|
Plagegeister aller Art und deren Bekämpfung: 50 Euro VirusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
11.02.2012, 20:13 | #1 |
| 50 Euro Virus Hallo @Alle die mir Helfen können. Auf meinem Notebook hat sich der 50 Euro Virus eingefangen. nach ein bisschen suchen bei Google habe ich das Trojaner Board gefunden und auch gesehen, dass mehrere Personen dieses Problem hatten. Ich hoffe ihr könnt mir helfen. Otl.exe hab ich auch schon auf dem PC. Danke im Vorraus. |
11.02.2012, 20:18 | #2 |
| 50 Euro Virus OTL EXTRAS Logfile:
__________________Code:
ATTFilter OTL Extras logfile created on: 11.02.2012 20:05:07 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,70 Gb Available Physical Memory | 90,07% Memory free 4,35 Gb Paging File | 4,26 Gb Available in Paging File | 98,04% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 86,13 Gb Total Space | 33,68 Gb Free Space | 39,10% Space Free | Partition Type: NTFS Drive E: | 7,02 Gb Total Space | 6,78 Gb Free Space | 96,68% Space Free | Partition Type: FAT32 Computer Name: JOACHIM | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop "65533:TCP" = 65533:TCP:*:Enabled:Services "52344:TCP" = 52344:TCP:*:Enabled:Services [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop "65533:TCP" = 65533:TCP:*:Enabled:Services "52344:TCP" = 52344:TCP:*:Enabled:Services ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- () "C:\Programme\Pinnacle\Studio 10\programs\RM.exe" = C:\Programme\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems, Inc.) "C:\Programme\Pinnacle\Studio 10\programs\Studio.exe" = C:\Programme\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems) "C:\Programme\Pinnacle\Studio 10\programs\PMSRegisterFile.exe" = C:\Programme\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile -- ( ) "C:\Programme\Pinnacle\Studio 10\programs\umi.exe" = C:\Programme\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems, Inc.) "C:\Programme\K!TV\K!TV.exe" = C:\Programme\K!TV\K!TV.exe:*:Enabled:K!TV - Application de TéléVision -- (K!) "C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google) "C:\Programme\Epson Software\Event Manager\EEventManager.exe" = C:\Programme\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application -- (SEIKO EPSON CORPORATION) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0515803B-5068-4599-8666-963E143C7381}" = HP Smart Card Security for ProtectTools 5.00 D4 "{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus "{2298055A-F5E6-4332-9A15-C5D99870E72F}" = HP Embedded Security for ProtectTools "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 30 "{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB Video Device Driver "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{2F0D3C9E-4FB6-4A14-B0C4-42328F570177}" = Fingerprint Sensor Minimum Install "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6 "{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8 "{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9 "{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10 "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.00 D2 "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3CB05291-F546-458E-A796-B5BCF5A3CDC4}" = Studio 10 "{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology "{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 E1 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin "{4C643986-DE3C-4737-8472-CCEC36CCC267}" = Studio Content CD "{53EF6570-21A4-47ED-A40A-E6470A5677A3}" = Studio 8 "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{6A012D9C-2E2E-405A-B87C-E909F5297C3F}" = Studio 10 Bonus DVD "{75ECB75A-522C-4312-8DE7-597CDA9D96A3}" = HP Mobile Data Protection System "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX "{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}" = Epson Event Manager "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{914E1AB1-DCA0-4A7D-935F-B58C4B887A2B}" = HP ProtectTools Security Manager 2.00 C3 "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD "{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}" = Epson Easy Photo Print 2 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom "{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures "{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}" = DiscAPI "{A7AD8CEF-72D7-4FE4-8A14-DDD09DC86074}" = HP Notebook Accessories Product Tour "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module "{AC76BA86-7AD7-1031-7B44-A70500000002}" = Adobe Reader 7.0.5 - Deutsch "{AC76BA86-7AD7-1031-7B44-A83000000003}" = Adobe Reader 8.3.1 - Deutsch "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{AE052EF7-2640-48D7-8915-69B810D975CB}" = HP BIOS Configuration for ProtectTools 2.00 C3 "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B5924CA6-24A7-48F5-BC9C-8BFA94ED4564}" = LightScribe 1.4.67.1 "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B7F54262-AB66-44B3-88BF-9FC69941B643}" = Broadcom NetXtreme Ethernet Controller "{B9F4C05D-E42F-4E9A-A73F-FDD9355319FB}" = HP Credential Manager for ProtectTools "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}" = ArcSoft PhotoImpression 5 "{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp "{DFEDA4ED-E67D-4E5E-8FDE-C628B4DCA01B}" = ATI Catalyst Control Center "{E0DBC47C-ED3F-4A1B-A929-9A26DAAA14B3}" = Application Installer 4.00.B5 "{E7485CE5-C004-44D6-AA3E-7EE4DFE2B70E}" = HP Support Phone Numbers "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager "{EEECE229-49F6-4851-A73A-99B058221F8C}" = RAPID "{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F500FE1A-5B52-4851-9813-7541E157ACC4}" = HP User Guides 0020 "{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}" = Windows Media Connect "{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint "3DJongg" = 3DJongg "ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Agere Systems Soft Modem" = Agere Systems HDA Modem "Akademie der Magie" = Akademie der Magie "ATI Display Driver" = ATI Display Driver "avast" = avast! Free Antivirus "Cell Mahjongg" = Cell Mahjongg "Click'N Design 3D for AfterBurner(tm) (V5)" = Click'N Design 3D for AfterBurner(tm) (V5) "DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER "EPSON Scanner" = EPSON Scan "EPSON SX130 Series" = Druckerdeinstallation für EPSON SX130 Series "EPSON SX130 Series Useg" = Benutzerhandbuch EPSON SX130 Series "FILEminimizer Pictures_is1" = FILEminimizer Pictures "GearDrivers" = GearDrivers "Hollywood FX 4.6" = Pinnacle Hollywood FX 4.6 "Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio "ie8" = Windows Internet Explorer 8 "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin "InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers. "Jongi Jongo 2" = Jongi Jongo 2 "K!TV" = K!TV "MD Mahjongg" = MD Mahjongg "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de) "PerfV10_V100 Ben.handbuch" = PerfV10_V100 Ben.handbuch "Picasa2" = Picasa 2 "proDAD-Heroglyph-2.0" = proDAD Heroglyph 2.0 "QuickTime" = QuickTime "RealPlayer 6.0" = RealPlayer Basic "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20 "SynTPDeinstKey" = Synaptics Pointing Device Driver "Trojan Remover_is1" = Trojan Remover 6.8.2 "VLC media player" = VLC media player 1.0.1 "Windows Media Connect" = Windows Media Connect "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR Archivierer "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "X-OOM Movie Clone 4 GOLD" = X-OOM Movie Clone 4 GOLD deinstallieren ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 17.11.2009 08:29:56 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 17.11.2009 08:29:57 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 17.11.2009 08:30:22 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 17.11.2009 08:30:22 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 17.11.2009 08:30:22 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 25.11.2009 15:45:42 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 25.11.2009 16:00:42 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 12.06.2010 12:23:24 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 12.06.2010 12:58:09 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 12.06.2010 13:25:44 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 16.08.2011 16:06:02 | Computer Name = JOACHIM | Source = MsiInstaller | ID = 10005 Description = Produkt: J2SE Runtime Environment 5.0 Update 6 -- Diese Version von JRE ist bereits installiert. Deinstallieren Sie die Software mithilfe des Installations-/Deinstallations-Hilfsprogramms, bevor Sie sie erneut installieren. Error - 16.08.2011 16:12:02 | Computer Name = JOACHIM | Source = MsiInstaller | ID = 1013 Description = Produkt: HP Software Update -- Auf Ihrem System wurde eine neuere Version von HP Software Update gefunden. Setup wird beendet. Error - 16.08.2011 16:22:48 | Computer Name = JOACHIM | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung Setup.exe, Version 4.0.2.3, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 11.09.2011 05:04:33 | Computer Name = JOACHIM | Source = IFXSPMGT | ID = 2687328 Description = The Upgrade Tool returned an error. Error - 24.09.2011 06:54:36 | Computer Name = JOACHIM | Source = PerfNet | ID = 2004 Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen werden nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0. Error - 06.11.2011 04:24:26 | Computer Name = JOACHIM | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung AcroRd32.exe, Version 8.3.1.289, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x07258180. Error - 26.11.2011 07:52:25 | Computer Name = JOACHIM | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung firefox.exe, Version 7.0.1.4288, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 30.01.2012 11:40:42 | Computer Name = JOACHIM | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung firefox.exe, Version 9.0.1.4371, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 30.01.2012 11:40:50 | Computer Name = JOACHIM | Source = IFXSPMGT | ID = 2687328 Description = The Upgrade Tool returned an error. Error - 07.02.2012 17:13:32 | Computer Name = JOACHIM | Source = IFXSPMGT | ID = 2687328 Description = The Upgrade Tool returned an error. [ System Events ] Error - 11.02.2012 14:23:41 | Computer Name = JOACHIM | Source = Cdrom | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden. Error - 11.02.2012 14:28:01 | Computer Name = JOACHIM | Source = Service Control Manager | ID = 7022 Description = Der Dienst "avast! Antivirus" wurde nicht ordnungsgemäß gestartet. Error - 11.02.2012 14:36:06 | Computer Name = JOACHIM | Source = Service Control Manager | ID = 7022 Description = Der Dienst "avast! Antivirus" wurde nicht ordnungsgemäß gestartet. Error - 11.02.2012 14:59:46 | Computer Name = JOACHIM | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "IFXSpMgtSrv" mit den Argumenten "-Service" gestartet wurde, um den folgenden Server zu verwenden: {FBCD9C6A-72CB-47BB-99DD-2317551491DE} Error - 11.02.2012 14:59:50 | Computer Name = JOACHIM | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 11.02.2012 15:00:53 | Computer Name = JOACHIM | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 11.02.2012 15:00:57 | Computer Name = JOACHIM | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Message Queuing" ist vom Dienst "Distributed Transaction Coordinator" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 11.02.2012 15:00:57 | Computer Name = JOACHIM | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Message Queuing Triggers" ist vom Dienst "Message Queuing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 11.02.2012 15:00:57 | Computer Name = JOACHIM | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: Aavmker4 Aspi32 aswSnx aswSP aswTdi Fips intelppm PCLEPCI Error - 11.02.2012 15:01:13 | Computer Name = JOACHIM | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {A1F4E726-8CF1-11D1-BF92-0060081ED811} [ TuneUp Events ] Error - 15.08.2011 17:43:18 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 15.08.2011 17:44:58 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 15.08.2011 17:45:45 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 15.08.2011 17:45:45 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 15.08.2011 18:15:34 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 16.08.2011 16:03:34 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 16.08.2011 16:03:35 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 16.08.2011 16:04:20 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 16.08.2011 16:04:20 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 16.08.2011 16:39:20 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = < End of report > |
11.02.2012, 20:54 | #3 |
| 50 Euro Virus Okay und hier nochmal das ganze mit LOP Prüfung und Purity Prüfung und natürlich beide Log Files. Sorry.
__________________OTL.TXTOTL Logfile: Code:
ATTFilter OTL logfile created on: 11.02.2012 20:51:06 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 86,33% Memory free 4,35 Gb Paging File | 4,15 Gb Available in Paging File | 95,54% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 86,13 Gb Total Space | 33,67 Gb Free Space | 39,10% Space Free | Partition Type: NTFS Drive E: | 7,02 Gb Total Space | 6,78 Gb Free Space | 96,68% Space Free | Partition Type: FAT32 Computer Name: JOACHIM | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.02.11 20:04:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\OTL.exe PRC - [2012.02.07 20:43:56 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005.06.29 20:06:54 | 000,043,008 | ---- | M] (Cognizance Corporation) -- C:\Programme\HPQ\IAM\Bin\asghost.exe ========== Modules (No Company Name) ========== MOD - [2012.02.07 20:43:55 | 001,911,768 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2011.08.21 17:07:27 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll MOD - [2005.10.19 09:17:58 | 000,073,728 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\atiacmxx.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - File not found [On_Demand | Stopped] -- -- (getPlusHelper) getPlus(R) SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0) SRV - [2006.01.20 11:20:00 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2004.10.22 02:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2004.08.11 01:46:56 | 000,483,328 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- c:\Programme\Windows Media Connect\mswmccds.exe -- (WmcCds) Windows Media Connect (WMC) SRV - [2004.08.10 22:50:42 | 000,028,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Connect\mswmcls.exe -- (WmcCdsLs) SRV - [2003.07.28 11:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2003.06.19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) ========== Driver Services (SafeList) ========== DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2008.05.08 15:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST) DRV - [2008.04.13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2008.04.13 19:39:44 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC) DRV - [2006.09.12 20:21:46 | 000,292,864 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA) DRV - [2006.08.21 22:38:46 | 000,007,168 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM) DRV - [2006.03.10 17:12:54 | 000,130,048 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (AES2500) DRV - [2006.03.02 23:45:14 | 001,480,704 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2006.02.15 14:56:58 | 001,342,570 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL) DRV - [2006.02.15 14:54:10 | 000,057,096 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB) DRV - [2006.01.19 14:50:40 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R) DRV - [2006.01.10 02:00:04 | 000,022,016 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2006.01.10 02:00:04 | 000,017,920 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2005.12.12 16:00:46 | 001,120,352 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005.10.26 10:01:02 | 000,142,720 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) DRV - [2005.10.25 19:10:44 | 000,035,488 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\psd.sys -- (PersonalSecureDrive) DRV - [2005.09.20 10:30:56 | 000,162,432 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2005.09.19 12:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb) DRV - [2005.09.19 12:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [2005.09.19 12:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr) DRV - [2005.06.10 14:26:00 | 000,035,968 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM) DRV - [2005.06.02 18:28:38 | 000,171,008 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus) DRV - [2005.05.31 11:46:26 | 000,087,936 | R--- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtipci21.sys -- (GTIPCI21) DRV - [2005.02.23 17:40:26 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2K) DRV - [2005.02.14 01:00:00 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Programme\K!TV\Plugins\S_Bt8x8\DSDrv4.sys -- (DSDrv4) DRV - [2005.02.09 11:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI) DRV - [2003.09.19 15:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) DRV - [2002.07.17 08:05:10 | 000,016,512 | R--- | M] (Adaptec) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32) DRV - [2001.08.18 03:35:52 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP - United States | Laptop Computers, Desktops, Printers, Servers and more IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.defaulturl: "hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {E78313ED-E64C-451B-9B5F-8A66A8D08A64}:2.5.10.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ytff-sunm&p=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.02.07 20:43:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.09.13 19:31:13 | 000,000,000 | ---D | M] [2008.06.23 19:16:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions [2011.05.07 20:57:57 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\e9divmo7.default\extensions [2010.07.05 10:49:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\e9divmo7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.07.25 20:33:49 | 000,000,000 | ---D | M] (FireFox accelerator) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\e9divmo7.default\extensions\{E78313ED-E64C-451B-9B5F-8A66A8D08A64} [2012.02.07 20:44:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.01.24 12:46:55 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2012.02.07 20:43:56 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2011.11.10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2012.01.16 08:14:05 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.01.16 08:14:05 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.01.16 08:14:05 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.01.16 08:14:05 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.01.16 08:14:05 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.01.16 08:14:05 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.08.21 17:12:21 | 000,437,191 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com - Informationen zum Thema Sex links. Diese Website steht zum Verkauf! O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 123topsearch.com - Informationen zum Thema 123topsearch. Diese Website steht zum Verkauf! O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 127.0.0.1 ?,,?,?,,??,??,?,? O1 - Hosts: 127.0.0.1 163ns.com O1 - Hosts: 15045 more lines... O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O2 - BHO: (HP Credential Manager for ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programme\HPQ\IAM\Bin\ItIeAddIN.dll (Infineon Technologies AG) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [CognizanceTS] C:\Programme\HPQ\IAM\Bin\AsTsVcc.dll (Cognizance Corporation) O4 - HKLM..\Run: [Cpqset] C:\Programme\HPQ\Default Settings\Cpqset.exe () O4 - HKLM..\Run: [EEventManager] C:\Programme\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [emMON] C:\WINDOWS\emMON.exe (eMPIA Technology, Inc.) O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation) O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe () O4 - HKLM..\Run: [PTHOSTTR] C:\Programme\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TrojanScanner] C:\Programme\Trojan Remover\Trjscan.exe (Simply Super Software) O4 - HKLM..\Run: [WatchDog] C:\Programme\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.) O4 - HKCU..\Run: [EPSON SX130 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [ffdwnd] C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\firefox.exe () O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\DVD Check.lnk = C:\Programme\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Google-Suche - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: &Ins Deutsche übersetzen - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Ähnliche Seiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Im Cache gespeicherte Seite - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Senden an &Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Verweisseiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O12 - Plugin for: .spop - C:\Programme\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O15 - HKCU\..Trusted Domains: microsoft.