| |
| |||||||
Log-Analyse und Auswertung: .Exe ausgeführt nichts passiert?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
22.06.2010, 17:19
| #1 |
| |  .Exe ausgeführt nichts passiert? Hallo Hab ein Prog runtergeladen, welches Macadress changer heisst. Als ich es ausgeführt habe geschah nichts(Im Hintergrund denke ich passierte was) Zuerst dachte ich vlt. muss man es im Terminal ausführen(cmd) aber dort habe ich es nur ausgeführt und keine Informationen erschienen. Durch meinen Paranoidischem Instinkt dachte ich mir es könnte sich um einen Trojaner handeln. Ich habe diese macadresschanger.exe auf virustotal gescannt und 4 AViren haben es erkannt. Virustotal: ht*t*p://tinyurl.com/2d72fev AVG erkennt es als: BackDoor.Hupigon5.ZGW Was ist das für ein Backdoor? Ist er gefährlich oder nicht.  Hier die Logs ich konnte nichts ungewöhnliches feststellen. OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 22.06.2010 17:31:13 - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Download
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 204.00 Gb Total Space | 33.12 Gb Free Space | 16.24% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC
Current User Name: harry.potter
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{10193AAA-D72D-4A1A-B8AD-A9D9221595E7}" = Intel(R) PROSet/Wireless WiFi-Software
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{404BB1FF-A84F-432F-B77B-301E88E8D1C7}" = Apple Mobile Device Support
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{84ED5482-CFB0-4DD9-BF18-489FFDACD18A}" = Microsoft Antimalware Service DE-DE Language Pack
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials
"{96D5EB02-DE18-4DCD-A713-929B4461CA8D}" = iTunes
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F487FBB-72CA-4A33-94C4-5C4665389A29}" = Sun VirtualBox
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}" = PaperPort Image Printer 64-bit
"{AC76BA86-1033-0000-0064-0003D0000004}" = Adobe Acrobat 9 Pro Extended 64-bit Add-On
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C19D4D8F-4433-4F6D-9F0C-79589FD0B973}" = Bonjour
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E590FD1C-E8C6-4D2E-8CA9-77B403F7EE01}" = Microsoft Antimalware
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft Security Essentials" = Microsoft Security Essentials
"ProInst" = Intel PROSet Wireless
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}" = ScanSoft PaperPort 11
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DF70CB6-553A-4C57-8E6D-87635EECFB78}" = REALTEK Wireless LAN Driver and Utility
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{20E970DF-A7B2-4345-9DEB-72213A29645E}" = Brother MFL-Pro Suite MFC-5890CN
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{329304C3-75E2-4648-BCF3-86CDAF08567F}" = Xirrus Wi-Fi Inspector
"{32A3A4F4-B792-11D6-A78A-00B0D0160180}" = Java(TM) SE Development Kit 6 Update 18
"{357820A5-9AED-4C7C-A6C6-046BDDEC8E81}" = Wireless-G Internet Home Monitoring Camera
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69D990CB-7811-4B39-90AE-2E2DDE8F2DDE}" = Comatic 7 (de-ch)
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}" = SSH Secure Shell
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.5.2.137
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F012533-D5F8-4D42-ABAE-27A4A0BAA27A}_is1" = Ultimate Packer for eXecutables 1.1.1.132
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{882C685B-3735-452E-9B77-D562A6A6AFE3}" = inSSIDer
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9211CCBB-BEFE-4A0C-9199-D7A535DBFE5F}" = Brother MFL-Pro Suite MFC-8860DN
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A589DA26-51BD-475D-8C32-E19E34145842}" = Camtasia Studio 6
"{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}" = eXPert PDF 4
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC68DC11-904B-4911-AD8F-4B397D6A65A2}" = Mercurial 1.5.2
"{BCE46757-7674-4416-BEDB-68205A60409E}" = Canon CanoScan Toolbox 4.1
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = VideoStudio
"{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"52A54646-82AF-4AB5-B103-54210D4BFD96" = AutoScan Network
"ABC Amber vCard Converter" = ABC Amber vCard Converter
