| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GVU-Trojaner auf Laptop (Windows Vista / 32bit System)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
02.09.2012, 20:01
| #5 |
| |  GVU-Trojaner auf Laptop (Windows Vista / 32bit System) Den Laptop hab ich vorm kurzem erst gebraucht übernommen, ich dachte eigentlich da sei alles aktuell  okay, hab jetzt die Schritte der Reihenfolge nach ausgeführt.Hier das ESET-Protokoll: Code:
ATTFilter C:\Users\*\Downloads\installer_driver_netgear_ma111_2_0_Deutsch.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
OTL Logfile: Code:
ATTFilter OTL logfile created on: 02.09.2012 20:39:32 - Run 3 OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\*\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 47,17% Memory free 4,23 Gb Paging File | 3,00 Gb Available in Paging File | 70,88% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 221,31 Gb Total Space | 113,13 Gb Free Space | 51,12% Space Free | Partition Type: NTFS Drive D: | 11,57 Gb Total Space | 2,18 Gb Free Space | 18,85% Space Free | Partition Type: NTFS Computer Name: HPNOTE | User Name: * | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.09.02 14:21:26 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2012.08.30 22:53:02 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\side\Desktop\OTL.exe PRC - [2011.06.30 11:53:56 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2011.06.30 11:53:56 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2010.11.22 17:53:41 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.01.19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe PRC - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.19 09:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2008.01.19 09:33:04 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2007.09.15 10:29:10 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPStart.exe PRC - [2007.08.17 15:27:00 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2007.07.25 08:02:44 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007.07.25 08:02:42 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2007.01.17 15:34:18 | 000,634,880 | ---- | M] (Motorola Inc.) -- C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe PRC - [2000.02.25 02:23:44 | 008,810,548 | R--- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office\WINWORD.EXE ========== Modules (No Company Name) ========== MOD - [2012.09.02 14:21:25 | 002,242,528 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2012.07.31 13:34:48 | 006,277,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll MOD - [2007.09.30 20:34:52 | 000,345,384 | ---- | M] () -- C:\Programme\Hp\QuickPlay\Kernel\TV\CLTinyDB.dll MOD - [2007.09.30 20:34:42 | 000,255,384 | ---- | M] () -- C:\Programme\Hp\QuickPlay\Kernel\TV\CLCapEngine.dll MOD - [2007.09.30 20:34:42 | 000,120,208 | ---- | M] () -- C:\Programme\Hp\QuickPlay\Kernel\TV\CLSchMgr.dll MOD - [2007.09.30 20:34:42 | 000,038,184 | ---- | M] () -- C:\Programme\Hp\QuickPlay\Kernel\TV\CLCapSvcps.dll ========== Services (SafeList) ========== SRV - [2012.09.02 14:21:25 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.08.22 00:35:11 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012.08.15 18:03:23 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.06.30 11:53:56 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.06.30 11:53:56 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2007.07.25 08:02:44 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) SRV - [2007.03.05 11:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - [2011.06.30 11:53:56 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.06.30 11:53:56 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.10.03 06:02:06 | 009,905,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2008.11.17 15:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) DRV - [2007.09.18 01:17:36 | 000,098,816 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007.07.11 11:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid) DRV - [2007.06.28 17:09:56 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) DRV - [2007.06.18 18:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2007.03.21 23:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007.02.24 15:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007.01.23 17:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007.01.17 15:38:52 | 000,983,936 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{32A10E6B-4466-4C22-ABD0-3177E7EE05BA}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933 IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{CD32024F-867F-498D-8290-012F95967AE4}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{32A10E6B-4466-4C22-ABD0-3177E7EE05BA}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_deDE394 IE - HKCU\..\SearchScopes\{CD32024F-867F-498D-8290-012F95967AE4}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.02 14:21:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.02 14:19:03 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.02 14:21:26 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.02 14:19:03 | 000,000,000 | ---D | M] [2010.02.14 18:18:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\side\AppData\Roaming\mozilla\Extensions [2012.08.08 02:07:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\side\AppData\Roaming\mozilla\Firefox\Profiles\bmzafqmu.default\extensions [2012.08.08 02:07:11 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\side\AppData\Roaming\mozilla\Firefox\Profiles\bmzafqmu.