|
Log-Analyse und Auswertung: Notebook sehr langsam, hab mir wohl was eingefangenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
26.07.2010, 00:19 | #1 |
| Notebook sehr langsam, hab mir wohl was eingefangen Hallo, ich würde mich sehr über eine kurze Hilfe freuen: auf meinem Notebook läuft immer der Kaspersky Internet Security, ich glaube aber trotzdem, dass ich mir was eingefangen habe. Ich wollte heute auch mal einen Check von Kaspersky Internet Security aus machen, allerdings wurde dieser auf Grund eines Problems nach 5 Stunden abgebrochen (bis dahin waren schon 3 Trojaner gefunden, und 11 Prozent des Systems überprüft). Mein Notebook ist einfach verdammt langsam geworden... Anbei habe ich mal ein hijackthis-Log. Bin für jede Hilfe dankbar!!! Ich bin mir auch nicht ganz sicher, ob schon immer im Hintergrund die "Mph.exe" läuft. Wie kann ich da rausfinden, für was die gut ist oder ob die was "böses" macht? Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:10:57, on 26.07.2010 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.17037) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Users\BENEDI~1\AppData\Local\Temp\Mph.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\RtHDVCpl.exe C:\Program Files\LG Software\LG Magnifier\MagnifyingGlass.exe C:\Program Files\LG Software\LG Magnifier\Maglev.exe C:\Program Files\LG Software\On Screen Display\HotKey.exe C:\Program Files\LG Software\BatteryMiser\BatteryMiser5.exe C:\Program Files\lg_swupdate\GiljabiStart.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Windows\ehome\ehtray.exe C:\Users\xxx\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\Program Files\Mozilla Firefox\plugin-container.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.icq.com/start R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O1 - Hosts: ::1 localhost O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Companion.JS BHO - {ADDEE521-F1CC-4B89-8C88-B2CF625B9163} - C:\Program Files\Core Services\Companion.JS\CompanionJS.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [LG Magnifier] %ProgramFiles%\LG Software\LG Magnifier\MagnifyingGlass.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [KeybdUtility] C:\Program Files\LG Software\On Screen Display\HotKey.exe O4 - HKLM\..\Run: [BatteryMiser 5] C:\Program Files\LG Software\BatteryMiser\BatteryMiser5.exe O4 - HKLM\..\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\giljabistart.exe" Gilautouc O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avp] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [Google Update] "C:\Users\xxx\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Halo2] rundll32.exe C:\Users\xxx~1\AppData\Local\Temp\sshnas21.dll,GetMainWnd O4 - HKCU\..\Run: [XA5RJ9EADJ] C:\Users\xxx~1\AppData\Local\Temp\Mph.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Free YouTube Download - C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Companion.JS - {0402343A-B530-482b-AA27-A61CEC3E4D2E} - C:\Program Files\Core Services\Companion.JS\CompanionJS.dll O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O13 - Gopher Prefix: O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Kaspersky Internet Security (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing) O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- End of file - 9332 bytes |
27.07.2010, 13:48 | #2 | |||
/// Winkelfunktion /// TB-Süch-Tiger™ | Notebook sehr langsam, hab mir wohl was eingefangenZitat:
Zitat:
Dass das nicht funktioniert wird hier mit diesen Schdälingseinträgen verdeutlicht: Zitat:
Bitte einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
27.07.2010, 23:12 | #3 |
| Notebook sehr langsam, hab mir wohl was eingefangen danke schomal für die Hilfe!
