Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows Dienste funktionieren nicht, keine Internetverbindung möglich

Windows Dienste funktionieren nicht, keine Internetverbindung möglich


Plagegeister aller Art und deren Bekämpfung: Windows Dienste funktionieren nicht, keine Internetverbindung möglich

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 28.09.2010, 23:23   #1
an123
 
Windows Dienste funktionieren nicht, keine Internetverbindung möglich - Standard

Windows Dienste funktionieren nicht, keine Internetverbindung möglich


Guten Abend,

ich möchte um Rat für die Lösung folgender Probleme bitten, die seit heute Morgen auf meinem Desktop bestehen:

-das System bootet extrem langsam
-eine Internetverbindung lässt sich nicht herstellen
-viele Windowsdienste können nicht gestartet werden, z.b. Netzwerk- und Freigabecenter, Windows Firewall, Windows Update, etc.
-keine Systemwiederherstellung möglich

Folgende Maßnahmen habe ich bisher durchgeführt:

-Vollständiger Systemscan mit Avira Antivir Personal: kein Fund!
-cmd.exe mit sfc /scannow: keine Integritätsverletzung gefunden!
-highjackthis, otl und GMER durchlaufen lassen, logs folgen.
-Systemwiederherstellung mit verschiedenen Wiederherstellungspunkten fehlgeschlagen.

Für Hilfe und Anleitungen zur Problemlösung wäre ich sehr dankbar.
Mit freundlichen Grüßen

Code:
ATTFilter
OTL logfile created on: 28.09.2010 23:24:05 - Run 1
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 70,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 688,54 Gb Total Space | 543,48 Gb Free Space | 78,93% Space Free | Partition Type: NTFS
Drive D: | 10,10 Gb Total Space | 1,38 Gb Free Space | 13,65% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ***
Current User Name: ***
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\System32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\System32\uxtuneup.dll (TuneUp Software)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (FontCache) -- C:\WINDOWS\System32\FntCache.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (PcdrNdisuio) -- C:\Windows\System32\DRIVERS\pcdrndisuio.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (avipbb) -- C:\WINDOWS\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (ssmdrv) -- C:\WINDOWS\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (acedrv11) -- C:\WINDOWS\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
DRV - (igfx) -- C:\WINDOWS\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (netr73) -- C:\WINDOWS\System32\drivers\netr73.sys (Ralink Technology, Corp.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (HCW85BDA) -- C:\WINDOWS\System32\drivers\HCW85BDA.sys (Hauppauge Computer Works)
DRV - (RtNdPt60) -- C:\WINDOWS\System32\drivers\RtNdPt60.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (RTL8169) -- C:\WINDOWS\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (PDNMp50) -- C:\WINDOWS\System32\drivers\PDNMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (PDNSp50) -- C:\WINDOWS\System32\drivers\PDNSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\WINDOWS\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (w810bus) Sony Ericsson W810 Driver driver (WDM) -- C:\WINDOWS\System32\drivers\w810bus.sys (MCCI)
DRV - (Ps2) -- C:\WINDOWS\System32\drivers\PS2.sys (Hewlett-Packard Company)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://alice.aol.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://alice.aol.de
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://alice.aol.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010.05.26 22:22:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.16 15:11:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.16 15:11:58 | 000,000,000 | ---D | M]
 