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] * in Trusted sites) O15 - HKCU\..Trusted Domains: microsoft.com ([*.windowsupdate] * in Trusted sites) O15 - HKCU\..Trusted Domains: windowsupdate.com ([]* in Trusted sites) O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1313529194562 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A7C68F90-524A-47C1-8727-644273B7E030}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\IfxWlxEN: DllName - (IfxWlxEN.dll) - C:\WINDOWS\System32\IfxWlxEN.dll (Infineon Technologies AG) O20 - Winlogon\Notify\OneCard: DllName - (C:\Programme\HPQ\IAM\Bin\AsWlnPkg.dll) - C:\Programme\HPQ\IAM\Bin\AsWlnPkg.dll (Cognizance Corporation) O24 - Desktop Components:0 () - O24 - Desktop Components:1 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\HP Cityscape Wide.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\HP Cityscape Wide.bmp O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\geebc.dll) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.10.15 19:13:03 | 000,000,087 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2001.07.27 23:07:00 | 000,000,000 | -HS- | M] () - E:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2004.04.30 15:01:00 | 000,000,053 | -HS- | M] () - E:\Autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKCU\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.11 19:59:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2012.02.05 11:07:26 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2012.02.05 11:07:26 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2012.02.05 11:07:26 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2012.01.23 18:52:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\ABBYY [2012.01.23 18:52:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ABBYY FineReader 9.0 Sprint [2012.01.23 18:51:35 | 000,000,000 | ---D | C] -- C:\Programme\ABBYY FineReader 9.0 Sprint [2012.01.23 18:51:35 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ABBYY [2012.01.23 18:51:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ABBYY [2012.01.23 18:50:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL [2012.01.23 18:49:15 | 000,000,000 | ---D | C] -- C:\Program Files [2012.01.23 18:47:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Epson Software [2012.01.23 18:47:06 | 000,000,000 | ---D | C] -- C:\Programme\Epson Software [2012.01.23 18:45:11 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\EPSON [2012.01.23 18:44:53 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\E_DCINST.DLL [2012.01.23 18:44:51 | 000,093,696 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FLBHJE.DLL [2012.01.23 18:44:51 | 000,063,488 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FD4BHJE.DLL [2012.01.23 18:44:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON [2012.01.23 18:44:06 | 000,342,016 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\eswiaud.dll [2012.01.23 18:44:06 | 000,132,560 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\esdevapp.exe [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.02.11 19:59:53 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.02.11 19:59:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.02.07 21:26:05 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.02.05 18:26:01 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.02.05 11:07:08 | 000,477,430 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.02.05 11:07:08 | 000,456,308 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.02.05 11:07:08 | 000,090,438 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.02.05 11:07:08 | 000,076,230 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.02.05 08:35:29 | 000,159,744 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.23 19:26:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\EEventManager.INI [2012.01.23 18:50:29 | 000,001,778 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Epson Easy Photo Print.lnk [2012.01.23 18:49:15 | 000,000,306 | ---- | M] () -- C:\WINDOWS\setup.iss [2012.01.23 18:47:57 | 000,001,951 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Benutzerhandbuch EPSON SX130 Series.lnk [2012.01.23 18:44:09 | 000,000,671 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EPSON Scan.lnk [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.01.23 19:26:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI [2012.01.23 18:50:29 | 000,001,778 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Epson Easy Photo Print.lnk [2012.01.23 18:49:10 | 000,000,306 | ---- | C] () -- C:\WINDOWS\setup.iss [2012.01.23 18:47:57 | 000,001,951 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Benutzerhandbuch EPSON SX130 Series.lnk [2012.01.23 18:44:09 | 000,000,671 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EPSON Scan.lnk [2011.08.16 21:21:01 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2011.08.16 21:21:01 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2011.08.16 21:21:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2011.08.16 21:21:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2011.08.16 21:21:01 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2011.08.16 21:21:00 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2011.08.15 23:12:13 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll [2011.08.15 23:12:13 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll [2011.08.15 23:12:13 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll [2011.08.15 23:12:13 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll [2011.05.15 10:05:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\1z8sp5gnu44c.ini [2011.04.18 19:33:17 | 000,017,882 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\h707e7w682fxdum2y4bemy60uw646u53k5 [2011.04.18 19:33:17 | 000,017,882 | -HS- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\h707e7w682fxdum2y4bemy60uw646u53k5 [2009.06.03 19:08:33 | 000,000,036 | ---- | C] () -- C:\WINDOWS\rasqervy.dll [2009.06.03 19:08:31 | 000,000,007 | ---- | C] () -- C:\WINDOWS\sdfinacs.dll [2009.06.03 19:08:22 | 000,000,005 | ---- | C] () -- C:\WINDOWS\sdfixwcs.dll [2008.06.23 18:42:00 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins000.exe [2008.06.23 18:42:00 | 000,002,555 | ---- | C] () -- C:\WINDOWS\unins000.dat [2008.06.17 20:02:43 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2008.04.11 20:56:48 | 000,070,876 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2008.03.17 17:56:55 | 000,000,354 | -HS- | C] () -- C:\WINDOWS\System32\amjsnehh.ini [2008.03.04 19:39:44 | 000,162,729 | -HS- | C] () -- C:\WINDOWS\System32\cbeeg.ini [2008.01.19 19:55:14 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2007.03.27 17:10:41 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\cdTextCtl.dll [2007.02.11 12:09:44 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2007.02.11 11:02:25 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2007.02.11 11:02:25 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat [2007.02.11 11:02:25 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat [2007.02.11 11:02:25 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2007.02.11 11:02:25 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2007.02.11 11:02:25 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2007.02.11 11:02:25 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2007.02.11 11:02:25 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2007.02.11 11:02:25 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2007.02.11 11:02:25 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [2007.02.11 11:02:25 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2007.02.11 11:02:25 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2007.02.11 11:02:25 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2007.02.11 11:02:25 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2007.02.11 11:02:25 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2007.02.11 11:02:25 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [2007.02.11 11:02:25 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [2007.02.11 11:02:25 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2007.02.11 11:02:25 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2007.02.11 11:01:55 | 000,065,793 | ---- | C] () -- C:\WINDOWS\System32\esfw66.bin [2007.02.11 11:01:37 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE V10V100V350EFGD.ini [2007.01.25 20:58:37 | 000,159,744 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.01.14 19:33:36 | 000,000,093 | ---- | C] () -- C:\WINDOWS\System32\imon1.dat [2007.01.08 17:25:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\msvcvm20.dll [2007.01.08 17:22:13 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2007.01.08 17:22:10 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll [2006.12.05 18:39:27 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\std201mt.dll [2006.12.05 18:39:21 | 000,000,108 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2006.10.24 14:01:36 | 000,598,016 | ---- | C] () -- C:\WINDOWS\System32\BVid20.dll [2006.10.15 20:06:26 | 000,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini [2006.10.15 19:21:25 | 000,194,248 | ---- | C] () -- C:\WINDOWS\System32\LTRFD13n.DLL [2006.10.15 19:13:03 | 000,001,194 | ---- | C] () -- C:\WINDOWS\VFO.INI [2006.10.15 19:13:02 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll [2006.10.15 19:13:02 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll [2006.10.15 19:13:02 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll [2006.10.15 19:13:02 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll [2006.10.15 19:13:02 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll [2006.10.11 16:49:33 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006.10.11 15:25:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2006.10.11 15:24:51 | 000,002,904 | ---- | C] () -- C:\WINDOWS\mozver.dat [2006.06.12 20:22:06 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe [2006.05.24 23:47:11 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2006.04.19 01:04:53 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2006.04.04 07:21:00 | 000,030,064 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2006.04.04 07:06:23 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2006.02.15 15:04:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll [2006.02.09 12:00:28 | 000,124,347 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2005.12.01 20:11:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2004.12.20 17:24:03 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll [2004.08.07 