"AC3Filter" = AC3Filter (remove only)
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Advanced IP Scanner v1.5" = Advanced IP Scanner v1.5
"Advanced LAN Scanner v1.0 BETA 1" = Advanced LAN Scanner v1.0 BETA 1
"Akamai" = Akamai NetSession Interface
"ASIO4ALL" = ASIO4ALL
"Athan" = Athan Basic 3.8
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor 4_is1" = AVS Video Editor 4
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS YouTube Uploader 2.1_is1" = AVS YouTube Uploader version 2.1
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"CCleaner" = CCleaner
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CoreVorbis Audio Decoder" = CoreVorbis Audio Decoder (remove only)
"DCoder Image Source" = DCoder Image Source (remove only)
"Dell Dock" = Dell Dock
"DirectVobSub" = DirectVobSub (remove only)
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DIVXCodec" = DivX Codec 3.1alpha release
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"EditPlus 3" = EditPlus 3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow [rev 3124] [2009-11-03]
"FFMPEG Core Files" = FFMPEG Core Files (remove only)
"FileZilla Server" = FileZilla Server (remove only)
"FL Studio 9" = FL Studio 9
"FormatFactory" = FormatFactory 2.20
"Foxit Reader" = Foxit Reader
"Free Video to iPhone Converter_is1" = Free Video to iPhone Converter version 2.2
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"Gtk+ Runtime Environment" = Gtk+ Runtime Environment 2.12.9-2
"HaaliMkx" = Haali Media Splitter
"HUFFYUV" = Huffyuv AVI lossless video codec (Remove Only)
"IcoFX_is1" = IcoFX 1.6.4
"IL Download Manager" = IL Download Manager
"ImgBurn" = ImgBurn
"InstallShield_{329304C3-75E2-4648-BCF3-86CDAF08567F}" = Xirrus Wi-Fi Inspector
"InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = Corel VideoStudio 12
"InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Metasploit Framework" = Metasploit Framework 3.3.3
"mmswitch" = Morgan Stream Switcher
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mozilla Thunderbird (3.0.5)" = Mozilla Thunderbird (3.0.5)
"MTA:SA" = MTA:SA v1.0.2
"nbi-glassfish-mod-sun-3.0.0.28.20090708" = Sun GlassFish Enterprise Server v3 Prelude
"nbi-glassfish-mod-sun-3.0.0.74.2" = Sun GlassFish Enterprise Server v3
"nbi-nb-base-6.7.1.0.0" = NetBeans IDE 6.7.1
"nbi-nb-base-6.8.0.0.0" = NetBeans IDE 6.8
"nbi-sjsas-2.1.1.31.20091019" = Sun GlassFish Enterprise Server v2.1.1
"nbi-tomcat-6.0.20.0.0" = Apache Tomcat 6.0.20
"Nmap" = Nmap 5.10BETA1
"No-IP.com DUC" = No-IP.com DUC (remove only)
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"PE Explorer_is1" = PE Explorer 1.99 R6
"PoiZone" = PoiZone
"RealMedia" = RealMedia (remove only)
"Sawer" = Sawer
"SHOUTcast Source" = SHOUTcast Source (remove only)
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 5" = TeamViewer 5
"Toxic Biohazard" = Toxic Biohazard
"UltraISO_is1" = UltraISO Premium V9.33
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.5
"VMware_Workstation" = VMware Workstation
"WinPcapInst" = WinPcap 4.1.1
"Wireshark" = Wireshark 1.2.9
"wLite" = webcamXP Lite
"XviD_is1" = XviD MPEG-4 Video Codec
"ZoomPlayer" = Zoom Player (remove only)
"ZoomPlayerLang" = Zoom Player deutsche Sprachdateien (entfernen)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 22.06.2010 11:28:43 | Computer Name = PC | Source = Brother BrLog | ID = 1001
Description = STMON BrtSTMON: [2010/06/22 17:28:43.268]: [00002776]: FrendlyName
: Brother MFC-5890CN Printer
Error - 22.06.2010 11:28:43 | Computer Name = PC | Source = Brother BrLog | ID = 1001
Description = STMON BrtSTMON: [2010/06/22 17:28:43.268]: [00002776]: Don't Create
FileMapping!!!!
Error - 22.06.2010 11:30:43 | Computer Name = PC | Source = Brother BrLog | ID = 1001
Description = STMON BrtSTMON: [2010/06/22 17:30:43.269]: [00002776]: Error :
ExecMonitor()
Error - 22.06.2010 11:30:43 | Computer Name = PC | Source = Brother BrLog | ID = 1001
Description = STMON BrtSTMON: [2010/06/22 17:30:43.269]: [00002776]: FrendlyName
: Brother MFC-5890CN Printer
Error - 22.06.2010 11:30:43 | Computer Name = PC | Source = Brother BrLog | ID = 1001
Description = STMON BrtSTMON: [2010/06/22 17:30:43.269]: [00002776]: Don't Create
FileMapping!!!!