[2009.11.05 18:49:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.09.27 19:19:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\1ajscmj5.default\extensions
[2010.05.07 15:14:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\1ajscmj5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.07 15:14:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\1ajscmj5.default\extensions\firebug@software.joehewitt.com
[2010.08.30 11:33:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.05.05 20:54:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.30 11:33:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.03.27 18:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npContribute.dll
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008.02.22 17:24:06 | 000,095,832 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPPDLicenseHelper.dll
[2010.03.17 17:43:27 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.17 17:43:27 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.17 17:43:27 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.17 17:43:27 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.17 17:43:27 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 -  File not found
O13 - gopher Prefix: missing
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Peggle/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} hxxp://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-24-0.cab (EPUImageControl Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldde-de.cab (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Peggle/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} hxxp://www.popcap.com/webgames/popcaploader_v10_de.cab (PopCapLoader Object)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.12.12 22:03:52 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{49a23e54-e3da-11dd-9041-9c38debfc506}\Shell - "" = AutoRun
O33 - MountPoints2\{49a23e54-e3da-11dd-9041-9c38debfc506}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.28 23:07:31 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\***\Desktop\HiJackThis204.exe
[2010.09.28 23:07:09 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.09.26 09:40:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ScreeNet iSaver
[2010.09.26 09:40:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ScreeNet iSaver
[2010.09.15 19:22:33 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Bewerbungen
[2010.09.15 14:18:59 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010.09.15 10:49:38 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\ARBEITSPLATZ
[2010.09.10 09:46:00 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\button
[2010.09.09 11:54:49 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\german
[2010.09.01 13:45:35 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\alice
[2010.08.31 19:09:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Nikon
[2010.08.31 19:08:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Applause and Laugher
[2010.08.31 19:08:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Ambience
[2010.08.31 19:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\vhosts
[2010.08.30 11:33:54 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.08.30 11:33:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.08.30 11:33:53 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009.01.16 19:58:41 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\***\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.28 23:08:19 | 003,145,728 | ---- | M] () -- C:\Users\***\ntuser.dat
[2010.09.28 23:00:23 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.28 23:00:22 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.28 23:00:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.28 23:00:17 | 3218,350,080 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.28 22:59:26 | 000,524,288 | -HS- | M] () -- C:\Users\***\ntuser.dat{43f5bba8-01e0-11df-81a8-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010.09.28 22:59:26 | 000,065,536 | -HS- | M] () -- C:\Users\***\ntuser.dat{43f5bba8-01e0-11df-81a8-806e6f6e6963}.TM.blf
[2010.09.28 22:59:22 | 003,195,306 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db
[2010.09.28 16:27:42 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2010.09.28 12:21:20 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\***\Desktop\HiJackThis204.exe
[2010.09.27 22:37:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.27 10:00:30 | 000,010,498 | ---- | M] () -- C:\Users\***\Documents\aachener_briefdl.docx
