|
Log-Analyse und Auswertung: Mouse-Curser spinnt beim TextschreibenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
13.12.2012, 13:10 | #1 |
| Mouse-Curser spinnt beim Textschreiben Hallo Trojaner-Board User, ich habe seit einiger Zeit ein seltsames Problem. Beim Schreiben von Texten, sei es in Word, Email, etc., springt mein Cursor während der Texteingabe in eine andere Zeile, genau da wo meine Maus sich befindet (! ich komme nicht ans Touchpad !), sodass Texte oft mühsam geschrieben werden müssen. Seit einem Monat tritt das Problem seltener auf, d.h. etwa einmal je geschriebenen Text (Textlänge wie hier).Vor wenigen Monaten kam das Problem deutlich häufiger vor. Woran liegt das? Ist das ein Virus? Logfiles von Malwarebytes Anti-Malware, OTL und CCleaner habe bereits ich erstellt: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.12.12.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 8.0.7601.17514 TheGreatest :: THEGREATEST-PC [Administrator] Schutz: Aktiviert 12.12.2012 11:12:19 mbam-log-2012-12-12 (11-12-19).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 406795 Laufzeit: 2 Stunde(n), 37 Minute(n), 2 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) OTL Logfile: Code:
ATTFilter OTL logfile created on: 13.12.2012 10:38:21 - Run 1 OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\TheGreatest\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,72% Memory free 3,98 Gb Paging File | 2,77 Gb Available in Paging File | 69,54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 78,13 Gb Total Space | 25,05 Gb Free Space | 32,06% Space Free | Partition Type: NTFS Drive D: | 151,71 Gb Total Space | 29,80 Gb Free Space | 19,64% Space Free | Partition Type: NTFS Computer Name: THEGREATEST-PC | User Name: TheGreatest | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) PRC - C:\Programme\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe (Adobe Systems, Inc.) PRC - C:\Users\TheGreatest\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) ========== Modules (No Company Name) ========== MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_262.dll () ========== Win32 Services (SafeList) ========== SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com) SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (vpnagent) -- C:\Programme\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (ZTEusbser6k) -- system32\DRIVERS\ZTEusbser6k.sys File not found DRV - (ZTEusbnmea) -- system32\DRIVERS\ZTEusbnmea.sys File not found DRV - (ZTEusbmdm6k) -- system32\DRIVERS\ZTEusbmdm6k.sys File not found DRV - (massfilter) -- system32\drivers\massfilter.sys File not found DRV - (ALSysIO) -- C:\Users\THEGRE~1\AppData\Local\Temp\ALSysIO.sys File not found DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (vpnva) -- C:\Windows\System32\drivers\vpnva.sys (Cisco Systems, Inc.) DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (s217unic) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (WDM) -- C:\Windows\System32\drivers\s217unic.sys (MCCI) DRV - (s217obex) -- C:\Windows\System32\drivers\s217obex.sys (MCCI Corporation) DRV - (s217nd5) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (NDIS) -- C:\Windows\System32\drivers\s217nd5.sys (MCCI Corporation) DRV - (s217mdm) -- C:\Windows\System32\drivers\s217mdm.sys (MCCI Corporation) DRV - (s217bus) Sony Ericsson Device 217 driver (WDM) -- C:\Windows\System32\drivers\s217bus.sys (MCCI Corporation) DRV - (s217mdfl) -- C:\Windows\System32\drivers\s217mdfl.sys (MCCI Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 31 49 5F 2D 7A D5 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "" FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.06 21:11:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.06 21:11:17 | 000,000,000 | ---D | M] [2010.05.03 22:31:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TheGreatest\AppData\Roaming\mozilla\Extensions [2012.12.11 14:10:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TheGreatest\AppData\Roaming\mozilla\Firefox\Profiles\3vlt6597.default\extensions [2010.10.16 15:41:40 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\TheGreatest\AppData\Roaming\mozilla\Firefox\Profiles\3vlt6597.default\extensions\firefox@tvunetworks.com [2011.03.04 13:01:39 | 000,001,359 | ---- | M] () -- C:\Users\TheGreatest\AppData\Roaming\Mozilla\Firefox\Profiles\3vlt6597.default\searchplugins\ubw-katalogsuche.xml [2012.12.06 21:11:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.12.06 21:11:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012.12.06 21:11:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012.12.06 21:11:21 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010.01.12 21:03:50 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll O1 HOSTS File: ([2011.01.04 14:38:00 | 000,428,463 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 14749 more lines... O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0 O8 - Extra context menu item: Free YouTube Download - C:\Users\TheGreatest\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\TheGreatest\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63F60E7C-3A0B-4CA7-A190-0486C20A25F0}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CAA57537-5C06-4EFE-BFD2-B204D0CA0241}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKCU Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{1c8abd36-1309-11e2-8529-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{1c8abd36-1309-11e2-8529-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.12.06 21:11:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012.12.05 12:14:10 | 000,000,000 | ---D | C] -- C:\Users\TheGreatest\Desktop\christliches [2012.11.27 22:10:23 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys [2012.11.27 22:10:23 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll [2012.11.27 22:10:03 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll [2012.11.27 22:10:03 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll [2012.11.27 22:10:03 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll [2012.11.27 21:11:08 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll [2012.11.27 21:11:08 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll [2012.11.27 21:11:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll [2012.11.27 21:11:01 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll [2012.11.27 21:10:57 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012.11.27 21:10:53 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll [2012.11.27 21:10:53 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll [1 C:\Users\TheGreatest\Desktop\*.tmp files -> C:\Users\TheGreatest\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.12.13 10:43:18 | 000,016,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.12.13 10:43:18 | 000,016,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.12.13 10:35:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.12.13 10:35:31 | 1602,781,184 | -HS- | M] () -- C:\hiberfil.sys [2012.12.07 20:01:30 | 000,169,611 | ---- | M] () -- C:\Users\TheGreatest\Desktop\DSC_13190001-1-.JPG [2012.12.06 11:11:30 | 000,098,808 | ---- | M] () -- C:\Users\TheGreatest\Desktop\hintergrund-strand-palmen.jpg [2012.12.05 12:55:33 | 000,006,656 | ---- | M] () -- C:\Users\TheGreatest\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.11.28 16:06:44 | 000,412,776 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.11.27 22:15:21 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.11.27 22:15:21 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.11.27 22:15:21 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.11.27 22:15:21 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat [1 C:\Users\TheGreatest\Desktop\*.tmp files -> C:\Users\TheGreatest\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.12.06 11:11:21 | 000,098,808 | ---- | C] () -- C:\Users\TheGreatest\Desktop\hintergrund-strand-palmen.jpg [2012.11.27 22:10:25 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012.11.27 22:10:03 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012.09.20 20:28:38 | 000,044,544 | ---- | C] () -- C:\Windows\System32\Gif89.dll [2012.08.27 11:40:05 | 000,000,040 | ---- | C] () -- C:\Users\TheGreatest\AppData\Roaming\cdr.ini [2011.12.16 16:57:38 | 000,240,119 | ---- | C] () -- C:\Windows\hpwins28.dat.temp [2011.12.16 16:57:38 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat.temp [2011.12.10 13:44:29 | 000,241,123 | ---- | C] () -- C:\Windows\hpwins28.dat [2011.06.24 13:30:51 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.05.27 14:13:44 | 000,000,070 | ---- | C] () -- C:\Windows\wiso.ini [2011.02.28 18:10:44 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.01.04 14:33:15 | 000,000,092 | ---- | C] () -- C:\Windows\wininit.ini [2010.12.18 00:51:21 | 000,074,224 | ---- | C] () -- C:\Windows\hpqins16.dat.temp [2010.12.18 00:45:06 | 000,073,867 | ---- | C] () -- C:\Windows\hpqins16.dat ========== Alternate Data Streams ========== @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:7631EA83 < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 13.12.2012 10:38:21 - Run 1 OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\TheGreatest\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,72% Memory free 3,98 Gb Paging File | 2,77 Gb Available in Paging File | 69,54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 78,13 Gb Total Space | 25,05 Gb Free Space | 32,06% Space Free | Partition Type: NTFS Drive D: | 151,71 Gb Total Space | 29,80 Gb Free Space | 19,64% Space Free | Partition Type: NTFS Computer Name: THEGREATEST-PC | User Name: TheGreatest | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{151ADC6B-3973-4659-9D32-92B9617DC7B9}" = rport=138 | protocol=17 | dir=out | app=system | "{173158F9-F842-4C3A-A07F-58C4FF4DEB4F}" = lport=2869 | protocol=6 | dir=in | app=system | "{18782E71-22E9-46C6-A7C7-6422395FFF4E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1BE4F1DF-741F-40ED-B59A-A3C96A5DEE19}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{20DD4CE5-BAE8-4666-86D3-A4D628C26D9A}" = rport=10243 | protocol=6 | dir=out | app=system | "{238E088F-C5B4-4AAB-B46F-40F93A38C36E}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | "{2757DBE0-BF18-4C1B-8299-6E739769E79A}" = lport=139 | protocol=6 | dir=in | app=system | "{2D9AC766-C3E3-4A84-B7CC-49A6834B6DEB}" = lport=445 | protocol=6 | dir=in | app=system | "{5FEDF936-0C7C-4004-839B-CAA130FE8C69}" = lport=10243 | protocol=6 | dir=in | app=system | "{6CDAF117-2056-4E1B-891C-82D7048F8A47}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{779A353E-74C6-4E80-B796-184C4E1B239F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7B6162C5-44A8-48D0-B373-62F3279B8310}" = rport=445 | protocol=6 | dir=out | app=system | "{8028A0C2-0228-452C-9206-87C985783EE1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{804A8E7F-278C-4D24-AA71-818D6F8F6815}" = lport=137 | protocol=17 | dir=in | app=system | "{81AFC714-FC42-4D06-BE0F-D4C31854A96A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{84A7C8E8-A990-4961-A398-7831B05294A0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{9110FC12-2ACE-464F-A00C-FF2EB42F9238}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A186BDD0-1955-41F4-A3E6-ABD0C1726B1C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{AA9071BE-E4E8-4276-AC15-1FF8095BB1F7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C292D6EC-C3B3-4105-B805-2F11A4FD7DEF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CD9CA227-A7FF-4F91-B459-70E4984AFA6B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CE73C75A-4FA0-46B3-9FB2-E75A8214DBD1}" = rport=137 | protocol=17 | dir=out | app=system | "{DB3F0DBE-EA77-4DC1-AA5D-6CBAB9586D38}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{DC584D67-E2C6-4900-8B95-4CFAB5EC3D5E}" = lport=138 | protocol=17 | dir=in | app=system | "{FF1D4E0B-A38A-44EA-A2DC-DE20D763031D}" = rport=139 | protocol=6 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{08441E39-BFDB-45B6-A515-5C337531A5DB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1A6B6D46-4C5A-4D11-9998-9A50F00F9465}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1B091F9A-9451-4417-9B7F-F2F0A973C6F8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | "{237B7067-5E77-4CF5-8667-4CD9DA37F854}" = protocol=6 | dir=out | app=system | "{2B90C045-9F88-4539-85BE-9EB5FFA93115}" = protocol=17 | dir=in | app=c:\users\thegreatest\appdata\roaming\dropbox\bin\dropbox.exe | "{351B168A-0583-4811-8562-6B8A0733C094}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | "{3A1FD748-1F8C-48A3-B324-50CC7657F1E7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe | "{3C8BBD58-10C0-4510-9086-0EE09210FB43}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{49F0CB1C-0294-4A88-88FE-FA0389983F53}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{66C8E163-9FCB-4D70-91C3-4C087B74DEBC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7678AEB8-6FF4-47EC-A080-2B786542A8B2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe | "{780DB3FC-3B9A-47A2-A8FC-FD2A4097264E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{89735D82-83D8-4999-952B-E1620282658C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{9B8D672C-E2DC-414D-9E9B-82F771601BE0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{9C4A68D0-B60B-4D1E-9240-04184AE07A9E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{9CFC13D0-38F9-42D4-8338-7507D9AF40F0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{A1726D5B-B880-4A11-AB4E-49C369A71C25}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A28514EF-DC8F-49CC-A083-BE87EAB178FC}" = protocol=6 | dir=in | app=c:\users\thegreatest\appdata\roaming\dropbox\bin\dropbox.exe | "{A847D2E4-D938-4D7A-8B8F-CC5644336948}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | "{AE50809D-3BBC-40D5-BC94-FC3C8B415EED}" = dir=in | app=e:\setup\hpznui01.exe | "{B7C6CD87-14A5-43AF-8BC3-9E231FC08F47}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe | "{BB771F1F-1BE5-4CC7-B7E2-00200FBF5FB5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C2EFBCD0-B375-4160-812D-361F53B5F9B8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{CBAA9719-AD10-4BE2-8860-00CE1FE3D790}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{CFB163A2-ABE2-4E38-A2A6-C92B5BEFAD3D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{D34D47B9-55AF-46AB-AEF2-06B7F494BE78}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{D53539B6-DE3E-4B9F-8FBB-C21ED2400F6B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | "{D5370157-85F5-4C4B-9DD6-E4C13DBE3784}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{D8C283B6-6369-47AB-8F3A-098DDBD1F85B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | "{DC764701-7EC7-4C64-B1D2-0308BF8CF62F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe | "{DDC2E1A5-86F3-4638-8E25-42FA4B67F750}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | "{E59A9C90-2818-44F2-82F3-D50F55A14F93}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{EC58EDB1-CB9B-4A00-B192-A5B2F627AF32}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{ECEB1578-F521-4B7E-8DDA-BA42866475D9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | "{F0AE220C-2ED0-402F-A62C-F1C002EAFCCF}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{FEFFBC9E-F670-4E64-97FE-5BA6BEF6B83D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe | "TCP Query User{031DEA86-32E5-4DBA-B5FB-E59EA7F50DD7}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{34148CB8-FE93-4049-8C93-1558AC32D610}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "TCP Query User{4F5CB025-FB3A-4817-8C7B-E4E4F3B91F8B}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{6D2EEB5B-EC75-4810-9A6E-7CC5AA111AA2}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | "TCP Query User{A77A3D5B-47B6-4034-911E-46D29CFA1D69}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{B8DA42BB-667A-4A5D-AF95-17578D301F87}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{CFF256E0-1021-4416-8D46-9C9E6DCAB846}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | "TCP Query User{EAD33E83-7FBA-45EE-98E0-A7D58F8892FA}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{0FA66B14-6348-4DFB-B6B9-0D1D0F75BB9C}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | "UDP Query User{19CEB912-EF57-4480-AE28-AC1B962E56CA}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{378256BB-D79E-4013-861B-9D3E78DB1E55}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{540B9EA9-25F0-423E-8A09-441223197ACB}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | "UDP Query User{581D2CE8-90C3-4513-97E6-E6686E119AA6}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | "UDP Query User{A3769580-8D83-492A-94BE-4579208A8125}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{C31A21C4-BAF0-4CC3-BA03-AFE3D039818E}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{E491CB5B-C6EA-4420-84C3-717065359200}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11 "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 37 "{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{3A4D5E2D-988D-4ee9-8E7F-3AC200A2B8F5}" = 4500G510nz_Software_Min "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax "{46E1B1F2-A279-4356-9B17-029F9CC72EAE}" = Brother MFL-Pro Suite DCP-7030 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.62.02 "{5B05FF91-F20C-4832-A8DE-E1912639C17C}" = 4500G510nz "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{690879A5-18EF-447B-98D6-B699D51008AB}" = 4500_G510nz_Help "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{7240A69A-AC53-46A1-9039-1281DDBBE452}" = Cisco AnyConnect VPN Client "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}" = HP Officejet 4500 G510n-z "{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.4.3 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch "{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9 "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status "{B2455727-ED8F-4643-8A6E-F4AB8DE3633D}" = Network "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax "{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{D5842AC3-59C7-4DDD-BB33-54FE544DB3DA}" = Komponenten der Betriebssystemkommunikation "{D6C9AF27-9414-46C8-B9D8-D878BA041031}" = Nero 8 Ultra Edition HD "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{FD065B02-AE17-4496-8C0F-FFD3A9FD9460}" = WISO Bewerbung 2008 "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.15 "AudibleManager" = AudibleManager "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CCleaner" = CCleaner "Digital Editions" = Adobe Digital Editions "DivX Setup.divx.com" = DivX-Setup "ENTERPRISE" = Microsoft Office Enterprise 2007 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4 "Free CD to MP3 Converter" = Free CD to MP3 Converter "Free YouTube Download_is1" = Free YouTube Download 2.9 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8 "HDMI" = Intel(R) Graphics Media Accelerator Driver "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HPOCR" = OCR Software by I.R.I.S. 13.0 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper "SopCast" = SopCast 3.2.9 "Stellar Phoenix Photo Recovery_is1" = Stellar Phoenix Photo Recovery "TVWiz" = Intel(R) TV Wizard "VLC media player" = VLC media player 1.0.5 "Winamp" = Winamp "WinRAR archiver" = WinRAR "Zero Assumption Recovery_is1" = Zero Assumption Recovery Version 9 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "Winamp Detect" = Winamp Anwendungserkennung ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 06.12.2012 05:37:41 | Computer Name = TheGreatest-PC | Source = Windows Search Service | ID = 9000 Description = Error - 06.12.2012 05:37:41 | Computer Name = TheGreatest-PC | Source = Windows Search Service | ID = 7040 Description = Error - 06.12.2012 05:37:41 | Computer Name = TheGreatest-PC | Source = Windows Search Service | ID = 7042 Description = Error - 06.12.2012 05:37:41 | Computer Name = TheGreatest-PC | Source = Windows Search Service | ID = 9002 