Error - 22.06.2010 11:32:43 | Computer Name = PC | Source = Brother BrLog | ID = 1001
Description = STMON BrtSTMON: [2010/06/22 17:32:43.281]: [00002776]: Error :
ExecMonitor()
Error - 22.06.2010 11:32:43 | Computer Name = PC | Source = Brother BrLog | ID = 1001
Description = STMON BrtSTMON: [2010/06/22 17:32:43.282]: [00002776]: FrendlyName
: Brother MFC-5890CN Printer
Error - 22.06.2010 11:32:43 | Computer Name = PC | Source = Brother BrLog | ID = 1001
Description = STMON BrtSTMON: [2010/06/22 17:32:43.283]: [00002776]: Don't Create
FileMapping!!!!
Error - 22.06.2010 11:34:43 | Computer Name = PC | Source = Brother BrLog | ID = 1001
Description = STMON BrtSTMON: [2010/06/22 17:34:43.291]: [00002776]: Error :
ExecMonitor()
Error - 22.06.2010 11:34:43 | Computer Name = PC | Source = Brother BrLog | ID = 1001
Description = STMON BrtSTMON: [2010/06/22 17:34:43.292]: [00002776]: FrendlyName
: Brother MFC-5890CN Printer
[ Media Center Events ]
Error - 24.01.2010 02:38:28 | Computer Name = harry.potter-PC | Source = MCUpdate | ID = 0
Description = 07:38:26 - Error connecting to the internet. 07:38:26 - Unable
to contact server..
Error - 25.01.2010 03:13:09 | Computer Name = harry.potter-PC | Source = MCUpdate | ID = 0
Description = 08:13:09 - Failed to retrieve ClientUpdate (Error: Unable to connect
to the remote server)
Error - 27.01.2010 11:48:03 | Computer Name = harry.potter-PC | Source = MCUpdate | ID = 0
Description = 16:48:02 - Failed to retrieve MCESpotlight (Error: Unable to connect
to the remote server)
Error - 28.01.2010 12:14:20 | Computer Name = harry.potter-PC | Source = MCUpdate | ID = 0
Description = 17:14:19 - Failed to retrieve MCEClientUX (Error: Unable to connect
to the remote server)
Error - 30.01.2010 04:47:11 | Computer Name = harry.potter-PC | Source = MCUpdate | ID = 0
Description = 09:47:11 - Failed to retrieve ClientUpdate (Error: Unable to connect
to the remote server)
Error - 06.02.2010 07:41:14 | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 12:41:14 - Failed to retrieve ClientUpdate (Error: Unable to connect
to the remote server)
Error - 10.02.2010 03:44:47 | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 08:44:45 - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
Error - 13.06.2010 08:13:26 | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 14:13:25 - Error connecting to the internet. 14:13:26 - Unable
to contact server..
Error - 13.06.2010 08:14:09 | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 14:13:58 - Error connecting to the internet. 14:13:58 - Unable
to contact server..
Error - 13.06.2010 12:10:36 | Computer Name = PC | Source = MCUpdate | ID = 0
Description = 18:10:35 - Failed to retrieve MCEClientUX (Error: Unable to connect
to the remote server)
[ OSession Events ]
Error - 04.12.2009 13:57:59 | Computer Name = harry.potter-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 474
seconds with 420 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 13.04.2010 07:44:48 | Computer Name = PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "0022FB9FB822", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 13.04.2010 07:44:50 | Computer Name = PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "0022FB9FB823", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 13.04.2010 07:44:51 | Computer Name = PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "0022FB9FB823", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 13.04.2010 07:46:09 | Computer Name = PC | Source = DCOM | ID = 10016
Description =
Error - 13.04.2010 08:00:04 | Computer Name = PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "0022FB9FB822", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 13.04.2010 08:00:05 | Computer Name = PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "002564482D8F", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 13.04.2010 08:00:05 | Computer Name = PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "005056C00001", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 13.04.2010 08:00:05 | Computer Name = PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "005056C00008", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 13.04.2010 08:00:05 | Computer Name = PC | Source = NetBT | ID = 4311
Description = Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht
erstellt werden konnte. Verwenden Sie die Zeichenfolge "0022FB9FB823", um die Schnittstelle
zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse
der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique
Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse
herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar waren, dann
stellt die Zeichenfolge einen Clustergerätenamen dar.