[2010.09.27 09:58:39 | 000,011,138 | ---- | M] () -- C:\Users\***\Documents\aachener_kabelanschluss.docx
[2010.09.26 18:05:36 | 000,014,848 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.25 14:28:56 | 005,621,767 | ---- | M] () -- C:\Users\***\Documents\reference-brochure-2010.pdf
[2010.09.22 14:02:03 | 000,010,394 | ---- | M] () -- C:\Users\***\Documents\jobcenter_briefdl.docx
[2010.09.17 09:26:10 | 000,011,136 | ---- | M] () -- C:\Users\***\Documents\betriebskosten2.docx
[2010.09.16 16:55:23 | 000,670,286 | ---- | M] () -- C:\Users\***\Desktop\auszug.jpg
[2010.09.16 16:00:36 | 000,016,765 | ---- | M] () -- C:\Users\***\Documents\anwalt_ebay.docx
[2010.09.16 07:48:30 | 000,658,433 | ---- | M] () -- C:\Users\***\Desktop\Scannen0001.jpg
[2010.09.15 23:09:40 | 000,016,748 | ---- | M] () -- C:\Users\***\Documents\anwalt_ebay2.docx
[2010.09.15 17:18:13 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLdy.DAT
[2010.09.15 16:48:25 | 000,000,000 | -H-- | M] () -- C:\ProgramData\PKP_DLdw.DAT
[2010.09.15 16:48:25 | 000,000,000 | ---- | M] () -- C:\Users\***\AppData\Roaming\Sports
[2010.09.15 16:48:25 | 000,000,000 | ---- | M] () -- C:\ProgramData\Speech Enhancer
[2010.09.15 16:48:25 | 000,000,000 | ---- | M] () -- C:\ProgramData\Smooth Strings
[2010.09.14 18:34:37 | 000,001,802 | ---- | M] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2010.09.13 07:48:08 | 001,230,477 | ---- | M] () -- C:\Users\***\Desktop\Bewerbungsfoto.JPG
[2010.09.13 06:57:38 | 000,011,668 | ---- | M] () -- C:\Users\***\Documents\bewerbungen.docx
[2010.09.12 19:26:28 | 000,001,456 | ---- | M] () -- C:\Users\***\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2010.09.12 15:34:50 | 000,415,767 | ---- | M] () -- C:\Users\***\Documents\lebenslauf.pdf
[2010.09.09 17:17:35 | 000,000,111 | ---- | M] () -- C:\Windows\telephon.ini
[2010.09.06 15:19:47 | 000,010,332 | ---- | M] () -- C:\Users\***\Documents\jobcenter_briefc6.docx
[2010.09.06 15:02:25 | 000,011,054 | ---- | M] () -- C:\Users\***\Documents\betriebskosten.docx
[2010.08.31 19:09:41 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2010.08.31 19:08:25 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\ViewNX 2.lnk
[2010.08.31 19:08:13 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Super Strings
[2010.08.31 19:08:13 | 000,000,268 | RH-- | M] () -- C:\Users\***\AppData\Roaming\String Comparison
[2010.08.31 19:08:13 | 000,000,268 | RH-- | M] () -- C:\Users\***\AppData\Roaming\Stingers
[2010.08.31 19:08:13 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLev.DAT
[2010.08.31 19:08:13 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLes.DAT
[2010.08.31 19:08:12 | 000,000,268 | RH-- | M] () -- C:\ProgramData\Strings
[2010.08.31 19:08:12 | 000,000,268 | RH-- | M] () -- C:\Users\***\AppData\Roaming\StatusSheet
[2010.08.31 10:43:08 | 000,011,611 | ---- | M] () -- C:\Users\***\Documents\Barbara Ullman1.docx  jobcenter.docx
[2010.08.30 16:44:15 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLdu.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.09.27 09:59:09 | 000,010,498 | ---- | C] () -- C:\Users\***\Documents\aachener_briefdl.docx
[2010.09.27 09:58:38 | 000,011,138 | ---- | C] () -- C:\Users\***\Documents\aachener_kabelanschluss.docx
[2010.09.25 14:28:56 | 005,621,767 | ---- | C] () -- C:\Users\***\Documents\reference-brochure-2010.pdf
[2010.09.22 14:02:02 | 000,010,394 | ---- | C] () -- C:\Users\***\Documents\jobcenter_briefdl.docx
[2010.09.17 09:18:42 | 000,011,136 | ---- | C] () -- C:\Users\***\Documents\betriebskosten2.docx
[2010.09.16 16:50:56 | 000,670,286 | ---- | C] () -- C:\Users\***\Desktop\auszug.jpg
[2010.09.15 19:27:22 | 000,016,748 | ---- | C] () -- C:\Users\***\Documents\anwalt_ebay2.docx
[2010.09.15 16:48:25 | 000,000,000 | ---- | C] () -- C:\ProgramData\Speech Enhancer
[2010.09.15 16:48:25 | 000,000,000 | ---- | C] () -- C:\ProgramData\Smooth Strings
[2010.09.13 07:46:51 | 001,230,477 | ---- | C] () -- C:\Users\***\Desktop\Bewerbungsfoto.JPG
[2010.09.13 06:57:37 | 000,011,668 | ---- | C] () -- C:\Users\***\Documents\bewerbungen.docx
[2010.09.12 21:55:09 | 000,658,433 | ---- | C] () -- C:\Users\***\Desktop\Scannen0001.jpg
[2010.09.12 15:34:50 | 000,415,767 | ---- | C] () -- C:\Users\***\Documents\lebenslauf.pdf
[2010.09.11 20:26:20 | 000,016,765 | ---- | C] () -- C:\Users\***\Documents\anwalt_ebay.docx
[2010.09.09 17:17:35 | 000,000,111 | ---- | C] () -- C:\Windows\telephon.ini
