| Digital Protection Virus trotz Malwarebytes' Anti-Malware Alles klar, gesagt, getan!
Extras.txt Zitat:
OTL Extras logfile created on: 01.05.2010 20:45:43 - Run 1
OTL by OldTimer - Version 3.2.4.0 Folder = C:\Dokumente und Einstellungen\***\Eigene Dateien
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 465,76 Gb Total Space | 395,43 Gb Free Space | 84,90% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 2,97 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ***
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Office2003\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\Programme\Office2003\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VLC Player\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Programme\VLC Player\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNetisabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNetisabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNetisabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNetisabled:@xpsp2res.dll,-22002
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4 ========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\QIP Infium\qip.exe" = C:\Programme\QIP Infium\qip.exe:*:Enabled:Quiet Internet Pager -- File not found
"C:\Programme\QIP 2005 (8092)\qip.exe" = C:\Programme\QIP 2005 (8092)\qip.exe:*:Enabled:Quiet Internet Pager -- File not found
"C:\Programme\Resolume VJ 2.41\resolume.exe" = C:\Programme\Resolume VJ 2.41\resolume.exe:*:Enabled:Resolume 2.41 -- (Resolume V.O.F)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\DNA\btdna.exe" = C:\Programme\DNA\btdna.exe:*:EnabledNA -- (BitTorrent, Inc.)
"C:\Programme\BitTorrent\bittorrent.exe" = C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Programme\Firefox\firefox.exe" = C:\Programme\Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\CryptLoad_1.1.6\CryptLoad.exe" = C:\Programme\CryptLoad_1.1.6\CryptLoad.exe:*:Enabled:CryptLoad -- (hxxp://cryptload.info)
"C:\Programme\CryptLoad_1.1.6\RouterClient.exe" = C:\Programme\CryptLoad_1.1.6\RouterClient.exe:*:Enabled:RouterClient -- (hxxp://cryptload.info)
"C:\Programme\Vidomi (AVI Komprimierer)\slave.exe" = C:\Programme\Vidomi (AVI Komprimierer)\slave.exe:*:Enabled:slave -- File not found
"C:\Programme\QIP 2005 (8095)\qip.exe" = C:\Programme\QIP 2005 (8095)\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP) ========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 20
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3215EBED-1D06-42fb-A05C-A752A46FB24C}" = Canon MP530
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HydraVision
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}" = Cisco Systems VPN Client 5.0.04.0300
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90170407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{C5C649A8-1D21-4C83-9B08-7B3752E580F4}" = Safari
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"Adobe Acrobat 7.0 Professional" = Adobe Acrobat 7.1.0 Professional
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner
"Digital Protection" = Digital Protection
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"FileZilla" = FileZilla (remove only)
"FinePrint" = FinePrint
"HijackThis" = HijackThis 2.0.2
"Kalenderchen_is1" = Kalenderchen 4
"MAGIX Video deluxe 2008 PLUS D" = MAGIX Video deluxe 2008 PLUS 7.5.0.20 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"MozBackup" = MozBackup 1.4.10
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MP Navigator 2.2" = Canon MP Navigator 2.2
"MSN BackUp" = MSN BackUp 1.3.2
"NVIDIA Drivers" = NVIDIA Drivers
"PhotomatixPro3_is1" = Photomatix Pro version 3.0.3RC2
"PhotoScape" = PhotoScape
"Resolume 2.41_is1" = Resolume 2.41
"Streamripper" = Streamripper (Remove only)
"SUPER ©" = SUPER © Version 2009.bld.35 (Jan 5, 2009)
"VLC media player" = VLC media player 0.9.8a
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 1.1 ========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA ========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 07.03.2010 08:22:18 | Computer Name = ***| Source = EventSystem | ID = 4609
Description = Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während
der internen Verarbeitung erkannt. HRESULT war 800706BA von Zeile 44 von d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Wenden Sie sich an den Microsoft-Produktsuppor
Error - 07.03.2010 08:22:18 | Computer Name = ***| Source = VSS | ID = 8193
Description = Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance"
ist ein unerwarteter Fehler aufgetreten. hr = 0x80040206.