__________________Hab einen Vollscan mit Malwarebytes gemacht: Code:
ATTFilter Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4357 Windows 6.0.6000 Internet Explorer 7.0.6000.17037 27.07.2010 23:45:30 mbam-log-2010-07-27 (23-45-30).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 362554 Laufzeit: 7 Stunde(n), 20 Minute(n), 54 Sekunde(n) Infizierte Speicherprozesse: 1 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 6 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 1 Infizierte Verzeichnisse: 0 Infizierte Dateien: 8 Infizierte Speicherprozesse: C:\Users\xxx\AppData\Local\Temp\Mph.exe (Trojan.FakeAlert) -> Failed to unload process. Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XA5RJ9EADJ (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("%1" %*) Good: (regedit.exe "%1") -> Quarantined and deleted successfully. Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Users\xxx\AppData\Local\Temp\Mph.exe (Trojan.FakeAlert) -> Delete on reboot. C:\Program Files\Adobe\Adobe.Photoshop.CS3.Extended.Keymaker.Repack.Only-ZWT\Adobe.Photoshop.CS3.Extended.Keymaker.Repack.Only-ZWT\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. C:\Users\xxx\AppData\Local\Temp\Mpf.exe (Trojan.FraudPack) -> Quarantined and deleted successfully. C:\Users\xxx\AppData\Local\Temp\Mpg.exe (Trojan.FraudPack) -> Quarantined and deleted successfully. C:\Windows\Temp\TMP0000000B2CFA0BD3E64B37B1 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Program Files\ICQToolbar\toolbaru.dll (Trojan.BHO) -> Quarantined and deleted successfully. Code:
ATTFilter OTL logfile created on: 27.07.2010 23:50:23 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\xxx\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.17037) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.014,00 Mb Total Physical Memory | 308,00 Mb Available Physical Memory | 30,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 53,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 110,79 Gb Total Space | 26,25 Gb Free Space | 23,70% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: xxx-PC Current User Name: xxx Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\xxx\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe (Kaspersky Lab) PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe () PRC - C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Programme\lg_swupdate\GiljabiStart.exe (BIT LEADER) PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\LG Software\On Screen Display\HotKey.exe (LG Electronics) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\LG Software\LG Magnifier\Maglev.exe (LG Electronics Inc.) PRC - C:\Programme\LG Software\LG Magnifier\MagnifyingGlass.exe (LG Electronics Inc.) PRC - C:\Programme\LG Software\BatteryMiser\BatteryMiser5.exe (LG Electronics Inc.) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) ========== Modules (SafeList) ========== MOD - C:\Users\xxx\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe File not found SRV - (avp) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe () SRV - (OMSI download service) -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () SRV - (Macromedia Licensing Service) -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe (Macromedia) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (HauppaugeTVServer) -- C:\Programme\WinTV\HCWTVServer.exe (Hauppauge Computer Works) SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (usnjsvc) -- C:\Program Files\MSN Messenger\usnsvc.exe (Microsoft Corporation) SRV - (LPDSVC) -- C:\Windows\System32\lpdsvc.dll (Microsoft Corporation) SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) ========== Driver Services (SafeList) ========== DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found DRV - (lgodd_filter) -- C:\Windows\System32\drivers\lgodd_filter.sys File not found DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab) DRV - (klbg) -- C:\Windows\system32\drivers\klbg.sys (Kaspersky Lab) DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab) DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys () DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab) DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab) DRV - (gtstusbser) -- C:\Windows\System32\drivers\gtstusbser.sys (Option N.V.) DRV - (cdrbsdrv) -- C:\Windows\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation) DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications) DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV - (MODRC) -- C:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.) DRV - (hcw95rc) -- C:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.) DRV - (mod7700) -- C:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.) DRV - (hcw95bda) -- C:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.) DRV - (s716unic) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM) -- C:\Windows\System32\drivers\s716unic.sys (MCCI Corporation) DRV - (s716obex) -- C:\Windows\System32\drivers\s716obex.sys (MCCI Corporation) DRV - (s716nd5) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS) -- C:\Windows\System32\drivers\s716nd5.sys (MCCI Corporation) DRV - (s716mdm) -- C:\Windows\System32\drivers\s716mdm.sys (MCCI Corporation) DRV - (s716mgmt) Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s716mgmt.sys (MCCI Corporation) DRV - (s716mdfl) -- C:\Windows\System32\drivers\s716mdfl.sys (MCCI Corporation) DRV - (s716bus) Sony Ericsson Device 716 driver (WDM) -- C:\Windows\System32\drivers\s716bus.sys (MCCI Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (ElbyDelay) -- C:\Windows\System32\drivers\ElbyDelay.sys (Elaborate Bytes AG) DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation) DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation) DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation) DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (lgsnd_filter) -- C:\Windows\System32\drivers\lgsnd_filter.sys () DRV - (PID_0928) Labtec WebCam(PID_0928) -- C:\Windows\System32\drivers\LV561AV.SYS (Labtec Inc.) DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Labtec Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.icq.com/start IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..browser.startup.homepage: "hxxp://www.gmx.de" FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.1 FF - prefs.js..extensions.enabledItems: ienetrenderer-nico@nc:0.9.6 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736 FF - prefs.js..extensions.enabledItems: {d57c9ff1-6389-48fc-b770-f78bd89b6e8a}:1.33 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.26 12:19:05 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.26 12:19:05 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.07.22 10:28:43 | 000,000,000 | ---D | M] [2010.03.22 18:14:35 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions [2010.03.22 18:14:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.07.27 15:47:28 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\7467rli4.default\extensions [2010.06.29 15:35:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\7467rli4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.07.15 11:17:08 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\7467rli4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.01.28 10:54:03 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\7467rli4.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2010.07.23 15:57:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\7467rli4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2009.12.06 10:21:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\7467rli4.default\extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a} [2008.09.13 16:52:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\7467rli4.default\extensions\{DA3A89AB-2DCA-4a29-8FEA-3C9E79BBF113} [2010.02.13 08:04:05 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\7467rli4.default\extensions\de-DE@dictionaries.addons.mozilla.org [2010.03.13 15:39:26 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\7467rli4.default\extensions\ienetrenderer-nico@nc [2010.03.13 15:39:19 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\7467rli4.default\extensions\toolbar@alexa.com [2010.07.17 21:04:20 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2007.06.20 17:44:28 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.07.17 21:04:22 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.06.04 22:10:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.02.25 10:40:20 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2008.09.01 23:50:00 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\talkback@mozilla.org [2007.08.29 23:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npbittorrent.dll [2010.06.04 22:07:22 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2008.09.23 17:11:30 | 000,284,248 | ---- | M] (Musicnotes, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npmusicn.dll [2010.03.31 10:09:22 | 010,437,264 | ---- | M] (PDFTron Systems Inc.) -- C:\Programme\Mozilla Firefox\plugins\PDFNetC.dll [2010.04.08 12:36:02 | 000,107,760 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\ScorchPDFWrapper.dll [2010.07.26 12:18:51 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.07.26 12:18:51 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.07.26 12:18:51 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.07.26 12:18:52 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.07.26 12:18:52 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Companion.JS BHO) - {ADDEE521-F1CC-4B89-8C88-B2CF625B9163} - C:\Programme\Core Services\Companion.JS\CompanionJS.dll (Core Services) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [avp] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [BatteryMiser 5] C:\Programme\LG Software\BatteryMiser\BatteryMiser5.exe (LG Electronics Inc.) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [KeybdUtility] C:\Programme\LG Software\On Screen Display\HotKey.exe (LG Electronics) O4 - HKLM..