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2004.08.11 00:46:56 | 000,483,328 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- c:\Programme\Windows Media Connect\mswmccds.exe -- (WmcCds) Windows Media Connect (WMC) SRV - [2004.08.10 21:50:42 | 000,028,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Connect\mswmcls.exe -- (WmcCdsLs) SRV - [2003.07.28 13:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2003.06.20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) ========== Driver Services (SafeList) ========== DRV - [2011.09.16 20:51:44 | 000,017,408 | ---- | M] (ICSI Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBCRFT.SYS -- (CardReaderFilter) DRV - [2011.08.26 09:28:17 | 000,152,528 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfm.sys -- (bdfm) DRV - [2011.08.26 09:28:14 | 000,327,368 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr) DRV - [2011.08.26 09:28:11 | 000,098,768 | ---- | M] (BitDefender SRL) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bdfndisf.sys -- (Bdfndisf) DRV - [2011.08.26 09:28:03 | 000,117,896 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\Programme\BitDefender\BitDefender 2008\bdselfpr.sys -- (BDSelfPr) DRV - [2011.08.26 09:27:55 | 000,141,904 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Firewall\bdftdif.sys -- (bdftdif) DRV - [2011.08.26 09:27:15 | 000,309,320 | ---- | M] (BitDefender S.R.L.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\trufos.sys -- (trufos) DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2011.07.06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011.06.20 14:41:47 | 000,011,496 | ---- | M] (UVNC BVBA) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mv2.sys -- (mv2) DRV - [2011.03.22 11:32:27 | 000,029,248 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305) DRV - [2011.03.17 18:37:17 | 000,014,656 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\FNETURPX.SYS -- (FNETURPX) DRV - [2010.06.11 15:37:04 | 000,013,832 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsrAppCharger.sys -- (AsrAppCharger) DRV - [2010.03.23 14:15:48 | 000,027,776 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DisplayLinkGAport.sys -- (DisplayLinkGA) DRV - [2010.03.23 14:15:48 | 000,024,320 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DisplayLinkmirrorport.sys -- (DisplayLinkmirror) DRV - [2010.03.23 14:15:48 | 000,007,040 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DisplayLinkFilter.sys -- (DisplayLinkFilter) DRV - [2010.03.23 13:15:12 | 000,021,888 | ---- | M] (hxxp://libusb-win32.sourceforge.net) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DisplayLinkUsbPort_5.2.24075.0.sys -- (DisplayLinkUsbPort) DRV - [2009.12.23 18:17:38 | 000,069,824 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LxrJD31d.sys -- (LxrJD31d) DRV - [2009.11.25 14:57:28 | 001,617,408 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2009.06.26 09:29:34 | 001,656,960 | R--- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (AMBFilt) DRV - [2009.05.25 17:01:44 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD) DRV - [2009.05.12 18:40:36 | 000,019,456 | ---- | M] (Magic Control Technology Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\T1PMrGrp.sys -- (T1PMrGrp) DRV - [2009.05.12 18:40:18 | 000,018,560 | ---- | M] (Magic Control Technology Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\T1PExGrp.sys -- (T1PExGrp) DRV - [2009.05.12 18:38:26 | 000,086,784 | ---- | M] (Magic Control Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\t1pusb.sys -- (t1pusb) DRV - [2009.05.11 11:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.05.05 23:37:52 | 000,026,216 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\sandra.sys -- (SANDRA) DRV - [2008.12.02 08:56:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (MonFilt) DRV - [2008.08.18 19:54:24 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts) DRV - [2008.04.13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2008.03.25 12:48:08 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2008.03.25 12:48:06 | 000,054,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2007.08.18 00:00:00 | 000,004,818 | ---- | M] (www.winchiphead.com) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\UFBFilte.sys -- (UFBFilte) DRV - [2006.12.27 20:47:18 | 000,397,296 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter) DRV - [2006.12.27 20:47:18 | 000,033,488 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter) DRV - [2006.12.27 20:47:12 | 000,107,056 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman) DRV - [2005.07.25 16:13:00 | 000,014,464 | ---- | M] (YAMAHA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ymidusb.sys -- (YMIDUSB) DRV - [2005.06.03 20:36:16 | 000,065,794 | ---- | M] (Roland Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rdwm1009.sys -- (RDID1009) DRV - [2005.03.21 20:29:40 | 000,035,712 | ---- | M] (Line 6) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L6SM.sys -- (L6SeaMonkDev) DRV - [2004.05.17 22:04:16 | 000,041,984 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp) DRV - [2003.10.29 21:36:36 | 000,011,264 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp) DRV - [2003.10.29 20:54:58 | 000,427,776 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315) DRV - [2003.07.18 03:58:20 | 000,036,992 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP) DRV - [2002.07.10 17:39:34 | 000,032,256 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC) DRV - [2001.08.27 10:09:14 | 000,018,120 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt681x.sys -- (GT681x) DRV - [2001.08.17 15:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001.08.17 13:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://10.0.10.109/cgi-bin/enter.cgi IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: netviewero2o@netviewero2o:1.0 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4 FF - prefs.js..extensions.enabledItems: adonis.cuhk@gmail.com:1.7 FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2 FF - prefs.js..extensions.enabledItems: coralietab@mozdev.org:2.04.20110724 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..extensions.enabledItems: {D46E8522-6E86-44b1-A622-58C0668AD78E}:3.6.0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@palmsource.com/installer,version=1.0: C:\PROGRA~1\palmOne\PACKAG~1\NPInstal.dll () FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\netviewero2o@netviewero2o: C:\Programme\Netviewer\one2one\Plugin\FF plugin\ffone2one [2008.01.29 13:23:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.09.08 09:15:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.09.08 09:15:20 | 000,000,000 | ---D | M] [2010.11.22 19:14:01 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla\Extensions [2011.09.14 09:14:14 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla\Firefox\Profiles\y7z9vvyh.default\extensions [2011.01.28 18:26:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla\Firefox\Profiles\y7z9vvyh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.02.23 14:25:35 | 000,000,000 | ---D | M] (PDF Download) -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla\Firefox\Profiles\y7z9vvyh.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2011.03.16 12:39:12 | 000,000,000 | ---D | M] (Classic Compact) -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla\Firefox\Profiles\y7z9vvyh.default\extensions\{D46E8522-6E86-44b1-A622-58C0668AD78E} [2011.08.20 15:37:47 | 000,000,000 | ---D | M] (Google Docs Viewer) -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla\Firefox\Profiles\y7z9vvyh.default\extensions\adonis.cuhk@gmail.com [2011.08.20 15:37:51 | 000,000,000 | ---D | M] (IE Tab +) -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla\Firefox\Profiles\y7z9vvyh.default\extensions\coralietab@mozdev.org [2011.02.18 17:52:13 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla\Firefox\Profiles\y7z9vvyh.default\extensions\ietab@ip.cn [2011.03.16 12:39:11 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla\Firefox\Profiles\y7z9vvyh.default\extensions\{D46E8522-6E86-44b1-A622-58C0668AD78E}\chrome\mozapps\extensions [2011.09.14 09:14:14 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.06.04 08:38:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011.06.21 18:11:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2010.11.26 13:30:24 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\PROGRAMME\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION [2009.01.15 19:47:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2008.01.29 13:23:47 | 000,000,000 | ---D | M] (Netviewer one2one) -- C:\PROGRAMME\NETVIEWER\ONE2ONE\PLUGIN\FF PLUGIN\FFONE2ONE [2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2008.06.21 11:37:07 | 000,284,248 | ---- | M] (Musicnotes, Inc.) -- C:\Programme\mozilla firefox\plugins\npmusicn.dll [2009.04.29 14:13:48 | 010,437,264 | ---- | M] (PDFTron Systems Inc.) -- C:\Programme\mozilla firefox\plugins\PDFNetC.dll [2009.08.09 01:30:36 | 000,107,760 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\ScorchPDFWrapper.dll [2011.05.02 14:33:03 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2008.04.07 13:30:00 | 000,000,917 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\conduit.xml [2011.05.02 14:33:03 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2011.05.02 14:33:03 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2011.05.02 14:33:03 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2011.05.02 14:33:03 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.08.30 15:57:40 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll () O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll () O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Programme\BitDefender\BitDefender 2008\ietoolbar.dll (BitDefender) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll () O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [BDAgent] C:\Programme\BitDefender\BitDefender 2008\bdagent.exe (BitDefender) O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Programme\BitDefender\BitDefender 2008\IEShow.exe (BitDefender) O4 - HKLM..\Run: [Cmaudio] C:\WINDOWS\CMICNFG.CPL (C-Media Corporation) O4 - HKLM..\Run: [Dit] C:\WINDOWS\Dit.exe (ICSI Technology Ltd.) O4 - HKLM..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe (FinePrint Software, LLC) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe (FinePrint Software, LLC) O4 - HKLM..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\Keyhook.exe (Silicon Integrated Systems Corporation) O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKLM..\Run: [XFastUsb] C:\Programme\XFastUsb\XFastUsb.exe (FNet Co., Ltd.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisablePersonalDirChange = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Programme\Free Download Manager\dlall.htm () O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Programme\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Programme\Free Download Manager\dllink.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Programme\Free Download Manager\dlfvideo.htm () O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKLM\..Trusted Domains: hp.com ([]http in Trusted sites) O15 - HKLM\..Trusted Domains: hp.com ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: midifiles.de ([remote] HTTPS in Lokales Intranet) O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} hxxp://download.ebay.com/turbo_lister/DE/install.cab (Reg Error: Key error.) O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc2.cab (Office Update Installation Engine) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232184983201 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1314978076284 (MUWebControl Class) O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab (GMNRev Class) O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} hxxp://10.0.0.30/activex/AMC.cab (AxisMediaControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} hxxp://10.0.0.32/activex/AxisCamControl.cab (CamImage Class) O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab (ScorchPlugin Class) O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.10.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = m-city.local O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CEF42BD-6369-4C6C-8189-0676CD17DC30}: DhcpNameServer = 10.0.10.