Description = Error - 06.12.2012 05:37:42 | Computer Name = TheGreatest-PC | Source = Windows Search Service | ID = 3029 Description = Error - 06.12.2012 05:37:42 | Computer Name = TheGreatest-PC | Source = Windows Search Service | ID = 3029 Description = Error - 06.12.2012 05:37:42 | Computer Name = TheGreatest-PC | Source = Windows Search Service | ID = 3028 Description = Error - 06.12.2012 05:37:42 | Computer Name = TheGreatest-PC | Source = Windows Search Service | ID = 3058 Description = Error - 06.12.2012 05:37:42 | Computer Name = TheGreatest-PC | Source = Windows Search Service | ID = 7010 Description = Error - 10.12.2012 18:29:45 | Computer Name = TheGreatest-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 17.0.1.4715, Zeitstempel: 0x50b71a4b Name des fehlerhaften Moduls: xul.dll, Version: 17.0.1.4715, Zeitstempel: 0x50b7198b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00144ed8 ID des fehlerhaften Prozesses: 0x320 Startzeit der fehlerhaften Anwendung: 0x01cdd6b98203f5ba Pfad der fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe Pfad des fehlerhaften Moduls: C:\Program Files\Mozilla Firefox\xul.dll Berichtskennung: 18db2f4c-4319-11e2-8567-00219bd74b14 [ Cisco AnyConnect VPN Client Events ] Error - 08.12.2012 10:09:00 | Computer Name = TheGreatest-PC | Source = vpnagent | ID = 67108866 Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function: _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw Error: No such file or directory Error - 08.12.2012 15:27:27 | Computer Name = TheGreatest-PC | Source = vpnagent | ID = 67108866 Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function: _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw Error: No such file or directory Error - 09.12.2012 07:51:31 | Computer Name = TheGreatest-PC | Source = vpnagent | ID = 67108866 Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function: _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw Error: No such file or directory Error - 09.12.2012 12:14:32 | Computer Name = TheGreatest-PC | Source = vpnagent | ID = 67110873 Description = Termination reason code 9: Client PC is shutting down. Error - 09.12.2012 14:37:45 | Computer Name = TheGreatest-PC | Source = vpnagent | ID = 67108866 Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function: _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw Error: No such file or directory Error - 10.12.2012 05:29:25 | Computer Name = TheGreatest-PC | Source = vpnagent | ID = 67108866 Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function: _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw Error: No such file or directory Error - 11.12.2012 09:01:37 | Computer Name = TheGreatest-PC | Source = vpnagent | ID = 67108866 Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function: _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw Error: No such file or directory Error - 11.12.2012 16:00:38 | Computer Name = TheGreatest-PC | Source = vpnagent | ID = 67108866 Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function: _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw Error: No such file or directory Error - 12.12.2012 05:44:56 | Computer Name = TheGreatest-PC | Source = vpnagent | ID = 67108866 Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function: _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw Error: No such file or directory Error - 13.12.2012 05:35:42 | Computer Name = TheGreatest-PC | Source = vpnagent | ID = 67108866 Description = Function: fileExists File: .\Utility\sysutils.cpp Line: 500 Invoked Function: _tstat Return Code: 2 (0x00000002) Description: Das System kann die angegebene Datei nicht finden. File: C:\ProgramData\Cisco\Cisco AnyConnect VPN Client\InitialFirewallConfig.wfw Error: No such file or directory [ OSession Events ] Error - 24.05.2010 17:34:29 | Computer Name = TheGreatest-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 38618 seconds with 12420 seconds of active time. This session ended with a crash. Error - 20.06.2010 19:37:24 | Computer Name = TheGreatest-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2912 seconds with 360 seconds of active time. This session ended with a crash. Error - 13.10.2011 15:08:23 | Computer Name = TheGreatest-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 24538 seconds with 19740 seconds of active time. This session ended with a crash. Error - 13.10.2011 15:18:52 | Computer Name = TheGreatest-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 586 seconds with 540 seconds of active time. This session ended with a crash. Error - 15.10.2011 06:44:26 | Computer Name = TheGreatest-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 7274 seconds with 5940 seconds of active time. This session ended with a crash. Error - 15.10.2011 16:00:16 | Computer Name = TheGreatest-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 33339 seconds with 5580 seconds of active time. This session ended with a crash. Error - 