\Run: [LG Intelligent Update] C:\Program Files\lg_swupdate\giljabistart.exe (BIT LEADER) O4 - HKLM..\Run: [LG Magnifier] C:\Programme\LG Software\LG Magnifier\MagnifyingGlass.exe (LG Electronics Inc.) O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O8 - Extra context menu item: Free YouTube Download - C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Companion.JS - {0402343A-B530-482b-AA27-A61CEC3E4D2E} - C:\Programme\Core Services\Companion.JS\CompanionJS.dll (Core Services) O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab (ScorchPlugin Class) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img22.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img22.jpg O28 - HKLM ShellExecuteHooks: {26F5978F-6493-4ee3-B114-C0C3ACCF9D4D} - C:\Windows\System32\bmpsap.dll () O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{2b6ace9a-20e9-11dc-9b85-00e09110329c}\Shell\AutoRun\command - "" = C:\Windows\System32\MigSetup.exe -- File not found O33 - MountPoints2\{2f0bf6ae-351e-11df-b88c-836a36ff23c1}\Shell - "" = AutoRun O33 - MountPoints2\{2f0bf6ae-351e-11df-b88c-836a36ff23c1}\Shell\AutoRun\command - "" = F:\QsSetup.exe -- File not found O33 - MountPoints2\G\Shell\AutoRun\command - "" = C:\Windows\System32\MigSetup.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found ========== Files/Folders - Created Within 30 Days ========== [2010.07.27 23:48:59 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe [2010.07.27 15:50:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.07.27 15:49:38 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.07.26 10:47:06 | 000,000,000 | ---D | C] -- C:\Programme\Wise Registry Cleaner [2010.07.25 14:25:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Syscon [2010.07.23 15:57:22 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers [2010.07.18 19:32:53 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\vlc [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.07.27 23:54:04 | 004,980,736 | -HS- | M] () -- C:\Users\xxx\NTUSER.DAT [2010.07.27 23:48:39 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe [2010.07.27 23:45:09 | 000,001,150 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-306069054-1507164970-828293788-1000UA.job [2010.07.27 23:32:00 | 000,000,348 | -HS- | M] () -- C:\Windows\KLIF.spi [2010.07.27 23:26:12 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.07.27 23:26:11 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.07.27 15:30:37 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{47E8A083-0C54-4311-A2F4-0A1D148E136A}.job [2010.07.27 15:26:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.07.27 15:25:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.07.27 15:25:29 | 1063,378,944 | -HS- | M] () -- C:\hiberfil.sys [2010.07.27 15:23:24 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010.07.27 15:22:42 | 001,948,011 | -H-- | M] () -- C:\Users\xxx\AppData\Local\IconCache.db [2010.07.27 07:45:02 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-306069054-1507164970-828293788-1000Core.job [2010.07.26 10:17:10 | 000,078,744 | ---- | M] () -- C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT [2010.07.26 10:12:17 | 001,641,584 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.07.24 01:43:01 | 037,285,320 | ---- | M] () -- C:\Users\xxx\Desktop\Nur Für Dich - Wise Guys (with Lyrics).wav [2010.07.24 01:42:45 | 046,112,376 | ---- | M] () -- C:\Users\xxx\Desktop\Tarzan Soundtrack - You'll be in my heart by Phil Collins.wav [2010.07.24 01:42:28 | 027,708,916 | ---- | M] () -- C:\Users\xxx\Desktop\The Lion Sleeps Tonight.wav [2010.07.23 15:56:03 | 000,001,042 | ---- | M] () -- C:\Users\xxx\Desktop\DVDVideoSoft Free Studio.lnk [2010.07.18 18:35:46 | 000,001,946 | ---- | M] () -- C:\Users\xxx\Desktop\Hansenet_vlc10x.m3u [2010.07.15 21:17:55 | 161,024,518 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010.07.15 20:09:21 | 000,641,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.07.15 20:09:21 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.07.15 20:09:21 | 000,116,706 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.07.15 20:09:21 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.07.15 20:09:20 | 001,461,736 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.07.27 16:08:29 | 000,000,348 | -HS- | C] () -- C:\Windows\KLIF.spi [2010.07.24 01:42:47 | 037,285,320 | ---- | C] () -- C:\Users\xxx\Desktop\Nur Für Dich - Wise Guys (with Lyrics).wav [2010.07.24 01:42:31 | 046,112,376 | ---- | C] () -- C:\Users\xxx\Desktop\Tarzan Soundtrack - You'll be in my heart by Phil Collins.wav [2010.07.24 01:42:15 | 027,708,916 | ---- | C] () -- C:\Users\xxx\Desktop\The Lion Sleeps Tonight.wav [2010.07.18 18:35:46 | 000,001,946 | ---- | C] () -- C:\Users\xxx\Desktop\Hansenet_vlc10x.m3u [2010.03.21 21:34:52 | 000,001,518 | ---- | C] () -- C:\Windows\Mobile Partner Manager.INI [2009.12.19 12:02:32 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2008.03.22 15:35:43 | 000,000,023 | -HS- | C] () -- C:\Windows\System32\bfaedaec_g.dll [2008.03.14 19:52:32 