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C32898C0-BD7E-4574-8C64-85DBD7AFADD4}: NameServer = 10.0.10.2,10.0.10.1,10.0.0.2 O18 - Protocol\Handler\HPDCS {ba135f49-a12c-4e26-a2c4-6ea945999072} - C:\Programme\Gemeinsame Dateien\Hewlett-Packard\HP Device Communication Services\APP\hpdcsapp.dll (Hewlett-Packard Company) O18 - Protocol\Handler\hppfile {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll (Hewlett-Packard Company) O18 - Protocol\Handler\hppsam {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll (Hewlett-Packard Company) O18 - Protocol\Handler\hppzip {C4E2084B-ED27-4893-A43D-488CA3F370E2} - C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll (Hewlett-Packard Company) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Programme\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.09.07 00:33:48 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [2011.08.31 14:15:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\SUPERAntiSpyware.com [2011.08.31 14:14:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com [2011.08.31 14:14:56 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware [2011.08.31 09:05:08 | 000,000,000 | ---D | C] -- C:\osam [2011.08.31 09:03:14 | 001,916,416 | ---- | C] (AVAST Software) -- \\MCS-SRV\RedirectedFolders\frank\Desktop\aswMBR.exe [2011.08.31 09:01:53 | 000,000,000 | ---D | C] -- \\MCS-SRV\RedirectedFolders\frank\Desktop\osam [2011.08.30 16:33:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2011.08.30 15:05:36 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011.08.30 14:50:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011.08.30 14:47:29 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Verwaltung [2011.08.27 14:12:20 | 000,000,000 | ---D | C] -- C:\Programme\ESET [2011.08.27 11:16:03 | 000,000,000 | ---D | C] -- C:\Palm OS Desktop [2011.08.26 10:43:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Malwarebytes [2011.08.26 10:43:33 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011.08.26 10:43:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2011.08.26 10:43:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2011.08.26 10:43:26 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011.08.26 10:43:26 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.08.26 09:29:13 | 000,309,320 | ---- | C] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\trufos.sys [2011.08.26 09:29:13 | 000,152,528 | ---- | C] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\WINDOWS\System32\drivers\bdfm.sys [2011.08.26 09:29:13 | 000,105,808 | ---- | C] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\WINDOWS\System32\drivers\bdhv.sys [2011.08.19 14:58:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\BrowserPlus [2011.08.19 14:57:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Yahoo! [2006.07.25 16:10:13 | 000,018,120 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\gt681x.sys ========== Files - Modified Within 30 Days ========== [2011.09.16 21:00:00 | 000,000,496 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job [2011.09.16 20:51:44 | 000,017,408 | ---- | M] (ICSI Technology Ltd.) -- C:\WINDOWS\System32\drivers\USBCRFT.SYS [2011.09.16 20:30:16 | 000,212,641 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2011.09.16 20:29:44 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.09.16 20:28:51 | 000,000,188 | ---- | M] () -- C:\WINDOWS\478905b7-cf84-42d3-b378-7896691e777c.xml [2011.09.16 20:28:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.09.16 20:28:04 | 000,362,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.09.16 19:21:26 | 000,000,121 | ---- | M] () -- C:\WINDOWS\bdagent.INI [2011.09.14 19:41:00 | 000,000,194 | ---- | M] () -- C:\WINDOWS\tasks\sicher.job [2011.09.14 19:07:19 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.09.14 09:17:27 | 000,462,788 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2011.09.14 09:17:27 | 000,444,494 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011.09.14 09:17:27 | 000,072,370 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011.09.14 09:17:26 | 000,085,810 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2011.09.14 03:03:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011.09.10 13:52:59 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2011.09.10 12:32:54 | 052,498,432 | ---- | M] () -- \\MCS-SRV\RedirectedFolders\frank\My Documents\mailings2011.mdb [2011.09.09 11:11:59 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll [2011.09.08 15:30:17 | 053,318,259 | ---- | M] () -- \\MCS-SRV\RedirectedFolders\frank\My Documents\renereiling.psd [2011.09.02 11:15:52 | 001,253,321 | ---- | M] () -- \\MCS-SRV\RedirectedFolders\frank\My Documents\Ferien-Musik-1Spalte45x91mm-DRUCK.psd [2011.08.31 18:00:54 | 000,305,706 | ---- | M] () -- \\MCS-SRV\RedirectedFolders\frank\My Documents\Ferien-Musik-1Spalte45x91mm-DRUCK.pdf [2011.08.31 14:15:11 | 000,001,683 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.08.31 09:03:02 | 001,916,416 | ---- | M] (AVAST Software) -- \\MCS-SRV\RedirectedFolders\frank\Desktop\aswMBR.exe [2011.08.30 19:15:31 | 000,302,592 | ---- | M] () -- \\MCS-SRV\RedirectedFolders\frank\Desktop\wr28zk46.exe [2011.08.30 15:57:40 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011.08.30 15:05:46 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2011.08.26 10:43:34 | 000,000,797 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.08.26 09:30:38 | 000,000,052 | ---- | M] () -- C:\WINDOWS\System32\ashttpstats.csv [2011.08.26 09:28:22 | 000,105,808 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\WINDOWS\System32\drivers\bdhv.sys [2011.08.26 09:28:17 | 000,152,528 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\WINDOWS\System32\drivers\bdfm.sys [2011.08.26 09:28:14 | 000,327,368 | ---- | M] (BitDefender) -- C:\WINDOWS\System32\drivers\bdfsfltr.sys [2011.08.26 09:28:11 | 000,098,768 | ---- | M] (BitDefender SRL) -- C:\WINDOWS\System32\drivers\bdfndisf.sys [2011.08.26 09:27:15 | 000,309,320 | ---- | M] (BitDefender S.R.L.) -- C:\WINDOWS\System32\drivers\trufos.sys [2011.08.25 18:56:27 | 000,040,460 | ---- | M] () -- C:\Foto 5.JPG [2011.08.25 18:56:27 | 000,036,484 | ---- | M] () -- C:\Foto 1.JPG [2011.08.25 18:56:27 | 000,035,125 | ---- | M] () -- C:\Foto 2.JPG [2011.08.25 18:56:27 | 000,033,346 | ---- | M] () -- C:\Foto 4.JPG [2011.08.25 18:56:27 | 000,032,764 | ---- | M] () -- C:\Foto 3.JPG [2011.08.23 16:39:42 | 000,031,737 | ---- | M] () -- \\MCS-SRV\RedirectedFolders\frank\My Documents\quintusqmtFoto.JPG [2011.08.23 16:39:42 | 000,031,737 | ---- | M] () -- \\MCS-SRV\RedirectedFolders\frank\My Documents\qmt01Foto.JPG [2011.08.20 15:30:58 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011.08.18 18:20:26 | 000,045,031 | ---- | M] () -- \\MCS-SRV\RedirectedFolders\frank\My Documents\annikaundtom.jpg ========== Files Created - No Company Name ========== [2011.09.01 09:25:25 | 001,253,321 | ---- | C] () -- \\MCS-SRV\RedirectedFolders\frank\My Documents\Ferien-Musik-1Spalte45x91mm-DRUCK.psd [2011.08.31 18:00:54 | 000,305,706 | ---- | C] () -- \\MCS-SRV\RedirectedFolders\frank\My Documents\Ferien-Musik-1Spalte45x91mm-DRUCK.pdf [2011.08.31 14:15:11 | 000,001,683 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk [2011.08.30 19:16:43 | 000,302,592 | ---- | C] () -- \\MCS-SRV\RedirectedFolders\frank\Desktop\wr28zk46.exe [2011.08.30 15:05:46 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2011.08.30 15:05:42 | 000,262,448 | RHS- | C] () -- C:\cmldr [2011.08.26 10:43:34 | 000,000,797 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.08.25 18:56:27 | 000,040,460 | ---- | C] () -- C:\Foto 5.JPG [2011.08.25 18:56:27 | 000,036,484 | ---- | C] () -- C:\Foto 1.JPG [2011.08.25 18:56:27 | 000,035,125 | ---- | C] () -- C:\Foto 2.JPG [2011.08.25 18:56:27 | 000,033,346 | ---- | C] () -- C:\Foto 4.JPG [2011.08.25 18:56:27 | 000,032,764 | ---- | C] () -- C:\Foto 3.JPG [2011.08.23 16:39:42 | 000,031,737 | ---- | C] () -- \\MCS-SRV\RedirectedFolders\frank\My Documents\quintusqmtFoto.JPG [2011.08.23 16:39:42 | 000,031,737 | ---- | C] () -- \\MCS-SRV\RedirectedFolders\frank\My Documents\qmt01Foto.JPG [2011.08.18 18:20:26 | 000,045,031 | ---- | C] () -- \\MCS-SRV\RedirectedFolders\frank\My Documents\annikaundtom.jpg [2011.04.14 11:55:25 | 000,023,590 | ---- | C] () -- C:\WINDOWS\RenewUSB.dat [2011.02.23 18:19:22 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2011.02.23 18:19:20 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2011.02.23 18:19:20 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2011.02.23 18:19:17 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2011.02.23 18:19:15 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2011.02.23 18:19:15 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2011.02.23 18:19:11 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2011.02.23 18:19:03 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2011.02.23 18:12:55 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2011.02.23 18:04:14 | 000,006,221 | ---- | C] () -- C:\WINDOWS\System32\antispam.ini [2011.01.28 15:38:08 | 000,884,544 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2011.01.27 22:01:34 | 000,000,484 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft.SqlServer.Compact.351.32.bc [2011.01.19 16:34:51 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2010.12.15 04:16:07 | 000,000,121 | ---- | C] () -- C:\WINDOWS\bdagent.INI [2010.11.22 17:08:59 | 000,008,192 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.12.23 18:17:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI [2009.12.23 18:17:38 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31.dll [2009.12.23 18:17:38 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31c.exe [2009.12.23 18:17:38 | 000,071,168 | ---- | C] () -- C:\WINDOWS\System32\LxrJD31s.exe [2009.12.23 18:17:38 | 000,069,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LxrJD31d.sys [2009.12.23 18:17:38 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\LxrJD20Sat.dll [2009.12.04 16:56:27 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2009.11.25 18:50:29 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\UDLL.dll [2009.11.25 18:50:29 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\t1psvr.dll [2009.11.25 18:50:29 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\U2VSvr.exe [2009.11.25 18:50:29 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\U2VDisp.exe [2009.11.25 18:50:29 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\Util.exe [2009.11.25 18:50:29 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\t1psvr.exe [2009.11.25 18:50:29 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\T1PDisp.exe [2009.11.25 18:50:29 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\mctudll.dll [2009.11.25 18:50:29 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\T1PSvrUtil.exe [2009.11.25 18:50:29 | 000,001,588 | ---- | C] () -- C:\WINDOWS\System32\MTri1+.ini [2009.10.06 19:32:02 | 000,000,056 | ---- | C] () -- C:\WINDOWS\hpdj130.ini [2009.07.02 17:39:27 | 000,000,064 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sandra.ldb [2009.07.02 17:35:32 | 010,440,704 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sandra.mda [2009.01.16 19:44:28 | 000,009,799 | ---- | C] () -- C:\WINDOWS\System32\RdCi1009.dll [2009.01.16 19:44:28 | 000,004,088 | ---- | C] () -- C:\WINDOWS\System32\Rd3t1009.DAT [2008.10.09 17:31:54 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\txmlutil.dll [2008.10.08 18:49:04 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe [2008.10.08 18:49:04 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe [2008.10.08 18:49:04 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2008.10.08 18:49:03 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe [2008.10.08 18:49:03 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe [2008.07.16 11:29:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ui.INI [2008.06.20 00:00:56 | 000,181,248 | ---- | C] () -- C:\WINDOWS\System32\HPEPCEnm.dll [2008.04.17 11:33:50 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll [2008.04.05 09:38:16 | 000,000,342 | ---- | C] () -- C:\WINDOWS\HPWTRMRK.INI [2008.04.05 09:38:15 | 000,003,461 | ---- | C] () -- C:\WINDOWS\HP_CLJ85.INI [2008.03.12 05:50:02 | 000,013,308 | ---- | C] () -- C:\WINDOWS\UN060501.INI [2008.03.10 22:23:58 | 000,004,697 | ---- | C] () -- C:\WINDOWS\UN080307.INI [2008.02.04 19:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL [2008.01.28 21:03:27 | 000,002,249 | ---- | C] () -- C:\WINDOWS\FONTSMRT.INI [2008.01.28 21:01:33 | 000,001,055 | ---- | C] () -- C:\WINDOWS\PRNTNAME.INI [2007.11.06 17:54:53 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2007.06.05 19:01:03 | 000,438,272 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll [2007.04.14 14:37:38 | 000,001,668 | ---- | C] () -- C:\WINDOWS\mozver.dat [2007.04.13 17:29:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2007.04.11 18:32:41 | 000,001,743 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache [2007.01.31 15:50:32 | 000,913,408 | ---- | C] () -- C:\WINDOWS\System32\xreglib.dll [2006.07.31 19:31:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WATCH.INI [2006.07.25 16:14:04 | 000,000,492 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI [2006.07.25 16:10:13 | 000,045,056 | ---- | C] () -- C:\WINDOWS\Gtwatch.exe [2006.06.23 14:38:16 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\SOFFICK2.dll [2006.06.23 14:37:50 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\TAL12832.DLL [2006.06.23 14:37:50 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\TALDM32A.dll [2006.06.23 14:37:50 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\TALDM32.DLL [2006.06.23 14:37:08 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\SBSPAIN3.DLL [2006.06.08 18:14:26 | 000,000,059 | ---- | C] () -- C:\WINDOWS\System32\FTD2XXUN.ini [2006.04.12 18:28:40 | 000,000,117 | ---- | C] () -- C:\WINDOWS\ConverterCore.INI [2006.02.08 10:21:14 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html [2006.01.28 18:16:25 | 000,001,865 | ---- | C] () -- C:\WINDOWS\GNMIDI.INI [2005.12.10 11:42:10 | 000,000,269 | R--- | C] () -- C:\WINDOWS\Dit.INI [2005.12.10 11:39:10 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll [2005.10.10 10:29:25 | 000,000,055 | ---- | C] () -- C:\WINDOWS\SQ.INI [2005.09.05 19:11:24 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2005.07.25 18:10:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2005.07.18 19:02:22 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS3i.DLL [2005.07.07 13:01:48 | 000,001,027 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2005.07.07 13:01:47 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini [2005.07.07 13:01:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI [2005.04.20 11:12:47 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005.04.20 11:01:33 | 000,004,335 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005.04.20 11:00:45 | 000,362,528 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2005.04.20 10:20:15 | 000,127,681 | R--- | C] () -- C:\WINDOWS\VGAsetup.ini [2005.04.20 10:20:11 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\sis660.bin [2005.04.20 10:19:37 | 000,102,386 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini [2005.04.20 10:18:41 | 000,233,472 | ---- | C] () -- C:\WINDOWS\CMIRMDRV.EXE [2005.04.20 10:18:41 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRMDRV.DLL [2005.04.20 10:18:41 | 000,003,424 | ---- | C] () -- C:\WINDOWS\cmiainfo.sys [2005.04.20 10:18:41 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI [2005.04.20 10:18:41 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI [2005.04.20 10:18:39 | 000,000,103 | ---- | C] () -- C:\WINDOWS\Wininit.ini [2005.04.20 10:18:38 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe [2005.04.20 10:18:38 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll [2005.04.20 10:18:33 | 000,266,240 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe [2005.04.20 10:18:33 | 000,225,280 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe [2005.04.20 10:18:33 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll [2005.04.20 10:16:55 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL [2005.04.20 10:14:46 | 000,002,562 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2005.04.20 10:14:43 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2005.04.20 10:12:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2005.04.20 10:06:23 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2005.04.20 09:54:29 | 000,000,614 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2005.04.20 09:54:19 | 000,462,788 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2005.04.20 09:54:19 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2005.04.20 09:54:19 | 000,085,810 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2005.04.20 09:54:19 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2005.04.20 09:54:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2005.04.20 09:54:06 | 000,444,494 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2005.04.20 09:54:06 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2005.04.20 09:54:06 | 000,072,370 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2005.04.20 09:54:06 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2005.04.20 09:54:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2005.04.20 09:54:05 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2005.04.20 09:54:03 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2005.04.20 09:54:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2005.04.20 09:54:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2005.04.20 09:53:54 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2005.04.20 09:53:50 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004.11.24 15:25:12 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\OrdMen.dll [2004.02.11 16:10:40 | 000,070,144 | ---- | C] () -- C:\WINDOWS\System32\ENCODE32.DLL [2004.02.11 16:10:24 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\SBSPAINT.DLL [2003.09.22 13:19:56 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SBSPAIN2.DLL [2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2003.02.20 10:59:52 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\TidyATL.dll [2002.05.17 16:11:21 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\vttdrve.dll [1999.12.15 19:16:06 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\Lpng.dll [1999.01.26 23:00:00 | 000,114,816 | ---- | C] () -- C:\WINDOWS\System32\MSMT4232.DLL [1999.01.22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 16.09.2011 20:53:18 - Run 1 OTL by OldTimer - Version 3.2.28.0 Folder = F:\ Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 79,29% Memory free 6,34 Gb Paging File | 5,80 Gb Available in Paging