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.08.02 16:28:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.09.02 14:21:26 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.09.02 14:21:22 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.02 14:21:22 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.09.02 14:21:22 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.09.02 14:21:22 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.09.02 14:21:22 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.09.02 14:21:22 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10ze_Plugin.exe (Adobe Systems, Inc.) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\side\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98C85D7A-6827-4D07-A101-CDB8113A4B4C}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\side\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\side\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.09.02 14:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012.09.02 14:19:03 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012.09.02 14:19:03 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2012.09.02 14:19:03 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.09.02 14:18:30 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.09.02 14:18:30 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.09.02 14:18:30 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012.08.31 14:15:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.08.31 14:15:31 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.08.31 11:28:18 | 000,000,000 | ---D | C] -- C:\Users\side\AppData\Roaming\Malwarebytes [2012.08.31 11:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.08.31 11:27:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.08.31 11:27:39 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.08.31 11:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.08.30 22:52:57 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\side\Desktop\OTL.exe [2012.08.24 00:05:13 | 000,000,000 | ---D | C] -- C:\Users\side\Documents\Armies of Exigo [2012.08.23 23:58:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive [2012.08.23 23:54:17 | 000,000,000 | ---D | C] -- C:\Program Files\City Interactive [2012.08.22 00:35:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared [2012.08.19 18:34:51 | 000,000,000 | ---D | C] -- C:\Users\side\AppData\Roaming\Ahab [2012.08.19 18:34:50 | 000,000,000 | ---D | C] -- C:\Users\side\AppData\Roaming\Vyeqro [2012.08.19 18:34:50 | 000,000,000 | ---D | C] -- C:\Users\side\AppData\Roaming\Alhuog [2012.08.19 02:53:20 | 000,000,000 | ---D | C] -- C:\Users\side\AppData\Roaming\GTek [2012.08.19 02:48:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2012.08.19 02:48:32 | 000,000,000 | ---D | C] -- C:\Users\side\AppData\Roaming\HpUpdate [2012.08.19 02:48:28 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard [2012.08.18 02:09:49 | 000,000,000 | ---D | C] -- C:\Users\side\Desktop\Neuer Ordner [2012.08.16 01:10:09 | 000,000,000 | ---D | C] -- C:\Users\side\AppData\Roaming\Template [2012.08.15 22:31:41 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe [2012.08.15 22:31:41 | 000,000,000 | ---D | C] -- C:\Users\side\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III [2012.08.15 17:59:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2012.08.15 17:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2012.08.15 17:59:37 | 000,000,000 | ---D | C] -- C:\Program Files\Steam [2012.08.13 10:19:38 | 000,000,000 | ---D | C] -- C:\Users\side\AppData\Local\Microsoft Games [2012.08.09 20:25:46 | 000,000,000 | ---D | C] -- C:\Users\side\Desktop\Bilder [2012.08.09 20:25:09 | 000,000,000 | ---D | C] -- C:\Users\side\Desktop\Dateien [2012.08.09 00:52:24 | 000,000,000 | ---D | C] -- C:\Users\side\Desktop\Musik [2012.08.08 12:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm [2012.08.08 12:32:17 | 000,000,000 | ---D | C] -- C:\Users\side\AppData\Local\Last.fm [2012.08.08 12:32:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm [2012.08.08 12:32:11 | 000,000,000 | ---D | C] -- C:\Program Files\Last.fm [2012.08.08 02:07:10 | 000,000,000 | ---D | C] -- C:\Users\side\AppData\Roaming\DVDVideoSoftIEHelpers [2012.08.08 02:07:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2012.08.08 02:06:57 | 000,405,144 | ---- | C] (Newtonsoft) -- C:\Windows\System32\Newtonsoft.Json.Net20.dll [2012.08.08 02:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft [2012.08.08 02:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2012.08.08 02:06:08 | 000,000,000 | ---D | C] -- C:\Users\side\AppData\Roaming\DVDVideoSoft [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.09.02 20:47:33 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.09.02 20:47:33 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.09.02 20:47:01 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.09.02 20:45:00 