Error - 13.04.2010 08:00:48 | Computer Name = PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Akamai erreicht.
< End of report >
--------------------- OTL Logfile: Code:
ATTFilter OTL logfile created on: 22.06.2010 17:31:13 - Run 1 OTL by OldTimer - Version 3.2.6.1 Folder = C:\Download 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free 8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 204.00 Gb Total Space | 33.12 Gb Free Space | 16.24% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PC Current User Name: james.potter Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010.06.22 17:29:53 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Download\OTL.exe PRC - [2010.05.25 18:08:54 | 001,694,520 | ---- | M] (Piriform Ltd) -- C:\Program Files (x86)\CCleaner\CCleaner.exe PRC - [2010.04.29 12:19:18 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe PRC - [2010.04.06 08:34:59 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010.03.18 11:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe PRC - [2009.10.22 06:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe PRC - [2009.10.22 05:59:58 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe PRC - [2009.10.22 05:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe PRC - [2009.10.22 04:47:54 | 000,563,760 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe PRC - [2009.07.03 11:24:12 | 001,069,056 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtWLan.exe PRC - [2009.06.30 14:10:08 | 000,040,960 | ---- | M] (Realtek) -- C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe PRC - [2009.06.09 16:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe PRC - [2009.05.26 16:46:10 | 001,159,168 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe PRC - [2009.02.24 15:47:06 | 000,143,360 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe PRC - [2008.07.09 23:07:00 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe PRC - [2006.05.04 06:58:56 | 000,998,912 | ---- | M] () -- C:\Program Files (x86)\Visagesoft\eXPert PDF\vspdfprsrv.exe ========== Modules (SafeList) ========== MOD - [2010.06.22 17:29:53 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Download\OTL.exe MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.02.08 17:12:06 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:64bit: - [2009.12.09 21:30:34 | 000,017,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2009.07.14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService) SRV:64bit: - [2009.07.14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\cscsvc.dll -- (CscService) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2009.07.01 19:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:64bit: - [2009.06.09 16:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService) SRV - [2010.05.11 13:35:48 | 002,478,640 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\rswin_3697.dll -- (Akamai) SRV - [2010.04.16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.03.18 11:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5) SRV - [2009.12.31 01:24:34 | 000,703,488 | ---- | M] (FileZilla Project) [On_Demand | Stopped] -- C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe -- (FileZilla Server) SRV - [2009.11.08 01:43:46 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009.10.23 17:18:56 | 003,714,048 | ---- | M] (Moonware Studios) [Disabled | Stopped] -- C:\Program Files (x86)\wLite\wService.exe -- (wxpSvc) SRV - [2009.10.22 06:00:04 | 000,395,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2009.10.22 05:59:58 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService) SRV - [2009.10.22 05:59:48 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2009.10.22 04:47:54 | 000,563,760 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService) SRV - [2009.10.20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2009.10.12 15:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60) SRV - [2009.07.14 05:20:14 | 000,000,000 | ---D | M] [On_Demand | Running] -- C:\Windows\Vss -- (VSS) SRV - [2009.07.14 05:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC) SRV - [2009.07.13 22:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds) SRV - [2009.06.30 14:10:08 | 000,040,960 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe -- (Realtek87B) SRV - [2008.10.25 12:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) ========== Driver Services (SafeList) ========== DRV:64bit: - [2010.03.25 20:52:36 | 000,145,936 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2010.02.10 10:03:28 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs) DRV:64bit: - [2010.01.07 03:20:22 | 000,448,512 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187.sys -- (RTL8187) DRV:64bit: - [2009.11.07 00:50:18 | 000,503,296 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2009.11.06 21:18:27 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin) DRV:64bit: - [2009.10.30 12:23:16 | 007,770,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.10.22 06:01:10 | 000,080,944 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:64bit: - [2009.10.22 06:01:04 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd) DRV:64bit: - [2009.10.22 06:00:58 | 000,068,144 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:64bit: - [2009.10.22 06:00:56 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:64bit: - [2009.10.22 04:47:50 | 000,038,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:64bit: - [2009.10.22 01:13:34 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb) DRV:64bit: - [2009.10.22 01:13:28 | 000,045,104 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge) DRV:64bit: - [2009.10.22 01:13:28 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:64bit: - [2009.10.20 20:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:64bit: - [2009.09.28 10:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009.09.15 21:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R) DRV:64bit: - [2009.08.28 20:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2009.07.29 10:21:58 | 000,717,312 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364) DRV:64bit: - [2009.07.21 12:42:26 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2009.07.21 12:42:26 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009.07.21 12:42:26 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2009.07.21 12:42:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus) DRV:64bit: - [2009.07.14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt) DRV:64bit: - [2009.07.14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.07.14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap) DRV:64bit: - [2009.07.14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID) DRV:64bit: - [2009.07.14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC) DRV:64bit: - [2009.06.17 10:18:00 | 000,716,800 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dnetr7364.sys -- (Dnetr7364) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009.05.14 09:51:40 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Intel(R) DRV:64bit: - [2009.02.05 20:54:10 | 000,225,328 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2008.07.26 16:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64) DRV:64bit: - [2008.07.26 16:25:48 | 000,790,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:64bit: - [2008.07.26 16:22:34 | 002,624,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI) DRV:64bit: - [2008.07.26 16:22:22 | 000,015,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64) DRV:64bit: - [2007.04.03 14:59:20 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s616bus.sys -- (s616bus) Sony Ericsson Device 616 driver (WDM) DRV - [2010.02.10 10:03:28 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\adfs.sys -- (adfs) DRV - [2009.10.31 21:18:28 | 000,000,000 | ---D | M] [Kernel | Disabled | Stopped] -- C:\Windows\CSC -- (CSC) DRV - [2009.10.12 15:31:04 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60) DRV - [2009.06.10 23:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv) DRV - [2009.06.10 23:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip) DRV - [2009.02.10 18:23:10 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 69 3F DC D2 93 A9 CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Winamp Search" FF - prefs.js..browser.search.defaulturl: "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast-chromesbox-en-us&query=" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.ch" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: info@youtube-mp3.org:1.0.1 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.87 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..keyword.URL: "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast-ab-en-us&query=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.05.10 12:08:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.06.01 16:12:04 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.06.19 19:00:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.06.01 16:12:04 | 000,000,000 | ---D | M] [2010.01.25 21:14:05 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\mozilla\Extensions [2010.01.25 21:14:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\james.potter\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.06.22 17:28:21 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\mozilla\Firefox\Profiles\xiw8o000.default\extensions [2010.06.13 15:26:50 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\james.potter\AppData\Roaming\mozilla\Firefox\Profiles\xiw8o000.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010.05.09 10:30:17 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\james.potter\AppData\Roaming\mozilla\Firefox\Profiles\xiw8o000.