| ![]() Achtung! Aus Sicherheitsgründen Wurde Ihr Windowssystem Blockiert Hallo Leute, ich bin leider auch von diesem Virus befallen worden. Ich habe auch schon ein paar Logs mit. Vielen Dank schonmal im vorraus. OTL.log Code:
ATTFilter OTL logfile created on: 28.03.2012 21:34:10 - Run 1 OTL by OldTimer - Version Folder = C:\Dokumente und Einstellungen\Administrator\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1022,05 Mb Total Physical Memory | 797,69 Mb Available Physical Memory | 78,05% Memory free 2,40 Gb Paging File | 2,32 Gb Available in Paging File | 96,78% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 74,52 Gb Total Space | 31,69 Gb Free Space | 42,52% Space Free | Partition Type: NTFS Drive E: | 3,75 Gb Total Space | 3,60 Gb Free Space | 95,87% Space Free | Partition Type: FAT32 Computer Name: SN482343509837 | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days ========== Processes (SafeList) ========== PRC - [2012.03.28 20:38:50 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (No Company Name) ========== MOD - [2012.01.03 15:10:46 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\ovykpfk.dll -- (gpxgks) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012.02.27 01:15:42 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2011.04.17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Programme\Norton AntiVirus\Engine\\ccSvcHst.exe -- (NAV) SRV - [2010.11.05 11:28:14 | 000,083,248 | ---- | M] (iAnywhere Solutions, Inc.) [Auto | Stopped] -- C:\Programme\Sybase\SQL Anywhere 9\win32\dbsrv9.exe -- (Lexware_Datenbank_Plus) SRV - [2005.05.11 14:52:00 | 000,061,440 | ---- | M] (Cyberlink) [Auto | Stopped] -- C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service) SRV - [2005.05.11 14:50:34 | 000,110,672 | ---- | M] () [Auto | Stopped] -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS) SRV - [2005.05.11 14:50:14 | 000,221,266 | ---- | M] () [Auto | Stopped] -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS) SRV - [2005.01.07 12:01:52 | 000,049,152 | ---- | M] () [Auto | Stopped] -- c:\APPS\HIDSERVICE\HidService.exe -- (GenericHidService) SRV - [2004.12.13 05:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2004.11.09 22:36:01 | 001,140,312 | ---- | M] (America Online, Inc.) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe -- (AOL ACS) SRV - [2004.10.22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003.07.28 13:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2003.06.20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012.03.28 19:45:05 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120328.002\navex15.sys -- (NAVEX15) DRV - [2012.03.28 19:45:05 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20120328.002\naveng.sys -- (NAVENG) DRV - [2012.03.06 17:04:10 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\IPSDefs\20120327.002\IDSXpx86.sys -- (IDSxpx86) DRV - [2012.03.02 20:58:02 | 000,820,856 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\BASHDefs\20120317.002\BHDrvx86.sys -- (BHDrvx86) DRV - [2012.02.04 21:29:43 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2012.02.04 21:29:43 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2011.12.16 18:01:38 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2011.05.10 08:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl) DRV - [2011.04.21 03:37:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NAV\1207000.00D\symtdi.sys -- (SYMTDI) DRV - [2011.03.31 05:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\NAV\1207000.00D\srtsp.sys -- (SRTSP) DRV - [2011.03.31 05:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NAV\1207000.00D\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2011.03.15 04:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1207000.00D\symefa.sys -- (SymEFA) DRV - [2011.01.27 08:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1207000.00D\symds.sys -- (SymDS) DRV - [2010.11.16 03:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\NAV\1207000.00D\ironx86.sys -- (SymIRON) DRV - [2009.08.26 22:41:08 | 000,016,800 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hppaufd0.sys -- (dot4ufd) DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2007.06.19 09:51:20 | 000,107,304 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mdm.sys -- (s816mdm) DRV - [2007.06.19 09:51:18 | 000,099,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mgmt.sys -- (s816mgmt) Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM) DRV - [2007.06.19 09:51:18 | 000,097,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816unic.sys -- (s816unic) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM) DRV - [2007.06.19 09:51:18 | 000,097,320 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816obex.sys -- (s816obex) DRV - [2007.06.19 09:51:18 | 000,013,864 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mdfl.sys -- (s816mdfl) DRV - [2007.06.19 09:51:16 | 000,081,832 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816bus.sys -- (s816bus) Sony Ericsson Device 816 driver (WDM) DRV - [2006.12.20 18:35:39 