File | 91,49% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 54,99 Gb Total Space | 4,03 Gb Free Space | 7,33% Space Free | Partition Type: NTFS Drive D: | 19,53 Gb Total Space | 8,35 Gb Free Space | 42,77% Space Free | Partition Type: NTFS Drive F: | 1,86 Gb Total Space | 1,85 Gb Free Space | 99,05% Space Free | Partition Type: FAT Drive I: | 930,39 Gb Total Space | 804,21 Gb Free Space | 86,44% Space Free | Partition Type: NTFS Drive Q: | 5496,93 Gb Total Space | 970,30 Gb Free Space | 17,65% Space Free | Partition Type: NTFS Drive R: | 458,10 Gb Total Space | 53,26 Gb Free Space | 11,63% Space Free | Partition Type: NTFS Drive S: | 458,10 Gb Total Space | 53,26 Gb Free Space | 11,63% Space Free | Partition Type: NTFS Drive U: | 232,83 Gb Total Space | 134,05 Gb Free Space | 57,57% Space Free | Partition Type: NTFS Computer Name: MCS-FRANK | User Name: frank | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Opera.HTML] -- C:\Programme\Opera\Opera.exe (Opera Software) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* https [open] -- "C:\Programme\Opera\Opera.exe" "%1" (Opera Software) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications] "Enabled" = 1 "AllowUserPrefMerge" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts] "Enabled" = 1 "AllowUserPrefMerge" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List] "135:TCP:*:Enabled:Offer Remote Assistance - Port" = 135:TCP:*:Enabled:Offer Remote Assistance - Port [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings] "Enabled" = 1 "RemoteAddresses" = localsubnet [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint] "Enabled" = 1 "RemoteAddresses" = localsubnet [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\RemoteDesktop] "Enabled" = 1 "RemoteAddresses" = localsubnet [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications] "AllowUserPrefMerge" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts] "AllowUserPrefMerge" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015 "1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016 "500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017 "5900:TCP" = 5900:TCP:*:Enabled:vnc5900 "5800:TCP" = 5800:TCP:*:Enabled:vnc5800 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015 "1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016 "500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe" = C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe:*:Enabled:HP Easy Printer Care HPPRun -- (Hewlett-Packard Company) "C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Programme\QNAP\Finder\Finder.exe" = C:\Programme\QNAP\Finder\Finder.exe:*:Enabled:Finder -- () "\\mcs-srv\mcs\installs\netviewer\Netviewer_Support.exe" = \\mcs-srv\mcs\installs\netviewer\Netviewer_Support.exe:*:Enabled:Netviewer application "C:\Program Files\WS_FTP\WS_FTP95.exe" = C:\Program Files\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA) "C:\Programme\UltraVNC\winvnc.exe" = C:\Programme\UltraVNC\winvnc.exe:*:Enabled:winvnc.exe -- (UltraVNC) "C:\Programme\UltraVNC\vncviewer.exe" = C:\Programme\UltraVNC\vncviewer.exe:*:Enabled:vncviewer.exe -- (UltraVNC) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\WS_FTP\WS_FTP95.exe" = C:\Program Files\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA) "C:\Programme\SmartStore\SmartStore.biz 5\SMBiz5.exe" = C:\Programme\SmartStore\SmartStore.biz 5\SMBiz5.exe:*:Enabled:SMBiz5 -- (SmartStore AG) "C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation) "C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe" = C:\Programme\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe:*:Enabled:HP Easy Printer Care HPPRun -- (Hewlett-Packard Company) "C:\Programme\BUFFALO\NASNAVI\NasNavi.exe" = C:\Programme\BUFFALO\NASNAVI\NasNavi.exe:*:Enabled:BUFFALO NASNavigator2 -- () "C:\Dokumente und Einstellungen\Verkauf\Desktop\Netviewer Service\NV_Support_Berater_DE.exe" = C:\Dokumente und Einstellungen\Verkauf\Desktop\Netviewer Service\NV_Support_Berater_DE.exe:*:Enabled:Netviewer application -- (Netviewer AG) "C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service -- (SiSoftware) "C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware) "C:\Programme\Hewlett-Packard\HP Designjet System Maintenance\hp_dj_sme.exe" = C:\Programme\Hewlett-Packard\HP Designjet System Maintenance\hp_dj_sme.exe:*:Enabled:hp designjet system maintenance engine -- (Hewlett Packard) "C:\Programme\QNAP\Finder\Finder.exe" = C:\Programme\QNAP\Finder\Finder.exe:*:Enabled:Finder -- () "C:\Programme\Spamihilator\spamihilator.exe" = C:\Programme\Spamihilator\spamihilator.exe:*:Enabled:Spamihilator -- (Michel Krämer) "C:\Programme\Spamihilator\cdcc.exe" = C:\Programme\Spamihilator\cdcc.exe:*:Enabled:Spamihilator DCC Filter Configuration -- () "C:\Programme\Spamihilator\dccproc.exe" = C:\Programme\Spamihilator\dccproc.exe:*:Enabled:Spamihilator DCC Filter -- () "\\Mcs01\mcs_alt\installs\netviewer\NV_Support_Berater_DE.exe" = \\Mcs01\mcs_alt\installs\netviewer\NV_Support_Berater_DE.exe:*:Enabled:NV_Support_Berater_DE.exe ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{020CF65F-700F-4E55-AFB7-97024584A2B3}" = Komponenten der Ereigniskommunikation "{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics "{0C567C3E-AD5A-4045-97C8-3CF640F10011}" = Netviewer one2one "{0CD3CFF0-9A22-4CDA-BF1B-FA73C1D8B95B}" = Palm "{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu "{15CCBC5D-66A7-4131-8D36-E05F27B0E68F}" = Sibelius Scorch (ActiveX Only) "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 26 "{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support "{31821EFE-1B31-4744-9FB0-208F92BD7168}" = Visual FoxPro ODBC Driver "{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10 "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1 "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3D2975E7-DD28-4145-811A-225140FF87F0}" = Acronis*True*Image*Home "{41915A51-6F92-4F0E-87C4-8178785B96CC}" = HP Printer Settings Tools "{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows-Journal-Viewer "{492F8345-095D-467F-926C-278870D93ECF}" = Windows Small Business Server 2008 ClientAgent "{49782B2F-49AE-423D-85D6-4EE7019CEA13}" = HP Easy Printer Care "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008 "{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0 "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7527CD9F-894E-47B3-9AFB-3E680E007051}" = HP Proactive Services "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{81C5AD1D-C7C6-48AC-AC85-8F04293B1780}" = USB Display Device (Trigger 1+) 9.10.0526.1259 "{838257FC-952A-467B-86BF-21DB6B137A3F}" = Windows Small Business Server 2008 WMI Provider "{83F3EED2-DDE2-4434-8FBE-9D2A1E7C2BC9}" = Multi-Card Reader & Flash Disk "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2 "{894A83F3-19C8-491D-807D-50784DC4EB9F}" = Deutsche Post E-Porto "{8A0BD487-D185-4316-92CE-9E415C3AC6DB}" = Sibelius Scorch (Firefox, Opera, Netscape only) "{8E8604C4-2979-4A96-99B3-3CBB7DD8C5FA}" = Printer's Apprentice 8.0 "{8ED5D0B7-A193-413F-815A-530BE36B38F7}" = Spamihilator 0.9.9.53 (32-Bit) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{91490409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Primary Interop Assemblies "{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU "{95120000-003F-0407-0000-0000000FF1CE}" = Microsoft Office Excel Viewer "{95720E85-F3FB-4F95-9399-7E3E3E26D7AB}" = hp designjet printer software "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BC76CCE-A9EC-4A3A-9B51-D823805E1D1F}" = SolidConverterPDF "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9ED38F62-7A50-4145-8C5D-0FCFFBF10A7B}" = Visual C++ CRT 9.0 "{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU "{A1E98303-102A-46FB-A2D0-3838C3F64DF2}" = Komponenten der Kernkommunikation "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A32A6393-37DA-4E44-BB9F-C4F384F89EB9}" = HP Systemwartung für HP designjet 30 130 series "{AA750D39-2502-40DE-8E2A-2B58E5381D49}" = STAMPIT Home "{ABC52CF9-2D43-4278-A152-CB2CD3ED8FE9}" = MIDI-OX "{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update "{AC76BA86-0000-7EC8-7489-000000000603}" = Adobe Acrobat and Reader 6.0.3 Update "{AC76BA86-0000-7EC8-7489-000000000604}" = Adobe Acrobat and Reader 6.0.4 Update "{AC76BA86-0000-7EC8-7489-000000000605}" = Adobe Acrobat and Reader 6.0.5 Update "{AC76BA86-0000-7EC8-7489-000000000606}" = Adobe Acrobat and Reader 6.0.6 Update "{AC76BA86-1033-F400-7760-000000000001}" = Adobe Acrobat 6.0.1 Professional - English, Français, Deutsch "{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch "{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.0 - Deutsch "{AC76BA86-7AD7-2448-0000-800000000003}" = Chinese Traditional Fonts Support For Adobe Reader 8 "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8 "{B2395631-54D5-481E-B9A8-74B269546F40}" = Visual C++ CRT 8.0 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BDED922C-5E3A-42A7-B1D2-B21FDD036DB3}" = BitDefender Management Agent "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C0A8F64F-36C8-489F-B813-90D60B541D1E}" = Komponenten der Gerätedatenkommunikation "{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite 2009.SP3c "{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update "{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support "{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D2231F9E-1ECD-439C-8E74-D966C87F717A}" = DisplayLink Core Software "{D5842AC3-59C7-4DDD-BB33-54FE544DB3DA}" = Komponenten der Betriebssystemkommunikation "{D7D4E8A4-A08B-4341-A4FE-9E1980C00D2C}" = BitDefender Business Client "{D91AB4D6-2CA1-4427-91B3-BB31D3C6D4EE}" = SmartStore.biz 5 "{E728E952-DD4F-4BCD-A5C8-40FBFEFF91FE}" = OpenOffice.org Installer 1.0 "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{EC25B803-4BDB-47F7-B877-FCE7D7966C0F}" = Visual C++ CRT 9.0 SP1 "{ECB904FE-CB4D-40A4-A884-E278410F0CE1}" = HP Printer Usage Report "{EEF1D3A1-0ABD-4859-AD93-930773563393}" = PEARL PrintProfi Etiketten "{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}" = Windows Media Connect "{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}" = 32 Bit HP CIO Components Installer "{F97272B4-82C4-46B2-BCF1-C4D6E8CAB3E6}" = Avery Wizard 4.0 "{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}" = Folder Size for Windows "{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "ABBYY FineReader 4.0 Sprint" = ABBYY FineReader 4.0 Sprint "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ASRock App Charger_is1" = ASRock App Charger v1.0.4 "AXIS Media Control" = AXIS Media Control "BitDefender Business Client" = BitDefender Business Client "BulkMailer" = BulkMailer 5.4 "C-Media Audio" = C-Media 3D Audio "dots Pilot 2 Version 2.4" = dots Pilot 2 Version 2.4 "eBay SmartSeller" = SmartStore eBay SmartSeller "ESET Online Scanner" = ESET Online Scanner v3 "Finale NotePad 2006" = Finale NotePad 2006 "Finale NotePad 2008" = Finale NotePad 2008 "FinePrint" = FinePrint "FinePrint (5.x)" = FinePrint (5.x) "Format Konverter" = Format Konverter "Free Download Manager_is1" = Free Download Manager 3.0 "FuzzyDupes" = FuzzyDupes 5.7 "getPlus(R)_dll" = getPlus(R)_dll "HP Easy Printer Care" = HP Easy Printer Care "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie8" = Windows Internet Explorer 8 "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager "InstallShield_{6B10045E-6789-49C4-BFED-52575F5B76BF}" = Avery Zweckform Assistent 2.5 "InstallShield_{AA750D39-2502-40DE-8E2A-2B58E5381D49}" = STAMPIT "IrfanView" = IrfanView (remove only) "JDSecure" = JD Secure 3.1 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800 "mEye_JIB" = mEye_JIB_2 2.0.0.0 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MIDI Revoicer_is1" = MIDI Revoicer 1.14 "Mozilla Firefox (3.6.22)" = Mozilla Firefox (3.6.22) "MultipleIEs_is1" = MultipleIEs "MySpaceIM" = MySpaceIM "NeroMultiInstaller!UninstallKey" = Nero Suite "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NVIDIA Drivers" = NVIDIA Drivers "Nvu_is1" = Nvu 1.0 "Opera 11.51.1087" = Opera 11.51 "PalmSource Package Installer" = PalmSource Package Installer 1.5 "pdfFactory Pro" = pdfFactory Pro "Player" = QNAP Player "PrintKey2000" = PrintKey2000 "PSRUTI" = PSRUTI (remove only) "QNAP_FINDER" = QNAP Finder "QNAPDecoder" = QNAP Decoder "QNAPVioStorMonitor" = QNAP Web Monitor Component "Samsung CLP-510 Series" = Samsung CLP-510 Series "ScanExpress A3 USB v1.4" = ScanExpress A3 USB v1.4 "ShockwaveFlash" = Macromedia Flash Player 8 "SiS 