07:08:56 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2004.08.07 07:08:46 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2004.08.07 07:04:28 | 000,477,430 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2004.08.07 07:04:28 | 000,456,308 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004.08.07 07:04:28 | 000,090,438 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2004.08.07 07:04:28 | 000,076,230 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004.08.07 07:02:10 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini [2004.08.07 06:57:28 | 000,339,440 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2004.08.07 06:52:36 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2004.08.07 06:49:42 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2004.08.04 09:07:00 | 000,037,446 | ---- | C] () -- C:\WINDOWS\System32\ss3dfo.bin [2004.08.04 09:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004.08.04 09:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004.08.04 09:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2004.08.04 09:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004.08.04 09:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004.08.04 09:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2004.08.04 09:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004.08.04 09:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004.08.04 09:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004.08.04 09:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2004.06.01 10:39:56 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL [2004.03.11 00:26:10 | 000,406,016 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe [2004.01.13 19:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll [2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002.05.28 09:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2002.05.28 09:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001.11.14 11:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll [1998.05.07 03:10:00 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\ODMA32.dll ========== LOP Check ========== [2010.07.24 15:32:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adnepo [2008.01.05 20:48:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dokumente und Einstellungen [2010.07.26 16:28:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Elizno [2012.01.23 18:55:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\EPSON [2008.01.20 19:00:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\festplattencleaner [2010.12.23 17:19:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\FILEminimizerPictures [2006.12.05 18:35:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Infineon [2006.10.15 18:54:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\InterTrust [2010.07.22 15:27:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Lesa [2009.01.19 16:18:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Magic Academy [2010.07.12 08:11:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Purui [2008.01.05 20:48:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\report [2006.10.11 22:54:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\SampleView [2011.08.15 23:12:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Simply Super Software [2008.04.11 21:44:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\StarOffice8 [2009.04.01 16:33:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\TuneUp Software [2010.08.14 18:38:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software [2007.04.04 16:53:09 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2012.01.23 18:45:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON [2006.12.05 18:35:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Infineon [2006.10.15 19:58:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle [2006.10.15 19:10:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle Studio [2011.08.15 23:12:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Simply Super Software [2007.03.12 19:21:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SmartSound Software Inc [2011.08.21 17:10:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2009.04.01 16:32:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software [2012.01.23 18:50:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL [2009.04.01 16:32:31 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{55A29068-F2CE-456C-9148-C869879E2357} ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 98 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 @Alternate Data Stream - 102 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:CB0AACC9 < End of report > und Extras.txtOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 11.02.2012 20:51:06 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 86,33% Memory free 4,35 Gb Paging File | 4,15 Gb Available in Paging File | 95,54% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 86,13 Gb Total Space | 33,67 Gb Free Space | 39,10% Space Free | Partition Type: NTFS Drive E: | 7,02 Gb Total Space | 6,78 Gb Free Space | 96,68% Space Free | Partition Type: FAT32 Computer Name: JOACHIM | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop "65533:TCP" = 65533:TCP:*:Enabled:Services "52344:TCP" = 52344:TCP:*:Enabled:Services [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop "65533:TCP" = 65533:TCP:*:Enabled:Services "52344:TCP" = 52344:TCP:*:Enabled:Services ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- () "C:\Programme\Pinnacle\Studio 10\programs\RM.exe" = C:\Programme\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems, Inc.) "C:\Programme\Pinnacle\Studio 10\programs\Studio.exe" = C:\Programme\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems) "C:\Programme\Pinnacle\Studio 10\programs\PMSRegisterFile.exe" = C:\Programme\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile -- ( ) "C:\Programme\Pinnacle\Studio 10\programs\umi.exe" = C:\Programme\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems, Inc.) "C:\Programme\K!TV\K!TV.exe" = C:\Programme\K!TV\K!TV.exe:*:Enabled:K!TV - Application de TéléVision -- (K!) "C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google) "C:\Programme\Epson Software\Event Manager\EEventManager.exe" = C:\Programme\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application -- (SEIKO EPSON CORPORATION) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0515803B-5068-4599-8666-963E143C7381}" = HP Smart Card Security for ProtectTools 5.00 D4 "{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus "{2298055A-F5E6-4332-9A15-C5D99870E72F}" = HP Embedded Security for ProtectTools "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 30 "{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB Video Device Driver "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{2F0D3C9E-4FB6-4A14-B0C4-42328F570177}" = Fingerprint Sensor Minimum Install "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6 "{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8 "{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9 "{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10 "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.00 D2 "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3CB05291-F546-458E-A796-B5BCF5A3CDC4}" = Studio 10 "{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology "{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 E1 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin "{4C643986-DE3C-4737-8472-CCEC36CCC267}" = Studio Content CD "{53EF6570-21A4-47ED-A40A-E6470A5677A3}" = Studio 8 "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{6A012D9C-2E2E-405A-B87C-E909F5297C3F}" = Studio 10 Bonus DVD "{75ECB75A-522C-4312-8DE7-597CDA9D96A3}" = HP Mobile Data Protection System "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX "{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}" = Epson Event Manager "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{914E1AB1-DCA0-4A7D-935F-B58C4B887A2B}" = HP ProtectTools Security Manager 2.00 C3 "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD "{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}" = Epson Easy Photo Print 2 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom "{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures "{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}" = DiscAPI "{A7AD8CEF-72D7-4FE4-8A14-DDD09DC86074}" = HP Notebook Accessories Product Tour "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module "{AC76BA86-7AD7-1031-7B44-A70500000002}" = Adobe Reader 7.0.5 - Deutsch "{AC76BA86-7AD7-1031-7B44-A83000000003}" = Adobe Reader 8.3.1 - Deutsch "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{AE052EF7-2640-48D7-8915-69B810D975CB}" = HP BIOS Configuration for ProtectTools 2.00 C3 "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B5924CA6-24A7-48F5-BC9C-8BFA94ED4564}" = LightScribe 1.4.67.1 "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B7F54262-AB66-44B3-88BF-9FC69941B643}" = Broadcom NetXtreme Ethernet Controller "{B9F4C05D-E42F-4E9A-A73F-FDD9355319FB}" = HP Credential Manager for ProtectTools "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}" = ArcSoft PhotoImpression 5 "{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp "{DFEDA4ED-E67D-4E5E-8FDE-C628B4DCA01B}" = ATI Catalyst Control Center "{E0DBC47C-ED3F-4A1B-A929-9A26DAAA14B3}" = Application Installer 4.00.B5 "{E7485CE5-C004-44D6-AA3E-7EE4DFE2B70E}" = HP Support Phone Numbers "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager "{EEECE229-49F6-4851-A73A-99B058221F8C}" = RAPID "{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F500FE1A-5B52-4851-9813-7541E157ACC4}" = HP User Guides 0020 "{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}" = Windows Media Connect "{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint "3DJongg" = 3DJongg "ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Agere Systems Soft Modem" = Agere Systems HDA Modem "Akademie der Magie" = Akademie der Magie "ATI Display Driver" = ATI Display Driver "avast" = avast! Free Antivirus "Cell Mahjongg" = Cell Mahjongg "Click'N Design 3D for AfterBurner(tm) (V5)" = Click'N Design 3D for AfterBurner(tm) (V5) "DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER "EPSON Scanner" = EPSON Scan "EPSON SX130 Series" = Druckerdeinstallation für EPSON SX130 Series "EPSON SX130 Series Useg" = Benutzerhandbuch EPSON SX130 Series "FILEminimizer Pictures_is1" = FILEminimizer Pictures "GearDrivers" = GearDrivers "Hollywood FX 4.6" = Pinnacle Hollywood FX 4.6 "Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio "ie8" = Windows Internet Explorer 8 "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin "InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers. "Jongi Jongo 2" = Jongi Jongo 2 "K!TV" = K!TV "MD Mahjongg" = MD Mahjongg "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de) "PerfV10_V100 Ben.handbuch" = PerfV10_V100 Ben.handbuch "Picasa2" = Picasa 2 "proDAD-Heroglyph-2.0" = proDAD Heroglyph 2.0 "QuickTime" = QuickTime "RealPlayer 6.0" = RealPlayer Basic "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20 "SynTPDeinstKey" = Synaptics Pointing Device Driver "Trojan Remover_is1" = Trojan Remover 6.8.2 "VLC media player" = VLC media player 1.0.1 "Windows Media Connect" = Windows Media Connect "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR Archivierer "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "X-OOM Movie Clone 4 GOLD" = X-OOM Movie Clone 4 GOLD deinstallieren ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 17.11.2009 08:29:56 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 17.11.2009 08:29:57 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 17.11.2009 08:30:22 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 17.11.2009 08:30:22 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 17.11.2009 08:30:22 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 25.11.2009 15:45:42 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 25.11.2009 16:00:42 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 12.06.2010 12:23:24 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 12.06.2010 12:58:09 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 12.06.2010 13:25:44 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 16.08.2011 16:06:02 | Computer Name = JOACHIM | Source = MsiInstaller | ID = 10005 Description = Produkt: J2SE Runtime Environment 5.0 Update 6 -- Diese Version von JRE ist bereits installiert. Deinstallieren Sie die Software mithilfe des Installations-/Deinstallations-Hilfsprogramms, bevor Sie sie erneut installieren. Error - 16.08.2011 16:12:02 | Computer Name = JOACHIM | Source = MsiInstaller | ID = 1013 Description = Produkt: HP Software Update -- Auf Ihrem System wurde eine neuere Version von HP Software Update gefunden. Setup wird beendet. Error - 16.08.2011 16:22:48 | Computer Name = JOACHIM | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung Setup.exe, Version 4.0.2.3, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 11.09.2011 05:04:33 | Computer Name = JOACHIM | Source = IFXSPMGT | ID = 2687328 Description = The Upgrade Tool returned an error. Error - 24.09.2011 06:54:36 | Computer Name = JOACHIM | Source = PerfNet | ID = 2004 Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen werden nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0. Error - 06.11.2011 04:24:26 | Computer Name = JOACHIM | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung AcroRd32.exe, Version 8.3.1.289, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x07258180. Error - 26.11.2011 07:52:25 | Computer Name = JOACHIM | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung firefox.exe, Version 7.0.1.4288, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 30.01.2012 11:40:42 | Computer Name = JOACHIM | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung firefox.exe, Version 9.0.1.4371, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 30.01.2012 11:40:50 | Computer Name = JOACHIM | Source = IFXSPMGT | ID = 2687328 Description = The Upgrade Tool returned an error. Error - 07.02.2012 17:13:32 | Computer Name = JOACHIM | Source = IFXSPMGT | ID = 2687328 Description = The Upgrade Tool returned an error. [ System Events ] Error - 11.02.2012 14:23:41 | Computer Name = JOACHIM | Source = Cdrom | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden. Error - 11.02.2012 14:28:01 | Computer Name = JOACHIM | Source = Service Control Manager | ID = 7022 Description = Der Dienst "avast! Antivirus" wurde nicht ordnungsgemäß gestartet. Error - 11.02.2012 14:36:06 | Computer Name = JOACHIM | Source = Service Control Manager | ID = 7022 Description = Der Dienst "avast! Antivirus" wurde nicht ordnungsgemäß gestartet. Error - 11.02.2012 14:59:46 | Computer Name = JOACHIM | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "IFXSpMgtSrv" mit den Argumenten "-Service" gestartet wurde, um den folgenden Server zu verwenden: {FBCD9C6A-72CB-47BB-99DD-2317551491DE} Error - 11.02.2012 14:59:50 | Computer Name = JOACHIM | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 11.02.2012 15:00:53 | Computer Name = JOACHIM | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 11.02.2012 15:00:57 | Computer Name = JOACHIM | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Message Queuing" ist vom Dienst "Distributed Transaction Coordinator" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 11.02.2012 15:00:57 | Computer Name = JOACHIM | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Message Queuing Triggers" ist vom Dienst "Message Queuing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 11.02.2012 15:00:57 | Computer Name = JOACHIM | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: Aavmker4 Aspi32 aswSnx aswSP aswTdi Fips intelppm PCLEPCI Error - 11.02.2012 15:01:13 | Computer Name = JOACHIM | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {A1F4E726-8CF1-11D1-BF92-0060081ED811} [ TuneUp Events ] Error - 15.08.2011 17:43:18 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 15.08.2011 17:44:58 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 15.08.2011 17:45:45 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 15.08.2011 17:45:45 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 15.08.2011 18:15:34 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 16.08.2011 16:03:34 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 16.08.2011 16:03:35 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 16.08.2011 16:04:20 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 16.08.2011 16:04:20 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 16.08.2011 16:39:20 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = < End of report > |
11.02.2012, 21:08 | #4 |
| 50 Euro Virus Okay und hier nochmal das ganze mit LOP Prüfung und Purity Prüfung und natürlich beide Log Files. Sorry. OTL.TXTOTL Logfile: Code:
ATTFilter OTL logfile created on: 11.02.2012 20:51:06 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 86,33% Memory free 4,35 Gb Paging File | 4,15 Gb Available in Paging File | 95,54% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 86,13 Gb Total Space | 33,67 Gb Free Space | 39,10% Space Free | Partition Type: NTFS Drive E: | 7,02 Gb Total Space | 6,78 Gb Free Space | 96,68% Space Free | Partition Type: FAT32 Computer Name: JOACHIM | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.02.11 20:04:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\OTL.exe PRC - [2012.02.07 20:43:56 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005.06.29 20:06:54 | 000,043,008 | ---- | M] (Cognizance Corporation) -- C:\Programme\HPQ\IAM\Bin\asghost.exe ========== Modules (No Company Name) ========== MOD - [2012.02.07 20:43:55 | 001,911,768 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2011.08.21 17:07:27 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll MOD - [2005.10.19 09:17:58 | 000,073,728 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\atiacmxx.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - File not found [On_Demand | Stopped] -- -- (getPlusHelper) getPlus(R) SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0) SRV - [2006.01.20 11:20:00 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService) SRV - [2004.10.22 02:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2004.08.11 01:46:56 | 000,483,328 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- c:\Programme\Windows Media Connect\mswmccds.exe -- (WmcCds) Windows Media Connect (WMC) SRV - [2004.08.10 22:50:42 | 000,028,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Connect\mswmcls.exe -- (WmcCdsLs) SRV - [2003.07.28 11:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2003.06.19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) ========== Driver Services (SafeList) ========== DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2008.05.08 15:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST) DRV - [2008.04.13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2008.04.13 19:39:44 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC) DRV - [2006.09.12 20:21:46 | 000,292,864 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA) DRV - [2006.08.21 22:38:46 | 000,007,168 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM) DRV - [2006.03.10 17:12:54 | 000,130,048 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (AES2500) DRV - [2006.03.02 23:45:14 | 001,480,704 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2006.02.15 14:56:58 | 001,342,570 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL) DRV - [2006.02.15 14:54:10 | 000,057,096 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB) DRV - [2006.01.19 14:50:40 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R) DRV - [2006.01.10 02:00:04 | 000,022,016 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2006.01.10 02:00:04 | 000,017,920 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2005.12.12 16:00:46 | 001,120,352 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005.10.26 10:01:02 | 000,142,720 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) DRV - [2005.10.25 19:10:44 | 000,035,488 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\psd.sys -- (PersonalSecureDrive) DRV - [2005.09.20 10:30:56 | 000,162,432 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2005.09.19 12:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb) DRV - [2005.09.19 12:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [2005.09.19 12:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr) DRV - [2005.06.10 14:26:00 | 000,035,968 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM) DRV - [2005.06.02 18:28:38 | 000,171,008 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus) DRV - [2005.05.31 11:46:26 | 000,087,936 | R--- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtipci21.sys -- (GTIPCI21) DRV - [2005.02.23 17:40:26 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2K) DRV - [2005.02.14 01:00:00 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Programme\K!TV\Plugins\S_Bt8x8\DSDrv4.sys -- (DSDrv4) DRV - [2005.02.09 11:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI) DRV - [2003.09.19 15:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) DRV - [2002.07.17 08:05:10 | 000,016,512 | R--- | M] (Adaptec) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32) DRV - [2001.08.18 03:35:52 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP - United States | Laptop Computers, Desktops, Printers, Servers and more IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.defaulturl: "hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {E78313ED-E64C-451B-9B5F-8A66A8D08A64}:2.5.10.