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM) DRV - [2005.09.20 19:03:44 | 000,008,320 | ---- | M] (Leadtek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wfdbmodr.sys -- (MODRC) DRV - [2005.09.20 19:03:38 | 000,018,560 | ---- | M] (Leadtek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wfdbload.sys -- (WFDBLOAD) DRV - [2005.09.20 19:03:34 | 000,029,952 | ---- | M] (Leadtek) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wfdbbda.sys -- (wfdbbda) DRV - [2005.09.14 23:58:30 | 001,339,392 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005.06.03 17:50:40 | 000,162,176 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21) DRV - [2005.05.25 16:55:58 | 003,134,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2005.03.04 12:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp) DRV - [2005.01.07 18:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService) DRV - [2005.01.06 17:55:38 | 000,009,446 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Programme\WinFast\WFDTV\WFIOCTL.sys -- (WFIOCTL) DRV - [2004.10.29 19:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R) DRV - [2003.01.10 23:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3524854405-904435096-1424309521-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.51204.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\5060 [2011.12.16 16:55:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\IPSFFPlgn\ [2012.02.11 13:14:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.12.09 08:35:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.01.14 09:20:44 | 000,000,000 | ---D | M] [2011.01.24 18:27:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.12.03 20:14:08 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.12.03 20:14:08 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2010.12.03 20:14:08 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2010.12.03 20:14:08 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2010.12.03 20:14:08 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.04 15:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: localhost O2 - BHO: (no name) - {184AA5E6-741D-464a-820E-94B3ABC2F3B4} - No CLSID value found. O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton AntiVirus\Engine\\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (no name) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - No CLSID value found. O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - No CLSID value found. O2 - BHO: (no name) - {EFF39A40-C163-4d5d-B073-52FBB55C646A} - No CLSID value found. O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [LexwareInfoService] C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG) O4 - HKLM..\Run: [PCMService] c:\Apps\Powercinema\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl04g\BrStDvPt.exe (Brother Industories, Ltd.) O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.6.0_02\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider) O4 - HKLM..\Run: [WinFast Schedule] C:\Programme\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.) O4 - HKLM..\Run: [WinFastDTV] C:\Programme\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.) O4 - HKLM..\RunOnceEx: [Flag] Reg Error: Invalid data type. File not found O4 - Startup: C:\Dokumente und Einstellungen\Staples\Startmenü\Programme\Autostart\FAXRX.lnk = C:\Programme\Brother\Brmfl04g\FAXRX.exe (Brother) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3524854405-904435096-1424309521-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03) O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5137A608-75F1-4215-B754-34D2306C986E}: DhcpNameServer = O18 - Protocol\Handler\haufereader - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\APPS\DESKTOP\desktop.htm O24 - Desktop BackupWallPaper: C:\APPS\DESKTOP\desktop.htm O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 60 Days ========== [2012.03.28 21:33:44 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe [2012.03.28 21:33:15 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\IETldCache [2012.03.28 21:32:50 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft [2012.03.28 21:32:50 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten [2012.03.28 21:32:50 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Musik [2012.03.28 21:32:50 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien [2012.03.28 21:32:50 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder [2012.03.28 21:32:50 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop [2012.03.28 21:32:50 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\Cookies [2012.03.28 21:32:50 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Druckumgebung [2012.03.28 21:32:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\You've Got Pictures Screensaver [2012.03.28 21:32:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Symantec [2012.03.28 21:32:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\My Skype Pictures [2012.03.28 21:32:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Macromedia [2012.03.28 