[2010.09.09 13:31:05 | 000,001,456 | ---- | C] () -- C:\Users\***\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2010.09.06 15:19:47 | 000,010,332 | ---- | C] () -- C:\Users\***\Documents\jobcenter_briefc6.docx
[2010.09.06 14:58:38 | 000,011,054 | ---- | C] () -- C:\Users\***\Documents\betriebskosten.docx
[2010.08.31 19:08:25 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\ViewNX 2.lnk
[2010.08.31 19:08:13 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Super Strings
[2010.08.31 19:08:13 | 000,000,268 | RH-- | C] () -- C:\Users\***\AppData\Roaming\String Comparison
[2010.08.31 19:08:13 | 000,000,268 | RH-- | C] () -- C:\Users\***\AppData\Roaming\Stingers
[2010.08.31 19:08:13 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2010.08.31 19:08:13 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2010.08.31 19:08:12 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Strings
[2010.08.31 19:08:12 | 000,000,268 | RH-- | C] () -- C:\Users\***\AppData\Roaming\StatusSheet
[2010.08.31 19:08:12 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2010.08.31 10:37:01 | 000,011,611 | ---- | C] () -- C:\Users\***\Documents\Barbara Ullman1.docx  jobcenter.docx
[2010.08.03 11:33:03 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Stingers
[2010.08.03 11:33:03 | 000,000,268 | RH-- | C] () -- C:\Users\***\AppData\Roaming\Standard Tool
[2010.08.03 11:31:12 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdy.DAT
[2010.07.15 17:53:23 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2010.07.15 17:53:23 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Roaming\Sports
[2010.07.15 17:51:37 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Standard Tool
[2010.07.15 17:51:37 | 000,000,268 | RH-- | C] () -- C:\Users\***\AppData\Roaming\Specifications
[2010.07.15 17:51:37 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010.05.31 22:09:07 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Local\PUTTY.RND
[2009.06.03 18:29:18 | 000,000,046 | ---- | C] () -- C:\Windows\PCCT.INI
[2009.06.03 18:13:05 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.06.03 18:12:37 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009.05.27 18:01:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.14 18:19:42 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{da73ac2f-4095-11de-b27d-bf7f517b369e}.TMContainer00000000000000000002.regtrans-ms
[2009.05.14 18:19:42 | 000,524,288 | -HS- | C] () -- C:\ProgramData\ntuser.dat{da73ac2f-4095-11de-b27d-bf7f517b369e}.TMContainer00000000000000000001.regtrans-ms
[2009.05.14 18:19:42 | 000,262,144 | ---- | C] () -- C:\ProgramData\ntuser.dat
[2009.05.14 18:19:42 | 000,065,536 | -HS- | C] () -- C:\ProgramData\ntuser.dat{da73ac2f-4095-11de-b27d-bf7f517b369e}.TM.blf
[2009.05.14 18:19:42 | 000,005,120 | -H-- | C] () -- C:\ProgramData\ntuser.dat.LOG1
[2009.05.14 18:19:42 | 000,000,000 | -H-- | C] () -- C:\ProgramData\ntuser.dat.LOG2
[2009.01.16 19:59:31 | 000,000,033 | ---- | C] () -- C:\Users\***\AppData\Roaming\pcouffin.log
[2009.01.16 19:58:41 | 000,087,608 | ---- | C] () -- C:\Users\***\AppData\Roaming\inst.exe
[2009.01.16 19:58:41 | 000,007,887 | ---- | C] () -- C:\Users\***\AppData\Roaming\pcouffin.cat
[2009.01.16 19:58:41 | 000,001,144 | ---- | C] () -- C:\Users\***\AppData\Roaming\pcouffin.inf
[2008.10.02 13:09:05 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2008.06.28 13:25:24 | 000,014,848 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.05.28 20:33:48 | 000,001,802 | ---- | C] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2008.05.09 09:32:50 | 001,869,020 | ---- | C] () -- C:\Windows\System32\RSA32_16.DLL
[2008.05.08 20:42:41 | 000,002,032 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2008.03.25 17:56:08 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1461.dll
[2008.03.04 18:52:34 | 000,286,720 | ---- | C] () -- C:\Windows\System32\libcurl.dll
[2007.12.12 21:57:56 | 000,002,963 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2007.12.12 21:54:34 | 000,003,758 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2007.12.12 21:54:16 | 000,066,048 | ---- | C] () -- C:\Windows\System32\hcwxds.dll
[2007.12.12 21:42:25 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2007.12.12 21:42:25 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2007.10.31 09:39:54 | 000,059,904 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2007.05.17 13:58:10 | 000,143,360 | ---- | C] () -- C:\Windows\System32\libexpatw.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
========== LOP Check ==========
 