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{917AC808-2C2F-42C5-87A1-CA938C1B7AB6}.job [2012.09.02 20:35:55 | 000,048,096 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012.09.02 20:35:55 | 000,048,096 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012.09.02 20:35:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.09.02 14:50:03 | 000,000,163 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2012.09.02 14:48:55 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.09.02 14:47:52 | 001,656,000 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.09.02 14:47:17 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys [2012.09.02 14:45:29 | 000,231,166 | ---- | M] () -- C:\Users\side\Documents\cc_20120902_144509.reg [2012.09.02 14:17:59 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012.09.02 14:17:53 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012.09.02 14:17:53 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.09.02 14:17:53 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.09.02 14:17:53 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.09.02 14:17:52 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2012.09.02 13:41:16 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk [2012.08.31 14:15:33 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.08.31 11:27:43 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.30 23:09:37 | 000,302,592 | ---- | M] () -- C:\Users\side\Desktop\tvlzh26h.exe [2012.08.30 22:53:02 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\side\Desktop\OTL.exe [2012.08.30 22:51:56 | 000,000,000 | ---- | M] () -- C:\Users\side\defogger_reenable [2012.08.30 22:48:43 | 000,050,477 | ---- | M] () -- C:\Users\side\Desktop\Defogger.exe [2012.08.23 23:58:21 | 000,001,017 | ---- | M] () -- C:\Users\side\Desktop\Armies of Exigo.lnk [2012.08.22 12:15:45 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.08.22 12:15:45 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.08.22 12:15:45 | 000,126,260 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.08.22 12:15:45 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.08.16 01:10:09 | 000,000,128 | ---- | M] () -- C:\Users\side\AppData\Roaming\wklnhst.dat [2012.08.15 23:21:21 | 000,055,065 | ---- | M] () -- C:\Windows\War3Unin.dat [2012.08.15 23:21:14 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe [2012.08.15 23:21:14 | 000,002,829 | ---- | M] () -- C:\Windows\War3Unin.pif [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.09.02 14:45:14 | 000,231,166 | ---- | C] () -- C:\Users\side\Documents\cc_20120902_144509.reg [2012.09.02 13:41:16 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk [2012.09.02 13:41:15 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk [2012.08.31 14:15:33 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.08.31 11:27:43 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.08.30 23:09:36 | 000,302,592 | ---- | C] () -- C:\Users\side\Desktop\tvlzh26h.exe [2012.08.30 22:51:56 | 000,000,000 | ---- | C] () -- C:\Users\side\defogger_reenable [2012.08.30 22:48:40 | 000,050,477 | ---- | C] () -- C:\Users\side\Desktop\Defogger.exe [2012.08.30 22:42:51 | 2145,837,056 | -HS- | C] () -- C:\hiberfil.sys [2012.08.23 23:58:21 | 000,001,017 | ---- | C] () -- C:\Users\side\Desktop\Armies of Exigo.lnk [2012.08.22 00:46:15 | 000,001,088 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Stock Photos CS3.lnk [2012.08.22 00:43:26 | 000,001,264 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit 2.lnk [2012.08.22 00:43:03 | 000,001,057 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS3.lnk [2012.08.22 00:39:24 | 000,000,964 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS3.lnk [2012.08.16 01:10:06 | 000,000,128 | ---- | C] () -- C:\Users\side\AppData\Roaming\wklnhst.dat [2012.08.15 22:31:41 | 000,055,065 | ---- | C] () -- C:\Windows\War3Unin.dat [2012.08.15 22:31:41 | 000,002,829 | ---- | C] () -- C:\Windows\War3Unin.pif [2011.06.30 12:28:48 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2011.06.30 12:28:48 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2010.08.28 16:46:33 | 000,017,408 | ---- | C] () -- C:\Users\side\AppData\Local\WebpageIcons.db [2010.07.18 10:59:32 | 000,048,096 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010.07.18 10:59:32 | 000,048,096 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010.02.14 15:19:07 | 000,000,680 | ---- | C] () -- C:\Users\side\AppData\Local\d3d9caps.dat [2008.03.12 22:01:37 | 000,003,584 | ---- | C] () -- C:\Users\side\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.03.09 15:49:40 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat [2008.01.21 22:19:35 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLec.DAT [2008.01.21 22:13:01 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Galaxy Swirl [2008.01.21 22:13:01 | 000,000,268 | RH-- | C] () -- C:\Users\side\AppData\Roaming\Frameworks [2008.01.21 22:13:01 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLds.DAT [2008.01.21 22:13:01 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Grapher [2008.01.21 22:04:45 | 000,027,240 | ---- | C] () -- C:\Users\side\AppData\Roaming\nvModes.001 [2008.01.21 22:03:44 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html [2008.01.21 21:56:43 | 