21:32:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Identities [2012.03.28 21:32:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Help [2012.03.28 21:32:49 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\SendTo [2012.03.28 21:32:49 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent [2012.03.28 21:32:49 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Zubehör [2012.03.28 21:32:49 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü [2012.03.28 21:32:49 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Favoriten [2012.03.28 21:32:49 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart [2012.03.28 21:32:49 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Vorlagen [2012.03.28 21:32:49 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Netzwerkumgebung [2012.03.28 21:32:49 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen [2012.03.28 21:32:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\PowerCinema [2012.03.28 21:32:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft [2012.03.28 21:32:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Help [2012.03.28 21:32:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory [2012.03.28 21:32:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Adobe [2012.03.28 21:32:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\{3248F0A6-6813-11D6-A77B-00B0D0150040} [2012.03.28 20:24:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner [2012.03.28 20:24:43 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2012.03.28 19:54:05 | 000,000,000 | ---D | C] -- C:\bd_logs [2012.03.26 18:10:04 | 000,000,000 | ---D | C] -- C:\447fc9299972ed3875b9cae49d [2012.03.23 16:36:52 | 000,000,000 | ---D | C] -- C:\fd744f84f26f0f37764d2dfb4185 [2012.03.15 10:10:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes [2012.03.15 10:09:01 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2012.03.15 10:08:42 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2012.03.02 12:30:27 | 000,000,000 | ---D | C] -- C:\afd42c2e07b5a6b45d155cb4a7b5d23e [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 60 Days ========== [2012.03.28 21:33:01 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.03.28 21:32:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.03.28 20:54:43 | 000,340,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.03.28 20:38:50 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe [2012.03.28 20:32:12 | 000,001,218 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3524854405-904435096-1424309521-1006UA.job [2012.03.28 20:24:47 | 000,000,657 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2012.03.28 19:30:00 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Erweiterte Garantie.job [2012.03.27 20:52:25 | 000,000,226 | ---- | M] () -- C:\WINDOWS\Brfaxrx.ini [2012.03.27 20:52:24 | 000,000,032 | ---- | M] () -- C:\WINDOWS\BrmfXCh1.ini [2012.03.25 08:00:14 | 000,506,822 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.03.25 08:00:14 | 000,484,892 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.03.25 08:00:14 | 000,096,616 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.03.25 08:00:14 | 000,080,906 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.03.24 09:39:48 | 000,002,581 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TAXMAN 2012.lnk [2012.03.23 12:32:04 | 000,001,166 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3524854405-904435096-1424309521-1006Core.job [2012.03.23 12:29:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2012.03.23 12:10:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012.03.23 07:30:55 | 000,001,398 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini [2012.03.23 07:30:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\brdfxspd.dat [2012.03.18 10:02:38 | 000,002,581 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TAXMAN 2010.lnk [2012.03.15 10:10:25 | 000,001,525 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk [2012.03.15 09:52:27 | 000,724,628 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1207000.00D\Cat.DB [2012.03.14 16:14:35 | 000,000,432 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI [2012.03.14 16:14:34 | 000,000,034 | ---- | M] () -- C:\WINDOWS\System32\BD2040.DAT [2012.03.12 09:35:46 | 000,002,581 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TAXMAN 2011.lnk [2012.03.05 16:20:49 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.02.15 12:01:50 | 004,547,944 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll [2012.02.13 19:35:39 | 000,004,632 | ---- | M] () -- C:\{1D86652B-6CBD-48E0-A71A-31C72EDE75C6} [2012.02.11 09:59:57 | 000,001,852 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Norton AntiVirus.LNK [2012.02.03 11:57:08 | 001,860,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys [2012.02.03 11:57:08 | 001,860,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.03.28 21:32:51 | 000,002,511 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\secedit.INTEG.RAW [2012.03.28 21:32:51 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2012.03.28 