[2010.07.01 15:33:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.09.24 16:03:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2009.06.03 18:14:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX
[2009.04.13 12:22:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAXON
[2010.07.15 21:40:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nikon
[2009.10.18 11:21:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2009.06.03 18:01:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ProtectDisc
[2010.01.19 19:18:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\QuickScan
[2010.09.26 09:40:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ScreeNet iSaver
[2008.05.28 22:04:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SpinTop
[2010.05.26 22:49:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2009.03.24 21:27:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2008.06.27 17:32:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Teleca
[2008.05.28 20:34:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Template
[2009.06.02 22:15:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thies Gerken
[2009.03.24 21:07:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2010.07.31 16:04:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Vso
[2008.05.08 20:19:39 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WinBatch
[2010.09.27 22:37:16 | 000,032,534 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:B8AF0F0F
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:E35A81F4
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:D2C51E3D
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:1AE68282
< End of report >
Code:
ATTFilter
OTL Extras logfile created on: 28.09.2010 23:24:05 - Run 1
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 70,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 688,54 Gb Total Space | 543,48 Gb Free Space | 78,93% Space Free | Partition Type: NTFS
Drive D: | 10,10 Gb Total Space | 1,38 Gb Free Space | 13,65% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ***
Current User Name: ***
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1847F71B-2FAE-4FA4-A9EA-402D785F118C}" = lport=139 | protocol=6 | dir=in | app=system | 
"{209ED1EA-0DD5-458F-B625-29201437CE6D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{30C59CD1-F4DA-4E73-80B3-ED7E2E01CAAA}" = lport=445 | protocol=6 | dir=in | app=system | 
"{3D8D576E-8758-41A0-8075-56F0447E0041}" = lport=138 | protocol=17 | dir=in | app=system | 
"{437F064F-55AE-4543-9DB0-3975E5B0F77A}" = rport=137 | protocol=17 | dir=out | app=system | 
"{4A4A2B59-3A7F-4831-895F-769F42048831}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{57183347-21B1-49DF-BA54-8DA509C21606}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{70D704E5-A243-41A1-B092-CECA0B69C1E3}" = lport=49169 | protocol=6 | dir=in | name=akamai netsession interface | 
"{75FDF4DC-C985-4C49-83A7-23F76FFAA1FF}" = rport=138 | protocol=17 | dir=out | app=system | 
"{9417C674-250C-4967-BCAF-F55EAA9BA8AF}" = rport=445 | protocol=6 | dir=out | app=system | 
"{CE522DAC-0132-42EE-A728-44A39CA88840}" = lport=137 | protocol=17 | dir=in | app=system | 
"{DB994D2F-5A32-4B54-8547-A21F66FB2D1E}" = rport=139 | protocol=6 | dir=out | app=system | 
"{E02479E2-D8A7-4326-BE2B-25B7EB70DF1D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1AC8A79A-98DC-41DE-9FA9-43B4F87A2587}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{229B094F-9640-4758-B638-995FC1268B37}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | 