661FX_760_741_M661FX_M760_M741" = SiS 661FX_760_741_M661FX_M760_M741 "SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver "Solero Music Viewer_is1" = Solero Music Viewer 8.0.32.2 "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4 "ST5UNST #1" = Au2Email 3 "ST6UNST #1" = MusicFinderView "SUPER ©" = SUPER © Version 2008.bld.33 (Sep 2, 2008) "Ultravnc2_is1" = UltraVnc "UN060501" = BUFFALO NAS Navigator "UN080307" = BUFFALO LinkStation(LS-WTGL/R1) Setup Guide "Universal Document Converter_is1" = Universal Document Converter Server Edition "Windows Media Connect" = Windows Media Connect "Windows Media Format Runtime" = Windows Media Format Runtime "Windows Media Player" = Windows Media Player 10 "WinRAR archiver" = WinRAR archiver "WinZip Companion for Outlook" = WinZip Companion for Outlook "XFastUsb" = XFastUsb "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "HPCLJ8500TypicalKey" = Deinst. - HP CLJ 8500-Standardversion "Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 29.08.2011 11:38:14 | Computer Name = MCS-FRANK | Source = UserInit | ID = 1000 Description = Folgendes Skript konnte nicht ausgeführt werden: logon.cmd. Das System kann die angegebene Datei nicht finden. Error - 29.08.2011 11:49:48 | Computer Name = MCS-FRANK | Source = Userenv | ID = 1054 Description = Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen. Error - 29.08.2011 11:59:48 | Computer Name = MCS-FRANK | Source = Userenv | ID = 1054 Description = Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen. Error - 29.08.2011 12:12:32 | Computer Name = MCS-FRANK | Source = UserInit | ID = 1000 Description = Folgendes Skript konnte nicht ausgeführt werden: logon.cmd. Das System kann die angegebene Datei nicht finden. Error - 30.08.2011 08:08:13 | Computer Name = MCS-FRANK | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung OUTLOOK.EXE, Version 11.0.8326.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 01.09.2011 07:08:27 | Computer Name = MCS-FRANK | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung OUTLOOK.EXE, Version 11.0.8326.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 07.09.2011 07:11:10 | Computer Name = MCS-FRANK | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung Photoshp.exe, Version 6.0.128.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 16.09.2011 13:23:35 | Computer Name = MCS-FRANK | Source = Userenv | ID = 1054 Description = Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen. Error - 16.09.2011 13:52:50 | Computer Name = MCS-FRANK | Source = Userenv | ID = 1054 Description = Der Domänencontrollername für das Computernetzwerk konnte nicht ermittelt werden. (Die angegebene Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. ). Die Verarbeitung der Gruppenrichtlinie wurde abgebrochen. Error - 16.09.2011 13:52:59 | Computer Name = MCS-FRANK | Source = UserInit | ID = 1000 Description = Folgendes Skript konnte nicht ausgeführt werden: logon.cmd. Das System kann die angegebene Datei nicht finden. [ System Events ] Error - 16.09.2011 12:43:03 | Computer Name = MCS-FRANK | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerk-DDE-Dienst" ist vom Dienst "Netzwerk-DDE-Serverdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error - 16.09.2011 12:43:03 | Computer Name = MCS-FRANK | Source = Service Control Manager | ID = 7000 Description = Der Dienst "TeamViewer 3" wurde aufgrund folgenden Fehlers nicht gestartet: %%5 Error - 16.09.2011 13:23:35 | Computer Name = MCS-FRANK | Source = NETLOGON | ID = 5719 Description = Es steht kein Domänencontroller für die Domäne M-CITY aus folgendem Grund zur Verfügung: %%1311. Stellen Sie sicher, dass der Computer mit dem Netzwerk verbunden ist, und versuchen Sie es erneut. Wenden Sie sich an den Domänenadministrator, wenn das Problem weiterhin besteht. Error - 16.09.2011 13:23:57 | Computer Name = MCS-FRANK | Source = Print | ID = 33 Description = Der Warteschlangencontainer wurde nicht gefunden, da der DNS-Domänenname nicht abgefragt werden konnte. Fehler: 54b Error - 16.09.2011 13:23:57 | Computer Name = MCS-FRANK | Source = Print | ID = 33 Description = Der Warteschlangencontainer wurde nicht gefunden, da der DNS-Domänenname nicht abgefragt werden konnte. Fehler: 54b Error - 16.09.2011 13:46:20 | Computer Name = MCS-FRANK | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerk-DDE-Dienst" ist vom Dienst "Netzwerk-DDE-Serverdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error - 16.09.2011 13:46:20 | Computer Name = MCS-FRANK | Source = Service Control Manager | ID = 7000 Description = Der Dienst "TeamViewer 3" wurde aufgrund folgenden Fehlers nicht gestartet: %%121 Error - 16.09.2011 14:22:47 | Computer Name = MCS-FRANK | Source = W32Time | ID = 39452701 Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der nächsten 15 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit. Error - 16.09.2011 14:28:58 | Computer Name = MCS-FRANK | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Netzwerk-DDE-Dienst" ist vom Dienst "Netzwerk-DDE-Serverdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error - 16.09.2011 14:28:58 | Computer Name = MCS-FRANK | Source = Service Control Manager | ID = 7000 Description = Der Dienst "TeamViewer 3" wurde aufgrund folgenden Fehlers nicht gestartet: %%5 < End of report > DANKE für Tipps/Hilfen um den von der Platte kratzen zu können. gruß frank |
17.09.2011, 08:45 | #2 |
| Habe mir einen "virus" o.ä. eingefangen, Linker Mausklick geht nicht mehr Sorry .. zurück .. DUMMY Fehler .. die MAUS geht per USB .. PS2 oder Maus defekt .
__________________Peinlich, Entschuldigung für meinen Fehler. gruß frank |
Themen zu Habe mir einen "virus" o.ä. eingefangen, Linker Mausklick geht nicht mehr |
0x00000001, 32 bit, 32-bit, 5 minuten, avira, bho, bonjour, buffalo, computernetzwerk, desktop, deutsche post, email, error, excel, firefox, flash player, fontcache, format, free download, ftp, geht nicht mehr, gruppe, hewlett packard, installation, internet browser, intranet, logfile, maus, mausklick, microsoft office 2003, nicht gefunden, nicht vorhanden, nodrives, object, plug-in, problem, registry, richtlinie, rundll, safer networking, scan, security, shell32.dll, shortcut, software, system, usb, version=1.0, virus, windows internet |