21:32:50 | 000,001,506 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Remoteunterstützung.lnk [2012.03.28 21:32:50 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Internet Explorer.lnk [2012.03.28 21:32:50 | 000,000,625 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Outlook Express.lnk [2012.03.28 20:24:45 | 000,000,657 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2012.03.18 10:02:38 | 000,002,581 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TAXMAN 2010.lnk [2012.03.15 10:10:24 | 000,001,525 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk [2012.03.14 16:14:34 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2040.DAT [2012.03.12 09:35:46 | 000,002,581 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TAXMAN 2011.lnk [2012.02.16 18:07:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.02.16 18:07:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll [2012.02.13 19:35:39 | 000,004,632 | ---- | C] () -- C:\{1D86652B-6CBD-48E0-A71A-31C72EDE75C6} [2012.01.19 17:09:55 | 000,075,420 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2011.09.27 12:17:26 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\LXPrnUtil10.dll [2011.09.27 12:16:20 | 000,304,128 | ---- | C] () -- C:\WINDOWS\System32\LxDNT100.dll [2011.09.27 12:14:14 | 000,133,120 | ---- | C] () -- C:\WINDOWS\System32\LxDNTvmc100.dll [2011.09.27 12:13:58 | 000,069,120 | ---- | C] () -- C:\WINDOWS\System32\LxDNTvm100.dll [2011.05.13 10:03:16 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\dnt27VC8.dll [2011.05.13 10:01:22 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27VC8.dll [2011.05.13 10:01:00 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dntvm27VC8.dll [2011.03.09 00:13:28 | 000,198,104 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2011.03.08 11:03:40 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat ========== LOP Check ========== [2008.02.01 16:14:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BTrieve [2008.02.01 16:13:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Haufe [2012.01.09 18:01:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware [2006.12.20 18:40:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OD2 [2011.12.16 17:21:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PCSettings [2012.01.19 15:26:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ruerup-XXL-Rechner [2007.04.04 18:22:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft [2006.12.20 18:35:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint [2009.09.07 17:54:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Vorsorge und Finanzplanung [2011.12.29 10:26:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42} [2011.06.06 21:24:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2008.07.21 11:59:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Staples\Anwendungsdaten\Haufe [2007.03.08 19:21:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Staples\Anwendungsdaten\Leadertech [2008.02.01 16:19:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Staples\Anwendungsdaten\Lexware [2007.02.08 13:57:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Staples\Anwendungsdaten\OD2 [2007.04.04 18:31:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Staples\Anwendungsdaten\ScanSoft [2011.07.14 15:16:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Staples\Anwendungsdaten\TeamViewer [2011.09.20 09:51:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Staples\Anwendungsdaten\Uniblue [2012.03.28 19:30:00 | 000,000,232 | ---- | M] () -- C:\WINDOWS\Tasks\Erweiterte Garantie.job [2007.02.08 13:52:04 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registrierungserinnerung 3.job ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 28.03.2012 21:34:10 - Run 1 OTL by OldTimer - Version Folder = C:\Dokumente und Einstellungen\Administrator\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1022,05 Mb Total Physical Memory | 797,69 Mb Available Physical Memory | 78,05% Memory free 2,40 Gb Paging File | 2,32 Gb Available in Paging File | 96,78% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 74,52 Gb Total Space | 31,69 Gb Free Space | 42,52% Space Free | Partition Type: NTFS Drive E: | 3,75 Gb Total Space | 3,60 Gb Free Space | 95,87% Space Free | Partition Type: FAT32 Computer Name: SN482343509837 | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "26675:TCP" = 26675:TCP: Service [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "2928:TCP" = 2928:TCP:*:Enabled:mxupj "26675:TCP" = 26675:TCP: Service ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL9~1.0 -- (America Online, Inc.