"{2CB2AF92-330E-4080-B3D4-59B695F53FB3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{5C381146-2D0C-4159-9A94-7DB34B872FBD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{7091A608-9F5F-464B-8495-5DF58EE15F79}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{A4AAAC66-B600-4908-A69D-80A2B8C15F41}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{B3E9C747-5864-462B-ACCE-73308A195ACA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{B421620D-3E2D-4D40-A4B5-0243942BA896}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{E7303157-170E-4F15-9FA3-6B428E5BD533}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"TCP Query User{1FF98999-3102-45EA-9000-F1B543E06DA1}C:\program files\spectracal\pattern generator\patgen.exe" = protocol=6 | dir=in | app=c:\program files\spectracal\pattern generator\patgen.exe | 
"TCP Query User{518B6B35-B335-45FD-96BC-C2B3D426FD65}C:\program files\adobe\adobe flash builder 4\flashbuilder.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe flash builder 4\flashbuilder.exe | 
"TCP Query User{AC35CBA3-2129-466B-8A0F-6B2CB9B0CD5F}C:\program files\spectracal\pattern generator\patgen.exe" = protocol=6 | dir=in | app=c:\program files\spectracal\pattern generator\patgen.exe | 
"UDP Query User{0CEA07D4-498B-4094-9148-10ED5FC113BB}C:\program files\spectracal\pattern generator\patgen.exe" = protocol=17 | dir=in | app=c:\program files\spectracal\pattern generator\patgen.exe | 
"UDP Query User{D4A09DE1-D33D-4782-A20A-0F74710C3F6D}C:\program files\adobe\adobe flash builder 4\flashbuilder.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe flash builder 4\flashbuilder.exe | 
"UDP Query User{D4B50DB5-E490-491A-8DD2-4728D80C0046}C:\program files\spectracal\pattern generator\patgen.exe" = protocol=17 | dir=in | app=c:\program files\spectracal\pattern generator\patgen.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{3581a349-e9e0-474b-92c4-5d887eb9d5f4}" = DJ_SF_03_D2500_Software
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4a1789a1-33fd-427e-9027-dec4d7fe8fa5}" = D2500
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5680dfaf-b87b-455b-a0b1-0c77eb0b03ca}" = DJ_SF_03_D2500_Software_Min
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ac55e361-642f-46af-81f5-1c69fedb6706}" = DJ_SF_03_D2500_ProductContext
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_934" = Adobe Acrobat 9.3.4 - CPSID_83708
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AFAD41A9-9687-48A3-848F-693C11451433}" = HP Customer Experience Enhancements
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{c6d55c99-0700-44f6-8c46-3a0a14ee3d4c}" = D2500_Help
"{C8616041-2802-4DE2-B3BD-6285AAD65C2A}" = Nikon RAW Codec
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1E7142C-6BC3-49EB-A71A-E5D7ADAC7599}" = Nikon File Uploader 2
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E89B484C-B913-49A0-959B-89E836001658}" = GEAR 32bit Driver Installer
"{E8C2622C-9FF1-4F60-8008-A0208154F9F3}" = muvee autoProducer 6.1
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EE531675-A09C-51DD-F356-ECA9D6857039}" = Adobe Community Help
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FAC36425-4266-4DE4-9CB5-68FB4FB9385A}" = CalMAN Pattern Generator
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Alice" = Alice-Installationsdateien entfernen
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.3.4.1
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25180)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"NVIDIA Drivers" = NVIDIA Drivers
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Hardware Diagnose Tools
"Protect Disc License Helper" = Protect Disc License Helper 1.0.118
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"TuneUp Utilities" = TuneUp Utilities
"WinRAR archiver" = WinRAR
 