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.05.25 13:47:29 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\mozilla\Firefox\Profiles\xiw8o000.default\extensions\info@youtube-mp3.org [2010.06.11 11:50:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010.06.11 11:50:29 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.05.14 14:23:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010.03.13 00:45:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.03.13 00:45:49 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2010.03.13 00:45:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.03.13 00:45:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.03.13 00:45:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.02.08 17:10:06 | 000,359,066 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 123haustiereundmehr.com O1 - Hosts: 12322 more lines... O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found. O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe (Dell Inc.) O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [PPort11reminder] C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [vspdfprsrv.exe] C:\Program Files (x86)\Visagesoft\eXPert PDF\vspdfprsrv.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.242.193.130 80.242.192.81 O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (acaptuser64.dll) - C:\Windows\SysNative\acaptuser64.dll (Adobe Systems, Inc.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (C:\Windows\SYSTEM32\RtlGina\RtlGina.DLL) - C:\Windows\SysWOW64\RtlGina\RtlGina.dll (Realtek) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Value error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\igfxcui: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.10.14 12:12:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{6e52f7ca-0f55-11df-add7-f409c74f3f9f}\Shell - "" = AutoRun O33 - MountPoints2\{6e52f7ca-0f55-11df-add7-f409c74f3f9f}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O33 - MountPoints2\D\Shell - "" = AutoRun O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Autorun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.06.22 17:27:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro [2010.06.22 17:27:24 | 000,000,000 | ---D | C] -- C:\rsit [2010.06.19 19:37:57 | 000,000,000 | ---D | C] -- C:\Users\james.potter\AppData\Roaming\Wireshark [2010.06.19 19:32:55 | 000,000,000 | ---D | C] -- C:\Users\james.potter\AppData\Roaming\PE Explorer [2010.06.19 19:32:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PE Explorer [2010.06.19 19:31:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wireshark [2010.06.14 17:27:48 | 000,000,000 | ---D | C] -- C:\Users\james.potter\AppData\Local\TechSmith [2010.06.14 17:20:07 | 000,000,000 | ---D | C] -- C:\Users\james.potter\Documents\Camtasia Studio [2010.06.11 12:25:12 | 000,000,000 | ---D | C] -- C:\b0edf2ad48dc603628 [2010.06.11 12:02:29 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010.06.11 12:02:29 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010.06.11 12:02:29 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010.06.11 12:02:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010.06.11 11:49:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2010.06.08 13:26:14 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BROSNMP.DLL [2010.06.08 11:42:24 | 000,000,000 | ---D | C] -- C:\Users\james.potter\AppData\Roaming\Zeon [2010.06.08 11:42:14 | 000,000,000 | ---D | C] -- C:\Users\james.potter\AppData\Roaming\ScanSoft [2010.06.05 18:11:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\avg [2010.06.05 17:48:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2010.06.05 17:48:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2010.06.05 17:47:51 | 000,000,000 | ---D | C] -- C:\Users\james.potter\AppData\Roaming\AVG9 [2010.06.02 10:50:50 | 000,000,000 | -H-D | C] -- C:\$AVG [2010.06.02 10:45:21 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9 [2010.06.02 10:45:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2010.05.31 15:03:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla Server [2010.05.31 14:51:15 | 000,000,000 | ---D | C] -- C:\Users\james.potter\Documents\keys [2010.05.31 14:49:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\freeSSHd [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.06.22 17:34:48 | 008,912,896 | -HS- | M] () -- C:\Users\james.potter\NTUSER.DAT [2010.06.22 17:34:22 | 000,025,942 | ---- | M] () -- C:\Users\james.potter\Documents\cc_20100622_173416.reg [2010.06.22 17:28:57 | 000,001,849 | ---- | M] () -- C:\Users\james.potter\Desktop\CCleaner.lnk [2010.06.22 17:24:53 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.06.22 17:24:53 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.06.22 17:15:54 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.06.22 17:15:38 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.06.22 17:15:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.06.22 17:15:20 | 3191,623,680 | -HS- | M] () -- C:\hiberfil.sys [2010.06.19 19:38:07 | 004,363,721 | -H-- | M] () -- C:\Users\james.potter\AppData\Local\IconCache.db [2010.06.19 19:31:46 | 000,001,758 | ---- | M] () -- C:\Users\james.potter\Application Data\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk [2010.06.19 19:00:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.06.19 16:36:59 | 000,002,003 | ---- | M] () -- C:\Users\james.potter\Desktop\Buzz Effect Adapter - Verknüpfung.lnk [2010.06.15 20:02:31 | 000,001,532 | ---- | M] () -- C:\Users\james.potter\Desktop\Neues Textdokument.html [2010.06.15 20:02:20 | 000,001,532 | ---- | M] () -- C:\Users\james.potter\Desktop\Neues Textdokument.html.bak [2010.06.14 09:22:09 | 002,202,698 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.06.14 09:22:09 | 000,644,390 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.06.14 09:22:09 | 000,609,874 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.06.14 09:22:09 | 000,604,442 | ---- | M] () -- C:\Windows\SysNative\perfh01F.dat [2010.06.14 09:22:09 | 000,127,272 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.06.14 09:22:09 | 000,119,410 | ---- | M] () -- C:\Windows\SysNative\perfc01F.dat [2010.06.14 09:22:09 | 000,104,778 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.06.12 17:35:55 | 003,055,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.06.08 13:28:36 | 000,000,308 | ---- | M] () -- C:\Windows\Brpfx04a.ini [2010.06.08 13:28:36 | 000,000,093 | ---- | M] () -- C:\Windows\brpcfx.ini [2010.06.08 13:28:21 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI [2010.06.08 13:28:21 | 000,000,034 | ---- | M] () -- C:\Windows\SysWow64\BD8860DN.DAT [2010.06.08 13:28:20 | 000,000,034 | ---- | M] () -- C:\Windows\SysWow64\BD8660DN.DAT [2010.06.08 13:26:51 | 000,000,050 | ---- | M] () -- C:\Windows\SysNative\bd8860dn.dat [2010.06.06 18:28:01 | 000,277,385 | RHS- | M] () -- C:\RPDOE [2010.06.06 18:28:01 | 000,000,020 | RHS- | M] () -- C:\win7.ld [2010.06.03 13:40:24 | 003,953,876 | ---- | M] () -- C:\Users\james.potter\Desktop\- [2010.06.01 16:12:04 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.05.28 22:49:39 | 000,041,799 | ---- | M] () -- C:\Users\james.potter\Documents\Faebe.rtf [2010.05.27 09:24:13 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010.05.27 08:34:09 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010.05.27 06:11:32 | 000,366,080 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010.05.27 05:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010.05.25 15:07:15 | 000,160,492 | ---- | M] () -- C:\Users\james.potter\Folien2.docx [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.06.22 17:28:57 | 000,001,849 | ---- | C] () -- C:\Users\james.potter\Desktop\CCleaner.lnk [2010.06.19 19:31:46 | 000,001,758 | ---- | C] () -- C:\Users\james.potter\Application Data\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk [2010.06.19 16:36:59 | 000,002,003 | ---- | C] () -- C:\Users\james.potter\Desktop\Buzz Effect Adapter - Verknüpfung.lnk [2010.06.15 19:50:55 | 000,001,532 | ---- | C] () -- C:\Users\james.potter\Desktop\Neues Textdokument.html.bak [2010.06.15 19:42:27 | 000,001,532 | ---- | C] () -- C:\Users\james.potter\Desktop\Neues Textdokument.html [2010.06.08 13:28:21 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD8860DN.DAT [2010.06.08 13:26:51 | 000,000,050 | ---- | C] () -- C:\Windows\SysNative\bd8860dn.dat [2010.06.06 18:28:01 | 000,277,385 | RHS- | C] () -- C:\RPDOE [2010.06.06 18:28:01 | 000,000,020 | RHS- | C] () -- C:\win7.ld [2010.06.06 18:24:26 | 003,953,876 | ---- | C] () -- C:\Users\james.potter\Desktop\- [2010.06.01 16:12:04 | 000,001,974 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.05.28 22:20:44 | 000,041,799 | ---- | C] () -- C:\Users\james.potter\Documents\Faebe.rtf [2010.05.25 15:07:15 | 000,160,492 | ---- | C] () -- C:\Users\james.potter\Folien2.docx [2010.05.11 17:00:20 | 000,014,336 | ---- | C] () -- C:\Windows\SysWow64\vsmon1.dll [2010.04.03 15:34:56 | 000,000,308 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2010.04.03 15:34:56 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini [2010.04.03 15:34:19 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2010.04.03 15:33:00 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll [2010.04.03 15:33:00 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini [2010.04.03 14:50:30 | 000,031,864 | ---- | C] () -- C:\Windows\maxlink.ini [2010.03.08 11:11:04 | 002,225,292 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.02.09 17:09:05 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010.02.09 17:06:20 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL [2010.02.09 17:06:20 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI [2009.12.17 21:02:56 | 000,000,000 | ---- | C] () -- C:\Windows\Tb2Desk.INI [2009.11.28 23:13:19 | 000,007,420 | ---- | C] () -- C:\Windows\UA000104.DLL [2009.11.28 23:10:23 | 000,209,040 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll [2009.11.28 23:10:23 | 000,204,944 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll [2009.11.28 23:10:23 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll [2009.11.28 23:10:23 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll [2009.11.28 23:10:23 | 000,192,656 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll [2009.11.28 23:10:23 | 000,024,720 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll [2009.11.28 17:47:43 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2009.11.28 17:47:43 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2009.11.18 00:47:17 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009.10.20 20:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2004.12.20 12:08:28 | 000,155,648 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2004.12.20 12:03:26 | 000,679,936 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2002.10.06 20:42:57 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll [2002.10.05 01:04:25 | 000,921,600 | ---- | C] () -- C:\Windows\SysWow64\vorbisenc.dll [2002.10.05 01:04:24 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll [2002.10.05 01:04:17 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll [2002.03.17 02:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000106.DLL ========== LOP Check ========== [2010.06.05 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\AVG9 [2010.06.19 18:38:10 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\EditPlus 3 [2010.05.11 17:10:18 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\eXPert PDF Editor [2010.04.06 12:42:33 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\IcoFX [2010.02.03 18:57:22 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\ImgBurn [2010.01.28 07:46:38 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\OpenOffice.org [2010.06.19 19:33:18 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\PE Explorer [2010.06.08 11:42:14 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\ScanSoft [2010.06.15 12:24:25 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\SSH [2009.11.28 17:40:15 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\SystemRequirementsLab [2009.12.23 20:12:07 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\TeamViewer [2010.01.25 21:14:04 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\Thunderbird [2009.11.29 13:20:04 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\Ulead Systems [2010.04.15 23:32:56 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\uTorrent [2009.11.11 21:58:37 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\VitySoft [2009.11.06 21:22:29 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\Vso [2010.06.19 19:37:57 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\Wireshark [2010.06.08 11:42:24 | 000,000,000 | ---D | M] -- C:\Users\james.potter\AppData\Roaming\Zeon [2010.04.05 06:09:23 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Vielen Dank für eure Zeit. --SEARCH-- |
|
22.06.2010, 17:32
| #2 |
| /// Malware-holic   | .Exe ausgeführt nichts passiert? download malwarebytes:
__________________Malwarebytes öffnen, registerkarte aktualisierung, programm updaten. registerkarte scanner, komplett scan, funde löschen, log posten. |
|
23.06.2010, 07:49
| #3 | |
| | .Exe ausgeführt nichts passiert? Ich wollte die .exe hier uploaden aber folgender Fehler kam:
__________________Zitat:
Passwort= trojaner (Link entfernt) Der echte Download-Link: (Link entfernt) Geändert von cosinus (30.05.2012 um 21:30 Uhr) |
|
23.06.2010, 07:55
| #4 | |
| | .Exe ausgeführt nichts passiert? Ja ich habe mit Malwarebytes einen Scan durchgeführt er hat jedoch nichts gefunden. Hier die Logs: Zitat:
|
|
23.06.2010, 11:21
| #5 |
| /// Malware-holic | .Exe ausgeführt nichts passiert? hi, 1. kein Malwarebytes update. bitte update malwarebytes 2. solltest du mal bitte in deine persönlichen nachichten gucken. |
|
23.06.2010, 13:56
| #6 |
| | .Exe ausgeführt nichts passiert? Also hier nochmal der Link von dieser .exe Passwort= trojaner (Link entfernt) Der echte Download-Link: (Link entfernt) Gibt es eine Möglichkeit diese .exe zu starten um dadurch herauszufinden welche Ordner er braucht(beschreibt?). ---- Ich habe kurz danach MalwarebytesDatenbank geupdated und nochmal gescannt. Aber gleicher Log. --|--|--|-- --|--|--|-- --v--v--v-- Geändert von cosinus (30.05.2012 um 21:28 Uhr) |
|
23.06.2010, 14:34
| #7 |
| /// Malware-holic | .Exe ausgeführt nichts passiert? wer von so ner seite downloaded sollte wissen was er tut und sich am ende nicht wundern, wenn er malware auf dem system hat. bei mir tut die datei auch nichts und bei ner online auswertung ebenso nichts... schon mal dein antivirus geupdatet und gescant? |
|
28.06.2010, 13:52
| #8 |
| | .Exe ausgeführt nichts passiert? Ich habe mich mit der "Cyber Warrior" kontaktiert. Und habe festgestellt, dass es sich nicht um einen Trojaner oder dergleichen handelt.Ich habe es unter WinXP ausgeführt und es hat einwandfrei funktioniert. Sorry...  ---  --- Somit wäre es erledigt. Danke nochmal |
|
| Themen zu .Exe ausgeführt nichts passiert? |
| 64-bit, 7-zip, adblock, adobe, akamai, bho, c:\windows\system32\rundll32.exe, canon, components, defender, entfernen, error, excel, expert pdf, failed, firefox.exe, flash player, google, google earth, home, hupigon5, install.exe, langs, location, logfile, malwarebytes' anti-malware, media center, microsoft office word, microsoft security, mozilla, mozilla thunderbird, object, office 2007, oldtimer, photoshop, programdata, realtek, registry, rundll, saver, searchplugins, security, security update, server, shell32.dll, shortcut, software, studio, syswow64, trojaner, usb, virus, vlc media player, webcheck, windows, wireless lan |
Linear-Darstellung