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%ProgramFiles%\AOL 9.0\aol.exe" = %ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL -- (America Online, Inc.) "%ProgramFiles%\Ahead\SIPPS\SIPPS.exe" = %ProgramFiles%\Ahead\SIPPS\SIPPS.exe:*:Enabled:SIPPS "C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL9~1.0 -- (America Online, Inc.) "C:\Programme\Sybase\SQL Anywhere 9\win32\dbsrv9.exe" = C:\Programme\Sybase\SQL Anywhere 9\win32\dbsrv9.exe:*:Enabled:Lexware Datenbank Server -- (iAnywhere Solutions, Inc.) "C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0197D136-598D-4968-BEEA-91C1B764F05D}" = Lexware buchhalter 2012 "{02C8D4A2-7074-4A6F-8422-7BD6788F3197}" = Steuer Update 14.01 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{1716D952-F601-4A07-8988-7FCFAEDE6FDC}" = TAXMAN Bibliothek 2008 "{1923679F-C14B-4790-BC54-EFA3FCDE147B}" = Lexware Elster "{1E38282D-150E-48BF-8EAE-AC96BC996D3A}" = Lexware buchhalter Aktualisierung Februar 2008, Version 13.10 "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD "{225C12AE-BB37-4EE3-8935-583E2F0E6644}" = Lexware reisekosten 2009 "{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2 "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011 "{37BC8FCE-15B1-456E-A62C-EEB175B71340}" = Lexware reisekosten plus 2011 "{3A7E8601-F0C9-49A0-855A-EEDEEFE11F7E}" = Lexware buchhalter 2007 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3EAE4683-E5EE-4835-AAAF-9F2A3014E04B}" = Lexware reisekosten 2007 "{406A5ABF-CA65-4E11-95C7-52228FE48F58}" = TIxx21 "{43922202-9C8F-466B-8038-16AC60AAEED2}" = Multimedia Driver "{49206187-46B4-4CA5-9EE0-C05A8F3C4A29}" = Lexware buchhalter 2005 "{4F91BB7B-34E9-4B52-B997-DD79C18EBB9C}" = Steuer Update 14.01 "{57456DD2-4CDD-4245-A5E6-D865CD8E0238}" = Lexware reisekosten 2009 "{5C5B0836-9648-4057-8044-2DF181E073E2}" = TAXMAN 2010 "{62B7C52C-CAB6-48B1-8245-52356C141C92}" = RENESIS® Player Browser Plugins "{700C61BE-9424-4B20-9153-7A0C59722AF4}" = TAXMAN Bibliothek 2009 "{70788C1F-9CFB-41A8-807F-E79AE0F9C6FD}" = Lexware reisekosten 2007 "{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel "{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player "{7E81E513-27E6-4EC2-BA25-ECF1023A070D}" = Lexware reisekosten 2007 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A13AC4B-2B64-490D-9E75-A2A2CA5E553A}" = Lexware buchhalter 2005 "{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes "{8CE37484-B5C2-497E-8501-D339F1D828CC}" = Lexware reisekosten 2008 "{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{91490409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Primary Interop Assemblies "{91E0258F-5EB1-4790-A92C-F5882DF1D3B5}" = DVAG Online-System "{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow! "{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2 "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch "{B1A4CE9C-0D98-43D0-8815-2212F3752063}" = Lexware reisekosten 2008 "{B26CEFDF-DD0A-4145-ADE6-EE3440DB6711}" = Lexware reisekosten 2007 "{B6C39270-57A2-46F6-96A1-C73EC1503552}" = Lexware buchhalter 2005 für Steuererklärungsprodukte "{B877EB7B-DE53-46F7-AF2A-AF5E3677B625}" = Lexware buchhalter 2007 "{B9730F5B-AAE9-4D89-ADEC-424F8E5B9325}" = Steuer Update 14.01 "{BC63A4AC-435D-4AAD-9881-D0ED60804D1A}" = Lexware buchhalter Aktualisierung Februar 2008, Version 13.10 "{BCADA220-5AD9-11D8-9EAF-0001021625FE}" = TAXMAN 2005 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU "{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU "{C47AFA6E-29EC-4F88-8A05-0C3146016BAE}" = Lexware reisekosten Steuerversion "{C5CBE2E8-10AD-4786-A7C4-4B7E86525F50}" = Steuer Update 15.09 "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update "{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast DTV "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CBC544C4-EBFC-4471-8FE3-BF3DDCEE3840}" = Lexware buchhalter 2007 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D34A78EB-78F2-48ab-8CAE-5D4DC255A491}" = Lexware reisekosten plus 2011 "{D5C8E140-6E6F-11DD-9AA9-0050560400B1}" = Haufe iDesk-Service "{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite "{DAF15921-FA90-4427-82A2-1852A9BAC99A}" = Lexware Datenbank plus 2011 "{DD9BA285-2A1F-4163-8DC4-A3A2B395EFB5}" = TAXMAN 2009 "{E2500C71-5D43-4BA0-B044-9BA9A3A11CAD}" = Lexware buchhalter 2007 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{E98371BD-6C0D-463E-B004-E6303F9A34A7}" = Lexware buchhalter 2008 "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{EC4D5610-F99A-41C8-BA00-9801F81A46CD}" = Lexware buchhalter 2007 "{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support "{EFE38CC6-2592-4F93-B59B-CE4B69600890}" = TAXMAN 2009 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F331FBDC-7DCF-4598-9E7C-E11865677AB4}" = TAXMAN 2008 "{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}" = Lexware Info Service "{F48AAE0F-52F4-11DD-B1F7-0050560400B1}" = Haufe iDesk-Browser "{FA3FDB06-3368-4579-B2F2-5AE8AD6E7871}" = TAXMAN 2012 "{FD745DD6-2E01-4A2F-89E3-1FD5B9235BE9}" = TAXMAN 2008 "{FE688026-1C8C-4E50-889D-4B6607CADC24}" = Lexware buchhalter 2008 "Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2 "CCleaner" = CCleaner "Dynamic Toolbar_is1" = Packard Bell Toolbar 1.0 "Google Updater" = Google Updater "HaufeReader" = HaufeReader "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NAV" = Norton AntiVirus "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "TAX_05" = TAXMAN Bibliothek 2005 "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "WIC" = Windows