Error - 12.03.2010 11:29:38 | Computer Name = ***| Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 12.03.2010 11:29:38 | Computer Name = ***| Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 04.04.2010 08:43:50 | Computer Name = ***| Source = MsiInstaller | ID = 11721
Description = Produkt: Apple Software Update -- Fehler 1721. Es liegt ein dieses
Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der Installation
erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an das
Supportpersonal oder den Hersteller des Pakets. Aktion: SoftwareUpdate_UnregServer,
Pfad: C:\Programme\Apple Software Update\SoftwareUpdate.exe, Befehl: /UnregServer
Error - 06.04.2010 10:29:19 | Computer Name = ***| Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung svchost.exe, Version 5.1.2600.5512, fehlgeschlagenes
Modul ntdll.dll, Version 5.1.2600.5755, Fehleradresse 0x00010a19.
Error - 08.04.2010 03:48:59 | Computer Name = ***| Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.2.3743, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 08.04.2010 04:19:32 | Computer Name = ***| Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.2.3743, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 21.04.2010 16:56:45 | Computer Name = ***| Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung EXCEL.EXE, Version 11.0.8320.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 01.05.2010 05:44:05 | Computer Name = ***| Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 01.05.2010 05:37:58 | Computer Name = ***| Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 01.05.2010 06:32:58 | Computer Name = ***| Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
Error - 01.05.2010 06:33:02 | Computer Name = ***| Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 01.05.2010 06:33:10 | Computer Name = ***| Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 01.05.2010 06:34:25 | Computer Name = ***| Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Fips i8042prt Processor sptd
Error - 01.05.2010 07:39:06 | Computer Name = ***| Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 01.05.2010 07:40:30 | Computer Name = ***| Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 01.05.2010 07:45:49 | Computer Name = ***| Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 01.05.2010 10:25:46 | Computer Name = ***| Source = MRxSmb | ID = 8003
Description = Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "THORSTEN",
der
der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{389ECF49-8AD4-441B--Transport
zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error - 01.05.2010 14:17:24 | Computer Name = ***| Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
< End of report >
| OTL.txt Zitat:
OTL logfile created on: 01.05.2010 20:45:42 - Run 1
OTL by OldTimer - Version 3.2.4.0 Folder = C:\Dokumente und Einstellungen\***\Eigene Dateien
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 465,76 Gb Total Space | 395,43 Gb Free Space | 84,90% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 2,97 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ***
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal ========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\***\Eigene Dateien\OTL.exe (OldTimer Tools)
PRC - C:\Dokumente und Einstellungen\***\Desktop\+Backup\+Programme\CryptLoad.exe (hxxp://cryptload.info)
PRC - C:\Programme\Digital Protection\digprot.exe ()
PRC - C:\Programme\Java\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Google\Update\1.2.183.23\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\QIP 2005 (8095)\qip.exe (The Author of QIP)
PRC - C:\Programme\VPN Client Win XP\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Programme\Outlook Express\msimn.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\***\Eigene Dateien\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\mlang.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ==========
SRV - (JavaQuickStarterService) -- C:\Programme\Java\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Adobe LM Service) -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (CVPND) -- C:\Programme\VPN Client Win XP\cvpnd.exe (Cisco Systems, Inc.)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ==========
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs, LLC)
DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (nvatabus) -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys (NVIDIA Corporation)
DRV - (nvraid) NVIDIA nForce(tm) -- C:\WINDOWS\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (SiFilter) -- C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc.)