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI [2008.02.21 04:05:44 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008.02.21 04:04:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest [2008.02.21 04:04:16 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest [2008.02.21 04:03:24 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll [2008.01.29 14:01:59 | 000,000,037 | ---- | C] () -- C:\Windows\easyprint.INI [2007.10.03 14:27:52 | 000,197,408 | ---- | C] () -- C:\Windows\System32\vpnapi.dll [2007.06.20 20:38:38 | 000,000,399 | ---- | C] () -- C:\Windows\vtplus32.ini [2007.06.20 20:37:57 | 000,159,744 | ---- | C] () -- C:\Windows\System32\hcwChDB.dll [2007.06.20 20:37:08 | 000,006,218 | ---- | C] () -- C:\Windows\HCWPNP.INI [2007.06.20 18:30:26 | 000,030,688 | ---- | C] () -- C:\Windows\Irremote.ini [2007.06.20 18:30:02 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll [2007.06.20 18:29:47 | 000,000,855 | ---- | C] () -- C:\Windows\ODBC.INI [2007.03.27 05:06:59 | 000,010,356 | ---- | C] () -- C:\Windows\lg_up.ini [2007.03.27 05:06:01 | 000,000,877 | ---- | C] () -- C:\Windows\lgcenter.ini [2007.03.27 04:33:33 | 000,114,688 | ---- | C] () -- C:\Windows\System32\bmpsap.dll [2007.03.27 04:33:33 | 000,007,552 | ---- | C] () -- C:\Windows\System32\drivers\lgsnd_filter.sys [2007.03.27 04:06:55 | 000,009,931 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2007.03.27 04:02:18 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1187.dll [2007.03.27 03:59:11 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007.03.27 03:58:09 | 000,000,196 | ---- | C] () -- C:\Windows\lgps.ini [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:25:21 | 000,180,224 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2005.09.15 19:39:48 | 000,040,960 | ---- | C] () -- C:\Windows\System32\epdfmonu.dll [2005.09.15 19:38:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\epdfmon.dll [2005.08.17 19:08:19 | 000,131,072 | ---- | C] () -- C:\Windows\System32\sfarkxt.dll [2005.08.17 19:08:18 | 000,068,096 | ---- | C] () -- C:\Windows\System32\SFARKL.DLL [2005.01.19 09:30:54 | 000,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2002.07.03 14:03:58 | 000,069,632 | ---- | C] () -- C:\Windows\System32\WB3.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 64 bytes -> C:\Users\xxx\Desktop\Quatsch_Comedy_Club_08.02.26_22-45_pro7_30_TVOON_DE.mpg.avi:TOC.WMV @Alternate Data Stream - 64 bytes -> C:\Users\xxx\Desktop\Hape_Kerkeling_live_07.03.16_22-15_rtl_105_TVOON_DE.mpg.avi:TOC.WMV @Alternate Data Stream - 297483 bytes -> C:\Windows\System32\LPT:PS58DA-7 < End of report > Code:
ATTFilter OTL Extras logfile created on: 27.07.2010 23:50:23 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\xxx\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.17037) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.014,00 Mb Total Physical Memory | 308,00 Mb Available Physical Memory | 30,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 53,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 110,79 Gb Total Space | 26,25 Gb Free Space | 23,70% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: xxx-PC Current User Name: xxx Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" %* txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- () ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{003C4E11-EE35-4D03-BDF2-91A0EBFF5BD0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{042ECC1F-C513-4ADC-93E1-E7367E56B47B}" = lport=137 | protocol=17 | dir=in | app=system | "{047CC5BF-4C37-430B-9588-6FEBCA8B0638}" = rport=137 | protocol=17 | dir=out | app=system | "{04C96110-B5FF-4197-91E3-25BBBD432A75}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{456840E1-FDD5-431C-A788-9B780ACAA9ED}" = rport=445 | protocol=6 | dir=out | app=system | "{759DF51C-8D3D-42C6-80BA-3F9BCFDDA60B}" = lport=445 | protocol=6 | dir=in | app=system | "{7B9D7BF8-8BDB-4795-AF26-5E14F41E5185}" = lport=138 | protocol=17 | dir=in | app=system | "{8BDCA7AC-959A-4F76-BDE3-C6C32EB7E936}" = rport=139 | protocol=6 | dir=out | app=system | "{B5DE5C35-D4A3-43BE-891F-1E3177C427DB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{BAF5FDA7-CB0B-445F-8713-850D617E4271}" = lport=2869 | protocol=6 | dir=in | app=system | "{DC82B2C0-8246-43B4-9F66-FA4E0EF82323}" = rport=138 | protocol=17 | dir=out | app=system | "{EAAE7859-22D4-4171-99ED-3483BFAC82B5}" = lport=139 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{15B4FB3A-8AF2-4547-8B80-F11C899715B6}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{1F3FCA26-4DAA-43D5-A66D-387D0B95DED9}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{3EADBFE9-E015-44B7-9B75-8E588194E8EE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{4571CDE0-963F-4076-84C1-E81DC4224EC0}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{4A457CA5-8423-4501-A17C-3430DED52584}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{690561C9-86F9-44A6-A214-9BC87CD12E22}" = protocol=6 | dir=in | app=c:\program files\network print monitor\psadmin.exe | "{6ADA8E29-67AD-4655-82D5-9E30F7FCCD7B}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{6D661567-FD16-455A-B1F3-78AE7FB65C2B}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{7802A547-6476-4E17-AB0F-841BCC294F4E}" = protocol=6 | dir=in | app=c:\program files\smartftp client\smartftp.exe | "{8EABF23C-B714-4C55-A320-456E37786AAE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{934584AF-17FA-4F81-9E6B-4DD1C03BD978}" = protocol=17 | dir=in | app=c:\program files\network print monitor\psadmin.exe | "{959300D5-D2C3-4E3A-B39F-2B4E35F13750}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{9E02E78B-4FB7-477C-AB34-B0D366A3D6F7}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{9F966D94-2E26-4BBF-A678-5E2EABDD1DD5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A4C72332-759F-4ECC-BFE0-5877EBB6B03C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A9E6FC56-3F54-4804-8289-5D4F21B96928}" = protocol=17 | dir=in | app=c:\program files\smartftp client\smartftp.exe | "{AAB41056-DD61-43A5-ACBC-657E8C9356EC}" = protocol=17 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe | "{B8FD8168-8912-4664-93B7-7E92BFC285E5}" = protocol=6 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe | "{CFE6E32B-D98B-4E15-929F-6C47DC57FD54}" = protocol=17 | dir=in | app=c:\program files\smartftp client\smartftp.exe | "{D23AF358-205C-4B8B-8A28-0234E5DFB09D}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{E0762042-8F94-4D25-8CDE-56482ADDD652}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{E83D987D-2DA1-4F70-8010-429F62A918DF}" = dir=in | app=c:\program files\msn messenger\livecall.exe | "{ED2D5358-8266-4945-B80D-842AF1570F12}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{FAFD14C4-561F-4E2E-8B06-257C37117620}" = protocol=6 | dir=in | app=c:\program files\smartftp client\smartftp.exe | "{FF8AE596-986A-4F7F-87DF-28A52621418B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "TCP Query User{22DD853E-63D9-400A-8EB6-450BA8FDB162}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | "TCP Query User{2D5822DD-5A8F-49F3-8C3D-DB27964C02E8}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{77158BB2-714C-43F4-869B-DB1C389BA430}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | "TCP Query User{90EB9375-9DE9-46FC-810E-720044888242}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "TCP Query User{B8912E75-48B6-43B1-B751-45E17412CDB6}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe | "TCP Query User{BCEA0379-9E36-447B-A316-8C413C02C5A9}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | "TCP Query User{C61D5CD2-3707-45F5-BB87-2A43ECD34A07}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{DB7EADB7-27B5-448A-9C22-E47CA373315A}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | "UDP Query User{24AF4193-3CA3-4AE0-832D-F8A1E7A475C2}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | "UDP Query User{2ACB0CE6-62A9-46F3-B20D-C6F9FCBCA27E}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "UDP Query User{4C3B6A13-B3A7-42BF-8258-92F5DC9DDD25}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe | "UDP Query User{55C21A27-90FA-4B7A-99FF-4F4F3D75A18B}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | "UDP Query User{A656EBAB-40FE-4FB7-B929-A969D6EFFDFB}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | "UDP Query User{A6B096D6-D42B-4EE7-ACC4-685CD8A740C9}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{BD52A74B-5659-44FA-B37A-057CFB157CF7}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{D826CA92-5C26-4825-A557-402D8AB0DF51}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{10ABE49D-343A-463E-9753-C4C5A05ECEF9}" = Sibelius Scorch (Firefox, Opera, Netscape only) "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge "{23A63302-B0AD-4811-9E88-DDA51B902488}" = capella 2008 "{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2 "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{279DB581-239C-4E13-97F8-0F48E40BE75C}" = Windows Live Messenger "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3 "{2D6ED011-055B-4041-B198-BB903827EBFB}" = Safari "{2F353D44-73BB-4971-B31D-F7642E9E9531}" = Macromedia Flash MX 2004 "{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00 "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{395AB8C5-F3A8-4380-8718-7A11EC5829F6}" = iCON 210 "{46FDE13F-31D6-49BB-9B58-014BABEB88EA}" = Metzler Musiklexikon 2.0 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5D601655-6D54-4384-B52C-17EC5385FBBD}" = iTunes "{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5 "{62A5F5BC-CDAC-4F44-A2A9-C30A1BCBCA6B}" = CIB pdf Plug-in 1.3.25 "{6304CCF6-3343-4DA5-96B6-84B3A644B93B}" = USB Driver for Panasonic DVC "{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6AC8EA9E-3044-46CB-AC0D-69C45D207178}" = EzManual "{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings "{6DA9102E-199F-43A0-A36B-6EF48081A658}" = Systemsteuerung "MobileMe" "{6F23C1A3-9F62-470C-BD12-B83F04E67865}" = SmartFTP Client "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings "{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{81717D01-32F6-449C-85E1-41AFD678E545}" = LG Intelligent Update "{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{90120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003 "{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003 "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings "{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3 "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8 "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{C57E7D22-0153-4FF9-B9B4-88ACE81FF041}" = Dolet Light für Finale 2005 "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime "{C8E4455F-0F70-4DA2-A9F9-2D56C80E10AD}" = Sibelius Scorch (ActiveX Only) "{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D5228699-F4DD-4D0C-82AD-3F17C45D027E}" = On Screen Display "{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings "{E55C8F84-160B-41FA-9D41-6210801C0C24}" = BatteryMiser 5 "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{EAF092E3-6B95-41E8-B468-94B85DAD8603}" = eDocPrinter PDF Pro Ver 6.30 "{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS "{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F60F1131-3D1F-44D9-8A42-FCC62AE8CF89}" = LG Magnifier "{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2 "Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3 "Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings "AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54 "AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts "Agere Systems Soft Modem" = Agere Systems HDA Modem "Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9 "capella 5.0" = capella 2004 Version 5.0 "capella_1200 5.1" = capella 1200 Version 5.1 "CCleaner" = CCleaner (remove only) "CloneDVD2" = CloneDVD2 "Companion.JS" = Companion.JS v0.4.2 for Internet Explorer (remove only) "DVD Shrink_is1" = DVD Shrink 3.2 "Finale 2005a" = Finale 2005a "Finale 2007" = Finale 2007 "Flight Simulator 9.0" = Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2 "Free Audio Converter_is1" = Free Audio Converter version 2.0 "Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 4.0 "Free YouTube Download_is1" = Free YouTube Download 2.8 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2 "Garritan Ambiance Installer" = Garritan Ambiance Installer "Hauppauge German Help Files and Resources" = Hauppauge German Help Files and Resources "Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler "Hauppauge WinTV TV Services" = Hauppauge WinTV TV Services "Hauppauge WinTV2000" = Hauppauge WinTV2000 "HDMI" = Intel(R) Graphics Media Accelerator Driver "HijackThis" = HijackThis 2.0.2 "HP Deskjet 5700 Series_Driver" = HP Deskjet 5700 Series "IETester" = IETester v0.2.3 (remove only) "InstallShield_{46FDE13F-31D6-49BB-9B58-014BABEB88EA}" = Metzler Musiklexikon 2.0 "InstallShield_{6304CCF6-3343-4DA5-96B6-84B3A644B93B}" = USB Driver for Panasonic DVC "InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "Linktausch pro_is1" = Linktausch pro "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Messer_is1" = Messer v0.992 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "Mozilla Thunderbird (3.1.1)" = Mozilla Thunderbird (3.1.1) "MPE" = MyPhoneExplorer "Native Instruments Finale GPO 2.0" = Native Instruments Finale GPO 2.0 "Network Print Monitor" = Network Print Monitor for Windows 2000/XP/2003 "Nvu_is1" = Nvu 1.0 "phase5" = phase5 "Python 2.3.5" = Python 2.3.5 "RealPlayer 6.0" = RealPlayer "RegSupreme_is1" = RegSupreme "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SmartFTP - Deutsches Sprachpaket" = SmartFTP - Deutsches Sprachpaket (remove only) "SmartFTP Client 3.0 Setup Files" = SmartFTP Client 3.0 Setup Files (remove only) "SmartFTP Client German Language Addon" = SmartFTP Client German Language Addon (remove only) "SmartMusic 9" = SmartMusic 9 "SynTPDeinstKey" = Synaptics Pointing Device Driver "Uninstall_is1" = Uninstall 1.0.0.1 "VLC media player" = VLC media player 1.1.0 "VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German) "WinRAR archiver" = WinRAR "Wise Registry Cleaner_is1" = Wise Registry Cleaner Free 5.35 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent" = BitTorrent 6.0 "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 02.12.2008 01:58:22 | Computer Name = xxx-PC | Source = RasClient | ID = 20227 Description = Error - 02.12.2008 01:59:44 | Computer Name = xxx-PC | Source = RasClient | ID = 20227 Description = Error - 02.12.2008 02:01:05 | Computer Name = xxx-PC | Source = RasClient | ID = 20227 Description = Error - 02.12.2008 02:02:26 | Computer Name = xxx-PC | Source = RasClient | ID = 20227 Description = Error - 02.12.2008 02:12:30 | Computer Name = xxx-PC | Source = RasClient | ID = 20227 Description = Error - 04.12.2008 23:01:16 | Computer Name = xxx-PC | Source = Application Hang | ID = 1002 Description = Programm FINALE.EXE, Version 12.0.0.