Imaging Component "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 28.03.2012 13:35:40 | Computer Name = SN482343509837 | Source = MsiInstaller | ID = 1023 Description = Produkt: Microsoft .NET Framework 2.0 Service Pack 2 - Update "KB976765" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\DOKUME~1\Staples\LOKALE~1\Temp\Microsoft .NET Framework 3.0-KB982168_20120328_173507726-Msi0.txt enthalten. Error - 28.03.2012 13:35:40 | Computer Name = SN482343509837 | Source = MsiInstaller | ID = 1023 Description = Produkt: Microsoft .NET Framework 2.0 Service Pack 2 - Update "KB980773" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\DOKUME~1\Staples\LOKALE~1\Temp\Microsoft .NET Framework 3.0-KB982168_20120328_173507726-Msi0.txt enthalten. Error - 28.03.2012 13:35:41 | Computer Name = SN482343509837 | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb982168, P2 1031, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10 0. Error - 28.03.2012 13:38:47 | Computer Name = SN482343509837 | Source = MsiInstaller | ID = 10005 Description = Produkt: Microsoft .NET Framework 2.0 Service Pack 2 -- Problem mit diesem Windows Installer-Paket. Weitere Informationen finden Sie im Setup-Protokoll. Error - 28.03.2012 13:38:49 | Computer Name = SN482343509837 | Source = MsiInstaller | ID = 1023 Description = Produkt: Microsoft .NET Framework 2.0 Service Pack 2 - Update "KB980773" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\DOKUME~1\Staples\LOKALE~1\Temp\Microsoft .NET Framework 2.0-KB2656352_20120328_173549166-Msi0.txt enthalten. Error - 28.03.2012 13:38:49 | Computer Name = SN482343509837 | Source = MsiInstaller | ID = 1023 Description = Produkt: Microsoft .NET Framework 2.0 Service Pack 2 - Update "KB2656352" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\DOKUME~1\Staples\LOKALE~1\Temp\Microsoft .NET Framework 2.0-KB2656352_20120328_173549166-Msi0.txt enthalten. Error - 28.03.2012 13:38:50 | Computer Name = SN482343509837 | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2656352, P2 1031, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10 0. Error - 28.03.2012 13:40:55 | Computer Name = SN482343509837 | Source = MsiInstaller | ID = 10005 Description = Produkt: Microsoft .NET Framework 2.0 Service Pack 2 -- Problem mit diesem Windows Installer-Paket. Weitere Informationen finden Sie im Setup-Protokoll. Error - 28.03.2012 13:40:58 | Computer Name = SN482343509837 | Source = MsiInstaller | ID = 1023 Description = Produkt: Microsoft .NET Framework 2.0 Service Pack 2 - Update "KB2633880" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\DOKUME~1\Staples\LOKALE~1\Temp\Microsoft .NET Framework 2.0-KB2633880_20120328_173857987-Msi0.txt enthalten. Error - 28.03.2012 13:40:59 | Computer Name = SN482343509837 | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb2633880, P2 1031, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10 0. [ System Events ] Error - 28.03.2012 13:28:03 | Computer Name = SN482343509837 | Source = Windows Update Agent | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 2.0 SP2 unter Windows Server 2003 und Windows XP x86 (KB2633880) Error - 28.03.2012 13:35:47 | Computer Name = SN482343509837 | Source = Windows Update Agent | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Microsoft .NET Framework*3.5 SP1-Update für Windows Server*2003 und Windows*XP x86 (KB982168) Error - 28.03.2012 13:38:56 | Computer Name = SN482343509837 | Source = Windows Update Agent | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 2.0 SP2 unter Windows Server 2003 und Windows XP x86 (KB2656352) Error - 28.03.2012 13:41:05 | Computer Name = SN482343509837 | Source = Windows Update Agent | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 2.0 SP2 unter Windows Server 2003 und Windows XP x86 (KB2633880) Error - 28.03.2012 13:42:58 | Computer Name = SN482343509837 | Source = Dhcp | ID = 1002 Description = Die IP-Adresslease für die Netzwerkkarte mit der Netzwerkadresse 001636D25DA8 wurde durch den DHCP-Server abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet). Error - 28.03.2012 13:48:48 | Computer Name = SN482343509837 | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Automatisches LiveUpdate - Scheduler" wurde aufgrund folgenden Fehlers nicht gestartet: %%3 Error - 28.03.2012 13:50:43 | Computer Name = SN482343509837 | Source = Service Control Manager | ID = 7011 Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung von Dienst NAV. /// Winkelfunktion /// TB-Süch-Tiger™
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden. Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
| ![]() Achtung! Aus Sicherheitsgründen Wurde Ihr Windowssystem Blockiert Viele Dank für die Hilfe.
Ich konnte die Systeme bereinigen. Zumindestens so das ich die Daten sichern kann zum neu installieren. Ich bin echt begeistert von diesem Forum und was man hier schon allein über die Suchfunktion erfahren kann. Vielen vielen Dank. Benutzt habe ich Malwarebytes und Kapersky Rescue Disk 10. Kann erfolgreich geschlossen werden.