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ytff-sunm&p=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.02.07 20:43:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.09.13 19:31:13 | 000,000,000 | ---D | M] [2008.06.23 19:16:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions [2011.05.07 20:57:57 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\e9divmo7.default\extensions [2010.07.05 10:49:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\e9divmo7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.07.25 20:33:49 | 000,000,000 | ---D | M] (FireFox accelerator) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\e9divmo7.default\extensions\{E78313ED-E64C-451B-9B5F-8A66A8D08A64} [2012.02.07 20:44:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.01.24 12:46:55 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2012.02.07 20:43:56 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2011.11.10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll [2012.01.16 08:14:05 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.01.16 08:14:05 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.01.16 08:14:05 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.01.16 08:14:05 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.01.16 08:14:05 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.01.16 08:14:05 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.08.21 17:12:21 | 000,437,191 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com - Informationen zum Thema Sex links. Diese Website steht zum Verkauf! O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 123topsearch.com - Informationen zum Thema 123topsearch. Diese Website steht zum Verkauf! O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 127.0.0.1 ?,,?,?,,??,??,?,? O1 - Hosts: 127.0.0.1 163ns.com O1 - Hosts: 15045 more lines... O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O2 - BHO: (HP Credential Manager for ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programme\HPQ\IAM\Bin\ItIeAddIN.dll (Infineon Technologies AG) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [CognizanceTS] C:\Programme\HPQ\IAM\Bin\AsTsVcc.dll (Cognizance Corporation) O4 - HKLM..\Run: [Cpqset] C:\Programme\HPQ\Default Settings\Cpqset.exe () O4 - HKLM..\Run: [EEventManager] C:\Programme\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [emMON] C:\WINDOWS\emMON.exe (eMPIA Technology, Inc.) O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation) O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe () O4 - HKLM..\Run: [PTHOSTTR] C:\Programme\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TrojanScanner] C:\Programme\Trojan Remover\Trjscan.exe (Simply Super Software) O4 - HKLM..\Run: [WatchDog] C:\Programme\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.) O4 - HKCU..\Run: [EPSON SX130 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [ffdwnd] C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\firefox.exe () O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\DVD Check.lnk = C:\Programme\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Google-Suche - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: &Ins Deutsche übersetzen - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Ähnliche Seiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Im Cache gespeicherte Seite - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Senden an &Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Verweisseiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O12 - Plugin for: .spop - C:\Programme\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O15 - HKCU\..Trusted Domains: microsoft.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] * in Trusted sites) O15 - HKCU\..Trusted Domains: microsoft.com ([*.windowsupdate] * in Trusted sites) O15 - HKCU\..Trusted Domains: windowsupdate.com ([]* in Trusted sites) O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1313529194562 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A7C68F90-524A-47C1-8727-644273B7E030}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\IfxWlxEN: DllName - (IfxWlxEN.dll) - C:\WINDOWS\System32\IfxWlxEN.dll (Infineon Technologies AG) O20 - Winlogon\Notify\OneCard: DllName - (C:\Programme\HPQ\IAM\Bin\AsWlnPkg.dll) - C:\Programme\HPQ\IAM\Bin\AsWlnPkg.dll (Cognizance Corporation) O24 - Desktop Components:0 () - O24 - Desktop Components:1 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\HP Cityscape Wide.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\HP Cityscape Wide.bmp O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\geebc.dll) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.10.15 19:13:03 | 000,000,087 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2001.07.27 23:07:00 | 000,000,000 | -HS- | M] () - E:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2004.04.30 15:01:00 | 000,000,053 | -HS- | M] () - E:\Autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKCU\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.11 19:59:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2012.02.05 11:07:26 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2012.02.05 11:07:26 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2012.02.05 11:07:26 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2012.01.23 18:52:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\ABBYY [2012.01.23 18:52:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ABBYY FineReader 9.0 Sprint [2012.01.23 18:51:35 | 000,000,000 | ---D | C] -- C:\Programme\ABBYY FineReader 9.0 Sprint [2012.01.23 18:51:35 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ABBYY [2012.01.23 18:51:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ABBYY [2012.01.23 18:50:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL [2012.01.23 18:49:15 | 000,000,000 | ---D | C] -- C:\Program Files [2012.01.23 18:47:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Epson Software [2012.01.23 18:47:06 | 000,000,000 | ---D | C] -- C:\Programme\Epson Software [2012.01.23 18:45:11 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\EPSON [2012.01.23 18:44:53 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\E_DCINST.DLL [2012.01.23 18:44:51 | 000,093,696 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FLBHJE.DLL [2012.01.23 18:44:51 | 000,063,488 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FD4BHJE.DLL [2012.01.23 18:44:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON [2012.01.23 18:44:06 | 000,342,016 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\eswiaud.dll [2012.01.23 18:44:06 | 000,132,560 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\esdevapp.exe [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.02.11 19:59:53 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.02.11 19:59:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.02.07 21:26:05 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.02.05 18:26:01 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.02.05 11:07:08 | 000,477,430 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.02.05 11:07:08 | 000,456,308 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.02.05 11:07:08 | 000,090,438 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.02.05 11:07:08 | 000,076,230 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.02.05 08:35:29 | 000,159,744 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.23 19:26:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\EEventManager.INI [2012.01.23 18:50:29 | 000,001,778 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Epson Easy Photo Print.lnk [2012.01.23 18:49:15 | 000,000,306 | ---- | M] () -- C:\WINDOWS\setup.iss [2012.01.23 18:47:57 | 000,001,951 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Benutzerhandbuch EPSON SX130 Series.lnk [2012.01.23 18:44:09 | 000,000,671 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EPSON Scan.lnk [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.01.23 19:26:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI [2012.01.23 18:50:29 | 000,001,778 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Epson Easy Photo Print.lnk [2012.01.23 18:49:10 | 000,000,306 | ---- | C] () -- C:\WINDOWS\setup.iss [2012.01.23 18:47:57 | 000,001,951 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Benutzerhandbuch EPSON SX130 Series.lnk [2012.01.23 18:44:09 | 000,000,671 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EPSON Scan.lnk [2011.08.16 21:21:01 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2011.08.16 21:21:01 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2011.08.16 21:21:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2011.08.16 21:21:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2011.08.16 21:21:01 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2011.08.16 21:21:00 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2011.08.15 23:12:13 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll [2011.08.15 23:12:13 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll [2011.08.15 23:12:13 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll [2011.08.15 23:12:13 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll [2011.05.15 10:05:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\1z8sp5gnu44c.ini [2011.04.18 19:33:17 | 000,017,882 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\h707e7w682fxdum2y4bemy60uw646u53k5 [2011.04.18 19:33:17 | 000,017,882 | -HS- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\h707e7w682fxdum2y4bemy60uw646u53k5 [2009.06.03 19:08:33 | 000,000,036 | ---- | C] () -- C:\WINDOWS\rasqervy.dll [2009.06.03 19:08:31 | 000,000,007 | ---- | C] () -- C:\WINDOWS\sdfinacs.dll [2009.06.03 19:08:22 | 000,000,005 | ---- | C] () -- C:\WINDOWS\sdfixwcs.dll [2008.06.23 18:42:00 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins000.exe [2008.06.23 18:42:00 | 000,002,555 | ---- | C] () -- C:\WINDOWS\unins000.dat [2008.06.17 20:02:43 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2008.04.11 20:56:48 | 000,070,876 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2008.03.17 17:56:55 | 000,000,354 | -HS- | C] () -- C:\WINDOWS\System32\amjsnehh.ini [2008.03.04 19:39:44 | 000,162,729 | -HS- | C] () -- C:\WINDOWS\System32\cbeeg.ini [2008.01.19 19:55:14 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2007.03.27 17:10:41 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\cdTextCtl.dll [2007.02.11 12:09:44 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2007.02.11 11:02:25 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2007.02.11 11:02:25 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat [2007.02.11 11:02:25 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat [2007.02.11 11:02:25 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2007.02.11 11:02:25 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2007.02.11 11:02:25 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2007.02.11 11:02:25 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2007.02.11 11:02:25 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2007.02.11 11:02:25 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2007.02.11 11:02:25 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat [2007.02.11 11:02:25 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2007.02.11 11:02:25 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2007.02.11 11:02:25 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2007.02.11 11:02:25 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2007.02.11 11:02:25 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2007.02.11 11:02:25 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat [2007.02.11 11:02:25 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat [2007.02.11 11:02:25 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2007.02.11 11:02:25 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2007.02.11 11:01:55 | 000,065,793 | ---- | C] () -- C:\WINDOWS\System32\esfw66.bin [2007.02.11 11:01:37 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE V10V100V350EFGD.ini [2007.01.25 20:58:37 | 000,159,744 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.01.14 19:33:36 | 000,000,093 | ---- | C] () -- C:\WINDOWS\System32\imon1.dat [2007.01.08 17:25:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\msvcvm20.dll [2007.01.08 17:22:13 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll [2007.01.08 17:22:10 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll [2006.12.05 18:39:27 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\std201mt.dll [2006.12.05 18:39:21 | 000,000,108 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2006.10.24 14:01:36 | 000,598,016 | ---- | C] () -- C:\WINDOWS\System32\BVid20.dll [2006.10.15 20:06:26 | 000,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini [2006.10.15 19:21:25 | 000,194,248 | ---- | C] () -- C:\WINDOWS\System32\LTRFD13n.DLL [2006.10.15 19:13:03 | 000,001,194 | ---- | C] () -- C:\WINDOWS\VFO.INI [2006.10.15 19:13:02 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll [2006.10.15 19:13:02 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll [2006.10.15 19:13:02 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll [2006.10.15 19:13:02 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll [2006.10.15 19:13:02 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll [2006.10.11 16:49:33 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006.10.11 15:25:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2006.10.11 15:24:51 | 000,002,904 | ---- | C] () -- C:\WINDOWS\mozver.dat [2006.06.12 20:22:06 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe [2006.05.24 23:47:11 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2006.04.19 01:04:53 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2006.04.04 07:21:00 | 000,030,064 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2006.04.04 07:06:23 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2006.02.15 15:04:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll [2006.02.09 12:00:28 | 000,124,347 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2005.12.01 20:11:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2004.12.20 17:24:03 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll [2004.08.07 07:08:56 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2004.08.07 07:08:46 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2004.08.07 07:04:28 | 000,477,430 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2004.08.07 07:04:28 | 000,456,308 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004.08.07 07:04:28 | 000,090,438 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2004.08.07 07:04:28 | 000,076,230 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004.08.07 07:02:10 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini [2004.08.07 06:57:28 | 000,339,440 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2004.08.07 06:52:36 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2004.08.07 06:49:42 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2004.08.04 09:07:00 | 000,037,446 | ---- | C] () -- C:\WINDOWS\System32\ss3dfo.bin [2004.08.04 09:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004.08.04 09:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004.08.04 09:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2004.08.04 09:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004.08.04 09:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004.08.04 09:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2004.08.04 09:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004.08.04 09:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004.08.04 09:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004.08.04 09:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2004.06.01 10:39:56 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL [2004.03.11 00:26:10 | 000,406,016 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe [2004.01.13 19:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll [2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002.05.28 09:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2002.05.28 09:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2001.11.14 11:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll [1998.05.07 03:10:00 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\ODMA32.dll ========== LOP Check ========== [2010.07.24 15:32:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adnepo [2008.01.05 20:48:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dokumente und Einstellungen [2010.07.26 16:28:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Elizno [2012.01.23 18:55:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\EPSON [2008.01.20 19:00:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\festplattencleaner [2010.12.23 17:19:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\FILEminimizerPictures [2006.12.05 18:35:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Infineon [2006.10.15 18:54:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\InterTrust [2010.07.22 15:27:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Lesa [2009.01.19 16:18:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Magic Academy [2010.07.12 08:11:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Purui [2008.01.05 20:48:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\report [2006.10.11 22:54:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\SampleView [2011.08.15 23:12:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Simply Super Software [2008.04.11 21:44:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\StarOffice8 [2009.04.01 16:33:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\TuneUp Software [2010.08.14 18:38:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software [2007.04.04 16:53:09 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2012.01.23 18:45:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON [2006.12.05 18:35:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Infineon [2006.10.15 19:58:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle [2006.10.15 19:10:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle Studio [2011.08.15 23:12:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Simply Super Software [2007.03.12 19:21:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SmartSound Software Inc [2011.08.21 17:10:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2009.04.01 16:32:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software [2012.01.23 18:50:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL [2009.04.01 16:32:31 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{55A29068-F2CE-456C-9148-C869879E2357} ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 98 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 @Alternate Data Stream - 102 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:CB0AACC9 < End of report > und Extras.txt OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 11.02.2012 20:51:06 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 86,33% Memory free 4,35 Gb Paging File | 4,15 Gb Available in Paging File | 95,54% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 86,13 Gb Total Space | 33,67 Gb Free Space | 39,10% Space Free | Partition Type: NTFS Drive E: | 7,02 Gb Total Space | 6,78 Gb Free Space | 96,68% Space Free | Partition Type: FAT32 Computer Name: JOACHIM | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop "65533:TCP" = 65533:TCP:*:Enabled:Services "52344:TCP" = 52344:TCP:*:Enabled:Services [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop "65533:TCP" = 65533:TCP:*:Enabled:Services "52344:TCP" = 52344:TCP:*:Enabled:Services ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- () "C:\Programme\Pinnacle\Studio 10\programs\RM.exe" = C:\Programme\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems, Inc.) "C:\Programme\Pinnacle\Studio 10\programs\Studio.exe" = C:\Programme\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems) "C:\Programme\Pinnacle\Studio 10\programs\PMSRegisterFile.exe" = C:\Programme\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile -- ( ) "C:\Programme\Pinnacle\Studio 10\programs\umi.exe" = C:\Programme\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems, Inc.) "C:\Programme\K!TV\K!TV.exe" = C:\Programme\K!TV\K!TV.exe:*:Enabled:K!TV - Application de TéléVision -- (K!) "C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google) "C:\Programme\Epson Software\Event Manager\EEventManager.exe" = C:\Programme\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application -- (SEIKO EPSON CORPORATION) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0515803B-5068-4599-8666-963E143C7381}" = HP