DRV - (Si3132r5) -- C:\WINDOWS\system32\DRIVERS\Si3132r5.sys (Silicon Image, Inc)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: {52b953ce-34d5-4a87-94c7-90008d5de851}:2.7
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:3.6.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - HKLM\software\mozilla\Firefox\extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Programme\Google\Google Gears\Firefox\ [2010.03.06 02:39:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Programme\Java\lib\deploy\jqs\ff [2009.04.04 22:24:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programme\Firefox\components [2010.04.24 01:56:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programme\Firefox\plugins [2010.04.15 20:39:32 | 000,000,000 | ---D | M]
[2009.03.16 02:11:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2010.04.29 22:57:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\019wmn58.default\extensions
[2010.01.26 02:45:41 | 000,000,000 | ---D | M] (Guxxmail [de]) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\019wmn58.default\extensions\{52b953ce-34d5-4a87-94c7-90008d5de851}
[2010.04.14 00:05:16 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\019wmn58.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
O1 HOSTS File: ([2009.03.20 02:26:10 | 000,000,851 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DMS-Kalenderchen] C:\Programme\Kalenderchen\Kalenderchen.exe (Daniel Manger Software)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (rootkit-scan)] C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrayServer] C:\Programme\Magix Video\Trayserver.exe (MAGIX AG)
O4 - HKLM..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe ()
O4 - HKCU..\Run: [asrkn_pfu.exe] C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\asrkn_pfu.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Programme\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Digital Protection] C:\Programme\Digital Protection\digprot.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Frontpage 2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.03.15 22:09:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.07.15 21:39:51 | 000,000,122 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{0e5ed375-d748-11de-8710-0015f2aa9056}\Shell - "" = AutoRun
O33 - MountPoints2\{0e5ed375-d748-11de-8710-0015f2aa9056}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0e5ed375-d748-11de-8710-0015f2aa9056}\Shell\AutoRun\command - "" = F:\laucher.exe -- File not found
O33 - MountPoints2\{a14a4e5c-2dec-11df-87ba-0015f2aa9056}\Shell - "" = AutoRun
O33 - MountPoints2\{a14a4e5c-2dec-11df-87ba-0015f2aa9056}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a14a4e5c-2dec-11df-87ba-0015f2aa9056}\Shell\AutoRun\command - "" = F:\sources\sperr32.exe -- [2009.07.15 21:39:51 | 000,123,472 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\start.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ==========
[2010.05.01 20:44:58 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Eigene Dateien\OTL.exe
[2010.05.01 20:08:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\FinePrint files
[2010.05.01 19:56:03 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Nero
[2010.05.01 19:30:58 | 000,000,000 | ---D | C] -- C:\Programme\MSN BackUp
[2010.05.01 18:54:14 | 000,000,000 | ---D | C] -- C:\Programme\MozBackup
[2010.05.01 17:16:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\+Backup
[2010.05.01 15:14:22 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\PC Tools
[2010.05.01 15:14:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.05.01 15:12:10 | 000,000,000 | ---D | C] -- C:\Programme\Digital Protection
[2010.05.01 12:26:50 | 000,000,000 | ---D | C] -- C:\Programme\trend micro
[2010.05.01 12:26:50 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.01 05:46:18 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***\Recent
[2010.05.01 05:38:14 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.05.01 05:27:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010.05.01 05:03:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes
[2010.05.01 05:03:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.05.01 05:03:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.05.01 05:03:34 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.05.01 05:03:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.04.15 20:39:32 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.04.15 20:39:32 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.04.15 20:39:32 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.04.15 20:39:32 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.04.08 10:30:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2010.04.08 10:30:52 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ==========
[2010.05.01 20:48:16 | 000,966,250 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.01 20:48:16 | 000,415,800 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.05.01 20:48:16 | 000,401,200 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.01 20:48:16 | 000,075,194 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.05.01 20:48:16 | 000,062,480 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.01 20:45:12 | 000,023,056 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fiosejgfse.dll
[2010.05.01 20:45:09 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Eigene Dateien\OTL.exe