16.10.2011 07:01:15 | Computer Name = TheGreatest-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4065 seconds with 2160 seconds of active time. This session ended with a crash. Error - 16.10.2011 08:20:32 | Computer Name = TheGreatest-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3995 seconds with 2520 seconds of active time. This session ended with a crash. Error - 16.10.2011 19:13:23 | Computer Name = TheGreatest-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5870 seconds with 3840 seconds of active time. This session ended with a crash. Error - 16.10.2011 19:14:54 | Computer Name = TheGreatest-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 41 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 05.12.2012 06:28:27 | Computer Name = TheGreatest-PC | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht. Error - 05.12.2012 06:28:57 | Computer Name = TheGreatest-PC | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error - 05.12.2012 06:29:27 | Computer Name = TheGreatest-PC | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst RasMan erreicht. Error - 05.12.2012 06:30:03 | Computer Name = TheGreatest-PC | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht. Error - 05.12.2012 06:30:53 | Computer Name = TheGreatest-PC | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht. Error - 05.12.2012 06:31:23 | Computer Name = TheGreatest-PC | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht. Error - 05.12.2012 06:32:16 | Computer Name = TheGreatest-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?05.?12.?2012 um 11:12:06 unerwartet heruntergefahren. Error - 06.12.2012 05:37:43 | Computer Name = TheGreatest-PC | Source = Service Control Manager | ID = 7024 Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535. Error - 06.12.2012 05:37:43 | Computer Name = TheGreatest-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error - 06.12.2012 11:03:35 | Computer Name = TheGreatest-PC | Source = DCOM | ID = 10010 Description = < End of report > Code:
ATTFilter Adobe Digital Editions 13.06.2012 Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 13.06.2012 10.0.45.2 Adobe Flash Player 11 Plugin Adobe Systems Incorporated 20.06.2012 6,00MB 11.3.300.262 Adobe Reader X (10.1.1) - Deutsch Adobe Systems Incorporated 14.09.2011 119,2MB 10.1.1 Amazon MP3-Downloader 1.0.15 Amazon Services LLC 26.08.2012 1.0.15 AudibleManager Audible, Inc. 26.08.2012 2000771696.48.56.28577138 Avira AntiVir Personal - Free Antivirus Avira GmbH 29.10.2012 61,8MB 10.2.0.719 Brother MFL-Pro Suite DCP-7030 Brother Industries, Ltd. 28.05.2010 1.0.1.0 CCleaner Piriform 13.06.2012 3.17 Cisco AnyConnect VPN Client Cisco Systems, Inc. 01.01.2012 4,68MB 2.5.3055 ContentSAFER for Wizmax 02.05.2010 Dell Touchpad Alps Electric 13.06.2012 7.1.103.4 DivX-Setup DivX, Inc. 13.06.2012 1.0.2.23 Dropbox 02.10.2010 0.7.110 Free Audio CD Burner version 1.4 DVDVideoSoft Limited. 06.09.2010 8,09MB Free CD to MP3 Converter 26.08.2012 Free YouTube Download 2.9 DVDVideoSoft Limited. 29.11.2010 25,5MB Free YouTube to MP3 Converter version 3.8 DVDVideoSoft Limited. 06.09.2010 32,1MB HP Imaging Device Functions 13.0 HP 13.06.2012 13.0 HP Officejet 4500 G510n-z HP 13.06.2012 13.0 Intel(R) Graphics Media Accelerator Driver Intel Corporation 13.06.2012 54,3MB 8.15.10.1930 Intel(R) TV Wizard Intel Corporation 13.06.2012 Japanese Fonts Support For Adobe Reader 9 Adobe Systems Incorporated 29.03.2011 16,5MB 9.0.0 Java(TM) 6 Update 37 Oracle 13.06.2012 95,7MB 6.0.370 Malwarebytes Anti-Malware Version 1.61.0.1400 Malwarebytes Corporation 10.04.2012 18,0MB 1.61.0.1400 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 13.06.2012 38,8MB 4.0.30319 Microsoft Office Enterprise 2007 Microsoft Corporation 13.06.2012 12.0.4518.1014 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 28.05.2010 2,70MB 8.0.59193 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 17.12.2010 1,42MB 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 02.05.2010 0,58MB 9.0.30729.4148 Mozilla Firefox 17.0.1 (x86 de) Mozilla 06.12.2012 41,7MB 17.0.1 Mozilla Maintenance Service Mozilla 06.12.2012 0,32MB 17.0.1 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 14.05.2010 35,00KB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 14.05.2010 1,33MB 4.20.9876.0 Nero 8 Ultra Edition HD Nero AG 12.05.2010 1.757MB 8.3.312 OCR Software by I.R.I.S. 13.0 HP 13.06.2012 13.0 PaperPort Image Printer Nuance Communications, Inc. 28.05.2010 0,51MB 1.00.0000 PC Inspector smart recovery 19.09.2012 4.50 PDF24 Creator 4.4.3 PDF24.org 03.05.2012 33,8MB ResearchSoft Direct Export Helper 13.06.2012 RICOH R5U8xx Media Driver ver.3.62.02 RICOH 11.07.2010 3.62.02 ScanSoft PaperPort 11 Nuance Communications, Inc. 28.05.2010 147,1MB 11.2.0000 Skype™ 5.1 Skype Technologies S.A. 27.02.2011 22,7MB 5.1.112 SopCast 3.2.9 www.sopcast.com 13.06.2012 3.2.9 Stellar Phoenix Photo Recovery Stellar Information Systems Ltd 23.09.2012 10,4MB 4.0.0.0 SUPERAntiSpyware SUPERAntiSpyware.com 13.06.2012 121,5MB 5.1.1002 VLC media player 1.0.5 VideoLAN Team 13.06.2012 1.0.5 Winamp Nullsoft, Inc 13.06.2012 5.572 Winamp Anwendungserkennung Nullsoft, Inc 02.05.2010 0,12MB 1.0.0.1 Windows Media Player Firefox Plugin Microsoft Corp 23.06.2010 0,29MB 1.0.0.8 WinRAR 13.06.2012 WISO Bewerbung 2008 Buhl Data Service GmbH 26.05.2011 19,5MB 6.1.0.56 Zero Assumption Recovery Version 9 23.09.2012 5,48MB Vielen Danke schon mal, Gruß Roberto |