========== Last 10 Event Log Errors ==========
 
Error: Unable to start EventLog service!
 
< End of report >
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:38:52, on 28.09.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\System32\rundll32.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\mobsync.exe
C:\Users\***\Desktop\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://alice.aol.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://alice.aol.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://alice.aol.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {0124123D-61B4-456f-AF86-78C53A0790C5} - (no file)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O8 - Extra context menu item: An vorhandenes PDF anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Peggle/Images/stg_drm.ocx
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - hxxp://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-24-0.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - hxxp://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldde-de.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Peggle/Images/armhelper.ocx
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - hxxp://www.popcap.com/webgames/popcaploader_v10_de.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 7194 bytes
Code:
ATTFilter
GMER 1.0.15.14966 - hxxp://www.gmer.net
Rootkit scan 2010-09-28 22:52:49
Windows 6.0.6002 Service Pack 2


---- Kernel code sections - GMER 1.0.15 ----

PAGE            spsys.sys!?SPVersion@@3PADA + 1ABF                                                                   9F06D03F 110 Bytes  [8B, FF, 55, 8B, EC, 8B, 45, ...]
PAGE            spsys.sys!?SPVersion@@3PADA + 1B2F                                                                   9F06D0AF 1 Byte  [16]
PAGE            spsys.sys!?SPVersion@@3PADA + 1B2F                                                                   9F06D0AF 128 Bytes  [16, 3B, C8, 75, E2, B0, 01, ...]
PAGE            spsys.sys!?SPVersion@@3PADA + 1BB0                                                                   9F06D130 6 Bytes  [0E, 83, 78, 14, 01, 75]
PAGE            spsys.sys!?SPVersion@@3PADA + 1BB7                                                                   9F06D137 2298 Bytes  [83, 78, 18, 37, 75, 02, B3, ...]
PAGE            ...                                                                                                  

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdiplusShutdown]                [747C7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdipCloneImage]                 [7481A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdipDrawImageRectI]             [747CBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdipSetInterpolationMode]       [747BF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdiplusStartup]                 [747C75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdipCreateFromHDC]              [747BE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdipCreateBitmapFromStreamICM]  [747F8395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdipCreateBitmapFromStream]     [747CDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdipGetImageHeight]             [747BFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdipGetImageWidth]              [747BFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdipDisposeImage]               [747B71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdipLoadImageFromFileICM]       [7484CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdipLoadImageFromFile]          [747EC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdipDeleteGraphics]             [747BD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdipFree]                       [747B6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdipAlloc]                      [747B687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\explorer.exe[2548] @ C:\Windows\explorer.exe [gdiplus.dll!GdipSetCompositingMode]         [747C2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\fastfat \Fat                                                                             fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Service\Scheduler@Heartbeat              0xDA 0x95 0xA4 0x5D ...

---- Files - GMER 1.0.15 ----

File            C:\WINDOWS\System32\LogFiles\Scm\SCM.EVM                                                             (size mismatch) 12877824/3932160 bytes
File            C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl                                 (size mismatch) 98848/98696 bytes
File            C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl                                   (size mismatch) 700720/699928 bytes
File            C:\WINDOWS\System32\LogFiles\WUDF\WUDFTrace.etl                                                      (size mismatch) 36864/24576 bytes
File            C:\WINDOWS\System32\WDI\LogFiles\WdiContextLog.etl.002                                               (size mismatch) 770048/655360 bytes

---- EOF - GMER 1.0.15 ----

 

Themen zu Windows Dienste funktionieren nicht, keine Internetverbindung möglich
0 bytes, 32 bit, akamai, alternate, antivir, antivir guard, anwalt, avgntflt.sys, avira, bho, components, corp./icp, desktop, error, excel.exe, firefox, flash player, hijack, hijackthis, home, home premium, iastor.sys, install.exe, kein fund, keine internetverbindung, location, logfile, maßnahme, media center, microsoft office word, mozilla, nvlddmkm.sys, nvstor.sys, object, office 2007, oldtimer, otl logfile, otl.exe, plug-in, programdata, realtek, registry, rundll, sched.exe, searchplugins, security, security update, senden, sfc /scannow, shell32.dll, software, super, system, vista, windows