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: e48 Anfangszeit: 01c956859eb32f2e Zeitpunkt der Beendigung: 80 Error - 16.12.2008 21:01:01 | Computer Name = xxx-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung ehPrivJob.exe, Version 6.0.6000.16386, Zeitstempel 0x4549b489, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x000006f2, Prozess-ID 0x1460, Anwendungsstartzeit 01c95fe27ec17110. Error - 18.12.2008 10:34:07 | Computer Name = xxx-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung Photoshop.exe, Version 10.0.1.0, Zeitstempel 0x470fd6cb, fehlerhaftes Modul Photoshop.exe, Version 10.0.1.0, Zeitstempel 0x470fd6cb, Ausnahmecode 0xc0000005, Fehleroffset 0x00902476, Prozess-ID 0x210, Anwendungsstartzeit 01c9611860bb68bb. Error - 10.01.2009 09:24:56 | Computer Name = xxx-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung SmartFTP.exe, Version 3.0.1021.14, Zeitstempel 0x489b55df, fehlerhaftes Modul sfFTPLib.dll, Version 1.5.13.42, Zeitstempel 0x489a0222, Ausnahmecode 0xc0000005, Fehleroffset 0x0013f8c0, Prozess-ID 0xe54, Anwendungsstartzeit 01c9731c347ded2a. Error - 16.01.2009 13:26:03 | Computer Name = xxx-PC | Source = RasClient | ID = 20227 Description = [ Media Center Events ] Error - 18.04.2008 11:06:30 | Computer Name = xxx-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: Download von Paket MCESpotlight gescheitert. Error - 17.07.2008 19:18:12 | Computer Name = xxx-PC | Source = Recording | ID = 19 Description = Der Aufzeichnungszeitplan war beschädigt und wurde am 07/18/2008 01:18:12 automatisch gelöscht. Möglicherweise müssen Sie die Aufzeichnungen erneut planen. Error - 23.07.2008 13:18:50 | Computer Name = xxx-PC | Source = Recording | ID = 19 Description = Der Aufzeichnungszeitplan war beschädigt und wurde am 07/23/2008 19:18:50 automatisch gelöscht. Möglicherweise müssen Sie die Aufzeichnungen erneut planen. Error - 08.08.2008 13:24:00 | Computer Name = xxx-PC | Source = Recording | ID = 19 Description = Der Aufzeichnungszeitplan war beschädigt und wurde am 08/08/2008 19:23:59 automatisch gelöscht. Möglicherweise müssen Sie die Aufzeichnungen erneut planen. Error - 17.08.2008 13:54:01 | Computer Name = xxx-PC | Source = Recording | ID = 19 Description = Der Aufzeichnungszeitplan war beschädigt und wurde am 08/17/2008 19:54:01 automatisch gelöscht. Möglicherweise müssen Sie die Aufzeichnungen erneut planen. Error - 26.09.2008 16:34:39 | Computer Name = xxx-PC | Source = Recording | ID = 19 Description = Der Aufzeichnungszeitplan war beschädigt und wurde am 09/26/2008 22:34:39 automatisch gelöscht. Möglicherweise müssen Sie die Aufzeichnungen erneut planen. Error - 26.09.2008 16:34:40 | Computer Name = xxx-PC | Source = Recording | ID = 19 Description = Der Aufzeichnungszeitplan war beschädigt und wurde am 09/26/2008 22:34:40 automatisch gelöscht. Möglicherweise müssen Sie die Aufzeichnungen erneut planen. [ System Events ] Error - 27.07.2010 09:25:26 | Computer Name = xxx-PC | Source = disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. Error - 27.07.2010 09:25:26 | Computer Name = xxx-PC | Source = disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. Error - 27.07.2010 09:25:26 | Computer Name = xxx-PC | Source = disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. Error - 27.07.2010 09:25:26 | Computer Name = xxx-PC | Source = disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. Error - 27.07.2010 09:25:26 | Computer Name = xxx-PC | Source = disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. Error - 27.07.2010 09:26:20 | Computer Name = xxx-PC | Source = Dhcp | ID = 1002 Description = Die IP-Adresslease 192.168.1.51 für die Netzwerkkarte mit der Netzwerkadresse 0015AF1E0F0B wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet). Error - 27.07.2010 09:26:50 | Computer Name = xxx-PC | Source = LPDSVC | ID = 4000 Description = Error - 27.07.2010 09:27:10 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7000 Description = Error - 27.07.2010 09:27:10 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7000 Description = Error - 27.07.2010 09:56:51 | Computer Name = xxx-PC | Source = DCOM | ID = 10010 Description = < End of report > |
29.07.2010, 13:47 | #4 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Notebook sehr langsam, hab mir wohl was eingefangenZitat:
Die (Be)nutzung von Cracks, Serials und Keygens ist illegal, somit gibt es im Trojaner-Board keinen weiteren Support mehr. Für Dich geht es hier weiter => Neuaufsetzen des Systems Bitte auch alle Passwörter abändern (für E-Mail-Konten, StudiVZ, Ebay...einfach alles!) da nicht selten in dieser dubiosen Software auch Keylogger und Backdoorfunktionen stecken. Danach nie wieder sowas anrühren!
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Notebook sehr langsam, hab mir wohl was eingefangen |
adobe, agere systems, bho, cdburnerxp, computer, defender, excel, firefox, google, hijack, internet, internet explorer, kaspersky, langsam, local\temp, logfile, monitor, mozilla, object, plug-in, rojaner gefunden, rundll, security, sehr langsam, software, tastatur, temp, trojaner, trojaner gefunden, vista, windows |