14.12.2012, 14:09 | #2 |
| Mouse-Curser spinnt beim Textschreiben Hallo,
__________________kann jemand mir helfen, wo liegt das Problem? Bin über jede Hilfe, Kommentar dankbar. Liebe Grüße Roberto |
19.12.2012, 11:19 | #3 |
/// Helfer-Team | Mouse-Curser spinnt beim Textschreiben1. Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ |
21.12.2012, 10:53 | #4 |
| Mouse-Curser spinnt beim Textschreiben Danke für die Hilfe t´john ich habe beides gemacht. Logfile AdwCleaner Code:
ATTFilter # AdwCleaner v2.101 - Datei am 21/12/2012 um 10:09:42 erstellt # Aktualisiert am 16/12/2012 von Xplode # Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits) # Benutzer : TheGreatest - THEGREATEST-PC # Bootmodus : Normal # Ausgeführt unter : C:\Users\TheGreatest\Downloads\adwcleaner.exe # Option [Löschen] **** [Dienste] **** ***** [Dateien / Ordner] ***** Ordner Gelöscht : C:\Users\TheGreatest\AppData\Roaming\Mozilla\Firefox\Profiles\3vlt6597.default\Conduit ***** [Registrierungsdatenbank] ***** Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gelöscht : HKCU\Software\Softonic Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater ***** [Internet Browser] ***** -\\ Internet Explorer v8.0.7601.17514 [OK] Die Registrierungsdatenbank ist sauber. -\\ Mozilla Firefox v17.0.1 (de) Profilname : default Datei : C:\Users\TheGreatest\AppData\Roaming\Mozilla\Firefox\Profiles\3vlt6597.default\prefs.js Gelöscht : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Gelöscht : user_pref("CT2269050.CTID", "CT2269050"); Gelöscht : user_pref("CT2269050.CurrentServerDate", "18-7-2010"); Gelöscht : user_pref("CT2269050.DialogsAlignMode", "LTR"); Gelöscht : user_pref("CT2269050.DownloadReferralCookieData", ""); Gelöscht : user_pref("CT2269050.EMailNotifierPollDate", "Sun Jul 18 2010 16:32:16 GMT+0200"); Gelöscht : user_pref("CT2269050.FirstServerDate", "18-7-2010"); Gelöscht : user_pref("CT2269050.FirstTime", true); Gelöscht : user_pref("CT2269050.FirstTimeFF3", true); Gelöscht : user_pref("CT2269050.FirstTimeSettingsDone", true); Gelöscht : user_pref("CT2269050.FixPageNotFoundErrors", true); Gelöscht : user_pref("CT2269050.GroupingServerCheckInterval", 1440); Gelöscht : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Gelöscht : user_pref("CT2269050.Initialize", true); Gelöscht : user_pref("CT2269050.InitializeCommonPrefs", true); Gelöscht : user_pref("CT2269050.InstallationAndCookieDataSentCount", 1); Gelöscht : user_pref("CT2269050.InstallationType", "UnknownIntegration"); Gelöscht : user_pref("CT2269050.InstalledDate", "Sun Jul 18 2010 16:32:16 GMT+0200"); Gelöscht : user_pref("CT2269050.InvalidateCache", false); Gelöscht : user_pref("CT2269050.IsGrouping", false); Gelöscht : user_pref("CT2269050.IsMulticommunity", false); Gelöscht : user_pref("CT2269050.IsOpenThankYouPage", false); Gelöscht : user_pref("CT2269050.IsOpenUninstallPage", false); Gelöscht : user_pref("CT2269050.LanguagePackLastCheckTime", "Sun Jul 18 2010 16:32:18 GMT+0200"); Gelöscht : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440); Gelöscht : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Gelöscht : user_pref("CT2269050.LastLogin_2.7.0.14", "Sun Jul 18 2010 16:32:17 GMT+0200"); Gelöscht : user_pref("CT2269050.LatestVersion", "2.1.0.18"); Gelöscht : user_pref("CT2269050.Locale", "en"); Gelöscht : user_pref("CT2269050.LoginCache", 4); Gelöscht : user_pref("CT2269050.MCDetectTooltipHeight", "83"); Gelöscht : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Gelöscht : user_pref("CT2269050.MCDetectTooltipWidth", "295"); Gelöscht : user_pref("CT2269050.RadioIsPodcast", false); Gelöscht : user_pref("CT2269050.RadioLastCheckTime", "Sun Jul 18 2010 16:32:18 GMT+0200"); Gelöscht : user_pref("CT2269050.RadioLastUpdateIPServer", "3"); Gelöscht : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000"); Gelöscht : user_pref("CT2269050.RadioMediaID", "12473383"); Gelöscht : user_pref("CT2269050.RadioMediaType", "Media Player"); Gelöscht : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383"); Gelöscht : user_pref("CT2269050.RadioStationName", "Hotmix%20108"); Gelöscht : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082"); Gelöscht : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...] Gelöscht : user_pref("CT2269050.SearchFromAddressBarIsInit", true); Gelöscht : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...] Gelöscht : user_pref("CT2269050.SearchInNewTabEnabled", true); Gelöscht : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440); Gelöscht : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Sun Jul 18 2010 16:32:18 GMT+0200"); Gelöscht : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Gelöscht : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Gelöscht : user_pref("CT2269050.SettingsCheckIntervalMin", 120); Gelöscht : user_pref("CT2269050.SettingsLastCheckTime", "Sun Jul 18 2010 16:32:16 GMT+0200"); Gelöscht : user_pref("CT2269050.SettingsLastUpdate", "1277823092"); Gelöscht : user_pref("CT2269050.ThirdPartyComponentsInterval", 504); Gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Sun Jul 18 2010 16:32:16 GMT+0200"); Gelöscht : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1277823092"); Gelöscht : user_pref("CT2269050.