« IE 7 startet ztw. einen Virenscanner mit dem Hinweis, es seien Viren vorhanden. | Dlan Internetgeschwindigkeitsproblem »


Ähnliche Themen: Windows Dienste funktionieren nicht, keine Internetverbindung möglich


  1. Restart nachdem keine Internetverbindung möglich war und dann laufen irgendwelche Updates
    Plagegeister aller Art und deren Bekämpfung - 15.12.2015 (13)
  2. Windows 8.1: Proxyserver eingetragen - keine Internetverbindung möglich
    Plagegeister aller Art und deren Bekämpfung - 02.03.2015 (11)
  3. Nach Adware Cleaner Meldung: "Keine Internetverbindung". Keine Updates, kein Skype u.ä. mehr möglich!
    Antiviren-, Firewall- und andere Schutzprogramme - 08.01.2015 (15)
  4. Browser keine Internetverbindung, andere Programme sind verbunden und funktionieren
    Plagegeister aller Art und deren Bekämpfung - 26.11.2014 (7)
  5. Browser keine Internetverbindung, andere Programme sind verbunden und funktionieren (Windows 7)
    Alles rund um Windows - 23.11.2014 (3)
  6. Nach Avira Update keine Internetverbindung mehr möglich
    Antiviren-, Firewall- und andere Schutzprogramme - 14.08.2014 (2)
  7. Windows nach Virus neu aufgelegt und keine Internetverbindung (für mich) möglich
    Netzwerk und Hardware - 12.10.2013 (6)
  8. Browser können keine Verbindung anzeigen aber ping und andere Dienste ins Netz funktionieren
    Log-Analyse und Auswertung - 25.02.2013 (9)
  9. Avira findet ATRAPS.GEN und keine Internetverbindung möglich
    Log-Analyse und Auswertung - 17.05.2012 (6)
  10. Trotz Internetverbindung keine Verbindung zu bestimmten Seiten möglich
    Alles rund um Windows - 15.01.2012 (4)
  11. Keine Internetverbindung mehr möglich nach löschen von Trojaner
    Plagegeister aller Art und deren Bekämpfung - 13.11.2011 (1)
  12. Keine Internetverbindung mehr möglich
    Log-Analyse und Auswertung - 02.06.2010 (0)
  13. Fast alle Dienste deaktiviert! keine Aktivierungen mehr möglich...
    Plagegeister aller Art und deren Bekämpfung - 23.04.2010 (0)
  14. Anti-Spyware Programme werden geblockt, viele Dienste funktionieren nicht
    Plagegeister aller Art und deren Bekämpfung - 18.04.2010 (3)
  15. Internetverbindung extrem langsam / keine Updates möglich
    Log-Analyse und Auswertung - 03.01.2009 (1)
  16. windows dienste abgeschaltet -> keine verbindung zu ISDN-Anlage mehr möglich
    Antiviren-, Firewall- und andere Schutzprogramme - 24.02.2005 (1)
  17. Keine Datenübermittlung trotz Internetverbindung möglich
    Netzwerk und Hardware - 25.10.2003 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows Dienste funktionieren nicht, keine Internetverbindung möglich - Guten Abend, ich möchte um Rat für die Lösung folgender Probleme bitten, die seit heute Morgen auf meinem Desktop bestehen: -das System bootet extrem langsam -eine Internetverbindung lässt sich nicht - Windows Dienste funktionieren nicht, keine Internetverbindung möglich...
Archiv
Du betrachtest: Windows Dienste funktionieren nicht, keine Internetverbindung möglich auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19