[2010.05.01 20:44:00 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.01 20:44:00 | 000,001,096 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.01 20:10:35 | 000,230,400 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.01 20:03:58 | 007,077,888 | ---- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.dat
[2010.05.01 19:30:58 | 000,000,673 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\MSN BackUp.lnk
[2010.05.01 19:30:52 | 003,322,867 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\msnbackup132.exe
[2010.05.01 18:58:37 | 3192,264,704 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\DE_WINDOWS_7_PROFESSIONAL_X64_DVD_X15-65813.ISO
[2010.05.01 18:54:14 | 000,000,674 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MozBackup.lnk
[2010.05.01 16:49:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.01 15:13:20 | 000,001,595 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Digital Protection Support.lnk
[2010.05.01 15:13:20 | 000,000,691 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Digital Protection.lnk
[2010.05.01 15:12:04 | 000,001,581 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\pornotube.com.lnk
[2010.05.01 15:12:04 | 000,001,577 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\nudetube.com.lnk
[2010.05.01 15:12:04 | 000,001,573 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\youporn.com.lnk
[2010.05.01 15:01:49 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.01 15:01:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.01 15:00:53 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.ini
[2010.05.01 15:00:49 | 003,775,690 | -H-- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010.05.01 13:45:14 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.05.01 13:45:14 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.05.01 13:45:14 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.05.01 05:03:47 | 000,000,147 | ---- | M] () -- C:\WINDOWS\System32\PRAGMAsrcr.dat
[2010.05.01 04:24:37 | 000,057,344 | ---- | M] () -- C:\WINDOWS\System32\pragmabbr.dll
[2010.05.01 04:24:34 | 000,057,344 | ---- | M] () -- C:\WINDOWS\System32\pragmaserf.dll
[2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 12:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.26 23:54:00 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.04.12 17:29:27 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.04.12 17:29:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.04.12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.04.12 15:19:02 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.04.02 00:10:13 | 000,025,908 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ==========
[2010.05.01 19:30:58 | 000,000,673 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\MSN BackUp.lnk
[2010.05.01 19:30:43 | 003,322,867 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\msnbackup132.exe
[2010.05.01 18:54:14 | 000,000,674 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MozBackup.lnk
[2010.05.01 16:54:42 | 3192,264,704 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\DE_WINDOWS_7_PROFESSIONAL_X64_DVD_X15-65813.ISO
[2010.05.01 15:14:08 | 000,023,056 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fiosejgfse.dll
[2010.05.01 15:13:20 | 000,000,691 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Digital Protection.lnk
[2010.05.01 15:12:04 | 000,001,581 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\pornotube.com.lnk
[2010.05.01 15:12:04 | 000,001,577 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\nudetube.com.lnk
[2010.05.01 15:12:04 | 000,001,573 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\youporn.com.lnk
[2010.05.01 13:57:49 | 000,001,595 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Digital Protection Support.lnk
[2010.05.01 04:24:35 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\pragmabbr.dll
[2010.05.01 04:24:32 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\pragmaserf.dll
[2010.05.01 04:24:29 | 000,000,147 | ---- | C] () -- C:\WINDOWS\System32\PRAGMAsrcr.dat
[2010.04.04 14:43:50 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.03.12 17:30:24 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.05.01 19:56:24 | 000,000,076 | ---- | C] () -- C:\WINDOWS\KTEL.INI
[2009.03.17 23:00:40 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009.03.17 22:10:37 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009.03.17 22:06:40 | 000,006,768 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009.03.17 15:05:14 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7R.DLL
[2009.03.17 15:04:19 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\CNCFLaNL.DLL
[2009.03.17 03:30:46 | 000,051,712 | ---- | C] () -- C:\WINDOWS\System32\coodest.dll
[2009.03.16 05:44:25 | 000,000,748 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.03.16 00:46:23 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2009.03.16 00:44:34 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.03.16 00:44:31 | 000,026,765 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.03.16 00:44:24 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008.08.29 13:58:26 | 000,197,408 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2008.08.29 13:58:16 | 000,193,312 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2002.05.13 11:16:19 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll ========== Alternate Data Streams ==========
@Alternate Data Stream - 121 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMPFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A8ADE5D8
< End of report >
|
__________________ |