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...] Gelöscht : user_pref("CT2269050.Uninstall", true); Gelöscht : user_pref("CT2269050.UserID", "UN92707748622685871"); Gelöscht : user_pref("CT2269050.WeatherNetwork", ""); Gelöscht : user_pref("CT2269050.WeatherPollDate", "Sun Jul 18 2010 16:32:17 GMT+0200"); Gelöscht : user_pref("CT2269050.WeatherUnit", "C"); Gelöscht : user_pref("CT2269050.alertChannelId", "666138"); Gelöscht : user_pref("CT2269050.clientLogIsEnabled", false); Gelöscht : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Gelöscht : user_pref("CT2269050.myStuffEnabled", true); Gelöscht : user_pref("CT2269050.myStuffPublihserMinWidth", 400); Gelöscht : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Gelöscht : user_pref("CT2269050.myStuffServiceIntervalMM", 1440); Gelöscht : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Gelöscht : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...] Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2269050"); Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050"); Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 60); Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jul 18 2010 16:32:17 GMT+0200"); Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Gelöscht : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true); Gelöscht : user_pref("CommunityToolbar.alert.locale", "en"); Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jul 18 2010 16:32:16 GMT+0200"); Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1276093853"); Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false); Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Gelöscht : user_pref("CommunityToolbar.alert.userId", "{0d37637f-1ea7-4095-a155-7c5c0271d07e}"); Gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Jul 18 2010 16:32:17 GMT+0200"); Gelöscht : user_pref("vshare.install.date", "1285804800000"); Gelöscht : user_pref("vshare.install.finished", "1.0.0"); Gelöscht : user_pref("vshare.install.guid", "{3b77370a-4d88-42be-826a-45daa266bfbf}"); Gelöscht : user_pref("vshare.install.isDisabled", true); Gelöscht : user_pref("vshare.install.isHidden", true); Gelöscht : user_pref("vshare.install.istoolbarhp", true); Gelöscht : user_pref("vshare.install.istoolbarsearch", true); Gelöscht : user_pref("vshare.install.laststatreq", "1290470400000"); Gelöscht : user_pref("vshare.install.newtab", false); ************************* AdwCleaner[S1].txt - [8729 octets] - [21/12/2012 10:09:42] ########## EOF - C:\AdwCleaner[S1].txt - [8789 octets] ########## Logfile mbar Code:
ATTFilter Malwarebytes Anti-Rootkit 1.01.0.1011 www.malwarebytes.org Database version: v2012.12.21.08 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 8.0.7601.17514 TheGreatest :: THEGREATEST-PC [administrator] 21.12.2012 10:38:45 mbar-log-2012-12-21 (10-38-45).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 26466 Time elapsed: 17 minute(s), 23 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Roberto |
22.12.2012, 14:14 | #5 |
/// Helfer-Team | Mouse-Curser spinnt beim Textschreiben Ist das ein Laptop? Ist eine Maus angeschlossen? Was passiert, wenn du das Touchpad abschaltest? |
02.03.2013, 11:09 | #6 |
/// Helfer-Team | Mouse-Curser spinnt beim Textschreiben Fehlende Rückmeldung Gibt es Probleme beim Abarbeiten obiger Anleitung? Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen. Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema. http://www.trojaner-board.de/69886-a...-beachten.html Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.
__________________ --> Mouse-Curser spinnt beim Textschreiben |
07.03.2013, 11:02 | #7 |
| Mouse-Curser spinnt beim Textschreiben Hallo t-john, ja ich habe eine Laptop und festgestellt, dass mein Mouspad abgeschalten war. Nachdem ich es angeschalten habe, ist mein Fehler mit dem Springen der Maus verschwunden. Vielen Dank für deine Hilfe. Seitdem läuft alles ohne Probleme Nochmals Danke! Roberto |
Themen zu Mouse-Curser spinnt beim Textschreiben |
32 bit, antivir, autorun, avira, bho, converter, cursor, defender, email, error, firefox, flash player, format, helper, install.exe, maus, mozilla, officejet, plug-in, registry, rundll, scan, security, senden, software, superantispyware, svchost.exe, taskhost.exe, trojaner-board, udp, virus, wlansvc |