000,027,240 | ---- | C] () -- C:\Users\side\AppData\Roaming\nvModes.dat ========== LOP Check ========== [2012.08.19 18:34:51 | 000,000,000 | ---D | M] -- C:\Users\side\AppData\Roaming\Ahab [2012.08.24 02:01:16 | 000,000,000 | ---D | M] -- C:\Users\side\AppData\Roaming\Alhuog [2008.03.03 21:51:01 | 000,000,000 | ---D | M] -- C:\Users\side\AppData\Roaming\cerasus.media [2012.08.08 02:08:40 | 000,000,000 | ---D | M] -- C:\Users\side\AppData\Roaming\DVDVideoSoft [2012.08.08 02:07:10 | 000,000,000 | ---D | M] -- C:\Users\side\AppData\Roaming\DVDVideoSoftIEHelpers [2012.07.31 02:25:58 | 000,000,000 | ---D | M] -- C:\Users\side\AppData\Roaming\LolClient [2008.01.21 22:13:53 | 000,000,000 | ---D | M] -- C:\Users\side\AppData\Roaming\Nikon [2012.08.16 01:10:09 | 000,000,000 | ---D | M] -- C:\Users\side\AppData\Roaming\Template [2012.08.22 19:55:19 | 000,000,000 | ---D | M] -- C:\Users\side\AppData\Roaming\Vyeqro [2012.09.02 14:46:25 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.09.02 20:45:00 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{917AC808-2C2F-42C5-87A1-CA938C1B7AB6}.job ========== Purity Check ========== < End of report > --- --- --- Extras: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 02.09.2012 20:39:32 - Run 3
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\*\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 47,17% Memory free
4,23 Gb Paging File | 3,00 Gb Available in Paging File | 70,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,31 Gb Total Space | 113,13 Gb Free Space | 51,12% Space Free | Partition Type: NTFS
Drive D: | 11,57 Gb Total Space | 2,18 Gb Free Space | 18,85% Space Free | Partition Type: NTFS
Computer Name: HPNOTE | User Name: * | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{95024284-9823-49D4-B4B1-7D666CCEC72D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9A8BC985-558C-4E46-AD52-F38848007B17}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3C787F27-03E4-49C0-8C87-1E903EA5DAD6}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{40940FC6-CB2E-4B92-B19D-518CCE21B5B7}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{4970421D-731D-4200-A1A3-75CD9773B61F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{583B4C31-45ED-453C-9A91-67A2D5C9C1DC}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{5D3B0111-6349-49BA-BE1C-F9D977A1B974}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{6E654A94-9FCA-4019-AD51-172B475C3564}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{7058F374-CA66-4318-872B-F5CB9181C766}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{72F4B48F-A429-4CC1-AA0F-B7D32FB92BC2}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{87CB1480-EEF6-4F4A-9468-0AF6A05F52B3}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{BA3B35DA-B466-4848-8EF3-C0F7BB71081A}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D1EBE3D7-02B0-4BEB-9626-2D347D249777}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D5D0661A-1055-4496-9607-0BFC70E33C17}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D7310273-E9FA-4EDF-9BAC-FA461E9E3705}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{FFED16F2-9C41-4E9C-919F-2353240B948B}" = dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{2AFF09A0-6DC0-42A0-886B-2C297AAB5F35}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{3885A7AF-3C48-4682-92D3-A344F6B045B6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{5770A9C4-1BD5-498C-AF82-8EE090E41136}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{5984CEA3-BC09-42DB-BC3E-48EFA2E9DC8C}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{5F7C490D-06CE-42EC-88ED-3210F3813FE0}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{6E4B7C11-B098-47E8-B44F-F4C3E9FC45BB}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{83A9626B-6494-4043-8F24-CD59FC9C3D11}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{945ECAA3-DB6F-4D82-B502-0DD0502C543E}C:\program files\hp\hp software update\hpwucli.exe" = protocol=6 | dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"TCP Query User{97323CB3-EE61-4CBF-A88D-75BED8A19546}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{9770EB0A-85C2-40DC-ACFD-D2B39C8572C5}C:\program files\zattoo\zattoo2.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo2.exe |
"TCP Query User{B68E4756-6314-4DA6-A233-90A1CB19B17C}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{BA677619-DEF4-49D8-9997-9CAF42524976}C:\program files\zattoo\zattoo2.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattoo2.exe |
"TCP Query User{D911111D-C085-4422-8C90-309CA9F2D332}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{DADF9BB6-1D11-4D9D-AE84-A02D8519FA42}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{E572ACE8-6DF3-4597-80EA-04D28AF7497C}C:\program files\hp\hp software update\hpwucli.exe" = protocol=6 | dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"UDP Query User{0B1A2C7C-3BC8-450A-9D64-67C89AAA95F4}C:\program files\hp\hp software update\hpwucli.exe" = protocol=17 | dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"UDP Query User{10975869-3922-43A6-BDE3-62F613AB6B79}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{1967C3A1-EC98-4006-8702-91DEE0C2FC01}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{1AEDCAF4-DD1C-418D-B443-4790D4008BA2}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{5E5E758D-5CF4-4D6F-B398-CFF2F8717C1F}C:\program files\hp\hp software update\hpwucli.exe" = protocol=17 | dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"UDP Query User{6123206A-0D11-437A-97B1-66C4B4D6D1A3}C:\program files\zattoo\zattoo2.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo2.exe |