Smart Card Security for ProtectTools 5.00 D4 "{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus "{2298055A-F5E6-4332-9A15-C5D99870E72F}" = HP Embedded Security for ProtectTools "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 30 "{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB Video Device Driver "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{2F0D3C9E-4FB6-4A14-B0C4-42328F570177}" = Fingerprint Sensor Minimum Install "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6 "{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8 "{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9 "{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10 "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.00 D2 "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3CB05291-F546-458E-A796-B5BCF5A3CDC4}" = Studio 10 "{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology "{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 E1 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin "{4C643986-DE3C-4737-8472-CCEC36CCC267}" = Studio Content CD "{53EF6570-21A4-47ED-A40A-E6470A5677A3}" = Studio 8 "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{6A012D9C-2E2E-405A-B87C-E909F5297C3F}" = Studio 10 Bonus DVD "{75ECB75A-522C-4312-8DE7-597CDA9D96A3}" = HP Mobile Data Protection System "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX "{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}" = Epson Event Manager "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{914E1AB1-DCA0-4A7D-935F-B58C4B887A2B}" = HP ProtectTools Security Manager 2.00 C3 "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD "{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}" = Epson Easy Photo Print 2 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom "{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures "{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}" = DiscAPI "{A7AD8CEF-72D7-4FE4-8A14-DDD09DC86074}" = HP Notebook Accessories Product Tour "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module "{AC76BA86-7AD7-1031-7B44-A70500000002}" = Adobe Reader 7.0.5 - Deutsch "{AC76BA86-7AD7-1031-7B44-A83000000003}" = Adobe Reader 8.3.1 - Deutsch "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{AE052EF7-2640-48D7-8915-69B810D975CB}" = HP BIOS Configuration for ProtectTools 2.00 C3 "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B5924CA6-24A7-48F5-BC9C-8BFA94ED4564}" = LightScribe 1.4.67.1 "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B7F54262-AB66-44B3-88BF-9FC69941B643}" = Broadcom NetXtreme Ethernet Controller "{B9F4C05D-E42F-4E9A-A73F-FDD9355319FB}" = HP Credential Manager for ProtectTools "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}" = ArcSoft PhotoImpression 5 "{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp "{DFEDA4ED-E67D-4E5E-8FDE-C628B4DCA01B}" = ATI Catalyst Control Center "{E0DBC47C-ED3F-4A1B-A929-9A26DAAA14B3}" = Application Installer 4.00.B5 "{E7485CE5-C004-44D6-AA3E-7EE4DFE2B70E}" = HP Support Phone Numbers "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager "{EEECE229-49F6-4851-A73A-99B058221F8C}" = RAPID "{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F500FE1A-5B52-4851-9813-7541E157ACC4}" = HP User Guides 0020 "{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}" = Windows Media Connect "{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint "3DJongg" = 3DJongg "ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Agere Systems Soft Modem" = Agere Systems HDA Modem "Akademie der Magie" = Akademie der Magie "ATI Display Driver" = ATI Display Driver "avast" = avast! Free Antivirus "Cell Mahjongg" = Cell Mahjongg "Click'N Design 3D for AfterBurner(tm) (V5)" = Click'N Design 3D for AfterBurner(tm) (V5) "DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER "EPSON Scanner" = EPSON Scan "EPSON SX130 Series" = Druckerdeinstallation für EPSON SX130 Series "EPSON SX130 Series Useg" = Benutzerhandbuch EPSON SX130 Series "FILEminimizer Pictures_is1" = FILEminimizer Pictures "GearDrivers" = GearDrivers "Hollywood FX 4.6" = Pinnacle Hollywood FX 4.6 "Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio "ie8" = Windows Internet Explorer 8 "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin "InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers. "Jongi Jongo 2" = Jongi Jongo 2 "K!TV" = K!TV "MD Mahjongg" = MD Mahjongg "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de) "PerfV10_V100 Ben.handbuch" = PerfV10_V100 Ben.handbuch "Picasa2" = Picasa 2 "proDAD-Heroglyph-2.0" = proDAD Heroglyph 2.0 "QuickTime" = QuickTime "RealPlayer 6.0" = RealPlayer Basic "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20 "SynTPDeinstKey" = Synaptics Pointing Device Driver "Trojan Remover_is1" = Trojan Remover 6.8.2 "VLC media player" = VLC media player 1.0.1 "Windows Media Connect" = Windows Media Connect "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR Archivierer "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "X-OOM Movie Clone 4 GOLD" = X-OOM Movie Clone 4 GOLD deinstallieren ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 17.11.2009 08:29:56 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 17.11.2009 08:29:57 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 17.11.2009 08:30:22 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 17.11.2009 08:30:22 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 17.11.2009 08:30:22 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 25.11.2009 15:45:42 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 25.11.2009 16:00:42 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 12.06.2010 12:23:24 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 12.06.2010 12:58:09 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = Error - 12.06.2010 13:25:44 | Computer Name = JOACHIM | Source = avast! | ID = 33554522 Description = [ Application Events ] Error - 16.08.2011 16:06:02 | Computer Name = JOACHIM | Source = MsiInstaller | ID = 10005 Description = Produkt: J2SE Runtime Environment 5.0 Update 6 -- Diese Version von JRE ist bereits installiert. Deinstallieren Sie die Software mithilfe des Installations-/Deinstallations-Hilfsprogramms, bevor Sie sie erneut installieren. Error - 16.08.2011 16:12:02 | Computer Name = JOACHIM | Source = MsiInstaller | ID = 1013 Description = Produkt: HP Software Update -- Auf Ihrem System wurde eine neuere Version von HP Software Update gefunden. Setup wird beendet. Error - 16.08.2011 16:22:48 | Computer Name = JOACHIM | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung Setup.exe, Version 4.0.2.3, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 11.09.2011 05:04:33 | Computer Name = JOACHIM | Source = IFXSPMGT | ID = 2687328 Description = The Upgrade Tool returned an error. Error - 24.09.2011 06:54:36 | Computer Name = JOACHIM | Source = PerfNet | ID = 2004 Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen werden nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0. Error - 06.11.2011 04:24:26 | Computer Name = JOACHIM | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung AcroRd32.exe, Version 8.3.1.289, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x07258180. Error - 26.11.2011 07:52:25 | Computer Name = JOACHIM | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung firefox.exe, Version 7.0.1.4288, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 30.01.2012 11:40:42 | Computer Name = JOACHIM | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung firefox.exe, Version 9.0.1.4371, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 30.01.2012 11:40:50 | Computer Name = JOACHIM | Source = IFXSPMGT | ID = 2687328 Description = The Upgrade Tool returned an error. Error - 07.02.2012 17:13:32 | Computer Name = JOACHIM | Source = IFXSPMGT | ID = 2687328 Description = The Upgrade Tool returned an error. [ System Events ] Error - 11.02.2012 14:23:41 | Computer Name = JOACHIM | Source = Cdrom | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden. Error - 11.02.2012 14:28:01 | Computer Name = JOACHIM | Source = Service Control Manager | ID = 7022 Description = Der Dienst "avast! Antivirus" wurde nicht ordnungsgemäß gestartet. Error - 11.02.2012 14:36:06 | Computer Name = JOACHIM | Source = Service Control Manager | ID = 7022 Description = Der Dienst "avast! Antivirus" wurde nicht ordnungsgemäß gestartet. Error - 11.02.2012 14:59:46 | Computer Name = JOACHIM | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "IFXSpMgtSrv" mit den Argumenten "-Service" gestartet wurde, um den folgenden Server zu verwenden: {FBCD9C6A-72CB-47BB-99DD-2317551491DE} Error - 11.02.2012 14:59:50 | Computer Name = JOACHIM | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 11.02.2012 15:00:53 | Computer Name = JOACHIM | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 11.02.2012 15:00:57 | Computer Name = JOACHIM | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Message Queuing" ist vom Dienst "Distributed Transaction Coordinator" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 11.02.2012 15:00:57 | Computer Name = JOACHIM | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Message Queuing Triggers" ist vom Dienst "Message Queuing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error - 11.02.2012 15:00:57 | Computer Name = JOACHIM | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: Aavmker4 Aspi32 aswSnx aswSP aswTdi Fips intelppm PCLEPCI Error - 11.02.2012 15:01:13 | Computer Name = JOACHIM | Source = DCOM | ID = 10005 Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {A1F4E726-8CF1-11D1-BF92-0060081ED811} [ TuneUp Events ] Error - 15.08.2011 17:43:18 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 15.08.2011 17:44:58 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 15.08.2011 17:45:45 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 15.08.2011 17:45:45 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 15.08.2011 18:15:34 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 16.08.2011 16:03:34 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 16.08.2011 16:03:35 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 16.08.2011 16:04:20 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 16.08.2011 16:04:20 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = Error - 16.08.2011 16:39:20 | Computer Name = JOACHIM | Source = TuneUp Program Statistics | ID = 131840 Description = < End of report > |
Themen zu 50 Euro Virus |
50 euro, 50 euro virus, 50-euro-virus, board, ebook, euro, gefunde, google, hoffe, notebook, otl.exe, personen, problem, suche, troja, trojaner, trojaner board, virus |