"UDP Query User{61734479-9BA1-41F8-B7A6-CE9D5F6FAF0C}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{806C4C8E-B8E9-42CB-AADE-35ECDB3E383F}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{86FDEB68-B702-4A5E-973A-1DAACC6AA95B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{881323F4-ABC5-4CE6-B8E6-B76A66A39109}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{A9A5B1D5-D807-4AD7-904C-9B1B078766C4}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{B5863E79-7175-4983-8A4F-D98D2341A9DC}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{CEE4AB8D-0465-4759-A7FE-9E035943A317}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{D9829F51-E862-4C31-986C-81AC135FD5A4}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{EF325296-CA50-4663-BB4C-9671C2A5B677}C:\program files\zattoo\zattoo2.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattoo2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{2284D904-C138-4B58-93EC-5C362AB5130A}" = Die Sims™ Lebensgeschichten
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E1
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D356AA9-2D0C-4373-A762-B42F1A289233}" = MSCU for Microsoft Vista
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{65AA10FF-6F32-48AE-881F-FC96E7BF3A5E}" = ESU for Microsoft Vista
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}" = QuickTime
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7DC4A410-9986-4329-9E5D-687B2C42CA39}" = HP QuickTouch 1.00 C4
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8347A7A5-4AB8-433F-82AA-496B0D189A9B}" = HP User Guides 0088
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.0 - Deutsch
"{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor
"{B35E04CF-3A12-4F91-9981-ECF1915BCE76}" = MA111 Configuration Utility
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E70C67ED-4592-11D6-85CC-00A0CC603DBA}" = Löwenzahn 6
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Armies of Exigo_is1" = Armies of Exigo
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"Cogpack" = Cogpack
"Deutschlands Brettspiele Deluxe" = Deutschlands Brettspiele Deluxe 1.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.26.706
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"LastFM_is1" = Last.fm 1.5.4.27091
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.4
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Warcraft III" = Warcraft III
"WildTangent hp Master Uninstall" = My HP Games
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 01.09.2012 13:37:01 | Computer Name = hpnote | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 01.09.2012 13:37:03 | Computer Name = hpnote | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 31028833
Error - 01.09.2012 13:37:03 | Computer Name = hpnote | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 31028833
Error - 02.09.2012 04:25:25 | Computer Name = hpnote | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 02.09.2012 04:25:25 | Computer Name = hpnote | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 02.09.2012 05:58:19 | Computer Name = hpnote | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 02.09.2012 05:58:19 | Computer Name = hpnote | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 02.09.2012 06:06:33 | Computer Name = hpnote | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 02.09.2012 06:06:34 | Computer Name = hpnote | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 02.09.2012 06:07:44 | Computer Name = hpnote | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ System Events ]
Error - 02.09.2012 05:55:54 | Computer Name = hpnote | Source = HTTP | ID = 15016
Description =
Error - 02.09.2012 05:57:43 | Computer Name = hpnote | Source = Service Control Manager | ID = 7000
Description =
Error - 02.09.2012 06:07:36 | Computer Name = hpnote | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 02.09.2012 07:40:08 | Computer Name = hpnote | Source = DCOM | ID = 10005
Description =
Error - 02.09.2012 07:40:08 | Computer Name = hpnote | Source = Service Control Manager | ID = 7009
Description =
Error - 02.09.2012 07:40:08 | Computer Name = hpnote | Source = Service Control Manager | ID = 7000
Description =
Error - 02.09.2012 08:11:56 | Computer Name = hpnote | Source = HTTP | ID = 15016
Description =
Error - 02.09.2012 08:12:41 | Computer Name = hpnote | Source = Service Control Manager | ID = 7000
Description =
Error - 02.09.2012 08:47:30 | Computer Name = hpnote | Source = HTTP | ID = 15016
Description =
Error - 02.09.2012 08:49:02 | Computer Name = hpnote | Source = Service Control Manager | ID = 7000
Description =
< End of report >
|
| Themen zu GVU-Trojaner auf Laptop (Windows Vista / 32bit System) |
| 32bit, bereits, durchgeführt, ellung, gvu-trojaner, heute, laptop, sperrung, super, surfe, surfen, system, systemwiederherstellung, vista, windows, windows vista, würde |
Baum-Darstellung