| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virusbefall? Windows startet nicht richtig "Problembericht senden"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.10.2010, 19:25
| #1 |
| |  Virusbefall? Windows startet nicht richtig "Problembericht senden" Hallo miteinander, ich habe folgendes Problem. Wenn ich meinen PC starte, dauert dies sehr lange. Nach einer gewissen Zeit gehen dann von mindestens 10 verschiedenen Programmen die "Problembericht senden"-Fenster auf. Wenn ich mich hier dann mal durchgeklickt habe, geht der PC irgendwann ganz normal, bis ich ihn wieder runterfahren will. Dann kommt bei mindestens 10 Programmen "Programm reagiert nicht" ich kann es dann nur über den "sofort beenden"-Button schließen. Somit dauert auch das PC runterfahren seine Zeit. Ich habe nun schon Anti-Malware, Stinger und OTL drüber laufen lassen. Es wurde nichts gefunden. Eine Zeit lang wurde der PC auch sofort wieder heruntergefahren "NT-Autorität System" diesen Wurm konnte ich aber meiner Meinung nach entfernen, da dieses Fenster nicht mehr aufgeht. Habt ihr eine Idee was das sein könnte? Hilft da nur noch formatieren oder habt ihr andere Ideen. Danke schonmal im voraus |
|
15.10.2010, 20:30
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Virusbefall? Windows startet nicht richtig "Problembericht senden"Zitat:
 Es könnten auch Hardwareprobleme sein. Ich würde vorschlagen, Du postest erstmal OTL-Logs und dann segen wir weiter: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
17.10.2010, 20:09
| #3 |
| | Virusbefall? Windows startet nicht richtig "Problembericht senden" hi, danke erst mal.
__________________hier die Log-File:OTL Logfile: Code:
ATTFilter OTL logfile created on: 17.10.2010 21:01:56 - Run 1 OTL by OldTimer - Version 3.2.15.2 Folder = C:\Dokumente und Einstellungen\Jens Müller\Eigene Dateien\Downloads Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 77,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 146,36 Gb Total Space | 93,41 Gb Free Space | 63,82% Space Free | Partition Type: NTFS Drive D: | 298,01 Gb Total Space | 298,00 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Drive E: | 146,81 Gb Total Space | 146,81 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Drive F: | 1,87 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive G: | 2,29 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive H: | 1,17 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive M: | 3,82 Gb Total Space | 3,68 Gb Free Space | 96,28% Space Free | Partition Type: FAT32 Computer Name: ACER-2C36AE85EB | User Name: Jens Müller | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Jens Müller\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\Winamp\winampa.exe () PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Programme\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH) PRC - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH) PRC - C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH) PRC - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe () PRC - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe (Symantec Corporation) PRC - C:\Programme\WebcamMax\wcmmon.exe () PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Norton AntiVirus\IWP\NPFMNTOR.EXE (Symantec Corporation) PRC - C:\Programme\Norton AntiVirus\NAVAPSVC.EXE (Symantec Corporation) PRC - C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) PRC - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCSETMGR.EXE (Symantec Corporation) PRC - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCEVTMGR.EXE (Symantec Corporation) PRC - C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service) PRC - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE (Symantec Corporation) PRC - C:\Programme\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) PRC - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.) PRC - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation) PRC - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.) PRC - C:\WINDOWS\system32\SysMonitor.exe ( ) PRC - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe (Acer Inc.) PRC - C:\Programme\Acer WLAN 11g USB Dongle\ZDWlan.exe (X-Micro Technology Corp.) PRC - C:\WINDOWS\Vm_sti.exe (Vimicro) PRC - C:\Programme\D-Link\Air USB Utility\AirCFG.exe (D-Link) PRC - C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe (America Online, Inc) PRC - C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe (America Online, Inc.) ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\Jens Müller\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\mlang.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) MOD - C:\WINDOWS\system32\winsta.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\wtsapi32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe File not found SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_0.EXE (Symantec Corporation) SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation) SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (AntiVirScheduler) -- C:\Programme\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Programme\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH) SRV - (Symantec Core LC) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe () SRV - (SNDSrvc) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe (Symantec Corporation) SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP) SRV - (NPFMntor) -- C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe (Symantec Corporation) SRV - (navapsvc) -- C:\Programme\Norton AntiVirus\navapsvc.exe (Symantec Corporation) SRV - (LiveUpdate Notice Service) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) SRV - (ccSetMgr) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe (Symantec Corporation) SRV - (ccEvtMgr) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe (Symantec Corporation) SRV - (NSCService) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE (Symantec Corporation) SRV - (Boonty Games) -- C:\Programme\Gemeinsame Dateien\BOONTY Shared\Service\Boonty.exe (BOONTY) SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (SPBBCSvc) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation) SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe (Acer Inc.) SRV - (SAVScan) -- C:\Programme\Norton AntiVirus\SAVScan.exe (Symantec Corporation) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (AOL ACS) -- C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe (America Online, Inc.) ========== Driver Services (SafeList) ========== DRV - (SetupNTGLM7X) -- G:\NTGLM7X.sys File not found DRV - (NTACCESS) -- G:\NTACCESS.sys File not found DRV - (MSICPL) -- G:\install4\MSICPL.sys File not found DRV - (ManyCam) -- C:\WINDOWS\System32\DRIVERS\ManyCam.sys File not found DRV - (GMSIPCI) -- G:\INSTALL\GMSIPCI.SYS File not found DRV - (EraserUtilDrv10822) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilDrv10822.sys File not found DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found DRV - (SYMIDSCO) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\SymcData\ids-diskless\20101013.001\SymIDSCo.sys (Symantec Corporation) DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation) DRV - (wimmount) -- C:\WINDOWS\system32\drivers\wimmount.sys (Microsoft Corporation) DRV - (PnkBstrK) -- C:\WINDOWS\system32\drivers\PnkBstrK.sys () DRV - (avgntflt) -- C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH) DRV - (avgio) -- C:\Programme\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH) DRV - (USBModem) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys (LG Electronics Inc.) DRV - (UsbDiag) -- C:\WINDOWS\system32\drivers\lgusbdiag.sys (LG Electronics Inc.) DRV - (usbbus) -- C:\WINDOWS\system32\drivers\lgusbbus.sys (LG Electronics Inc.) DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (rt2870) -- C:\WINDOWS\system32\drivers\rt2870.sys (Ralink Technology, Corp.) DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (CamthWDM) -- C:\WINDOWS\system32\drivers\CamthWDM.sys (YewSoft) DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation) DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation) DRV - (SYMIDS) -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS (Symantec Corporation) DRV - (SYMNDIS) -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS (Symantec Corporation) DRV - (SYMFW) -- C:\WINDOWS\System32\Drivers\SYMFW.SYS (Symantec Corporation) DRV - (SYMDNS) -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS (Symantec Corporation) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (ANIO) -- C:\WINDOWS\system32\ANIO.sys (Alpha Networks Inc.) DRV - (NAVEX15) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\VirusDefs\20061226.017\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\VirusDefs\20061226.017\NAVENG.SYS (Symantec Corporation) DRV - (eeCtrl) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (symlcbrd) -- C:\WINDOWS\system32\drivers\symlcbrd.sys (Symantec Corporation) DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows (R) 2000 DDK provider) DRV - (Hauppauge WinTV-HVR-1110) -- C:\WINDOWS\system32\drivers\HVR1110.sys (Hauppauge Computer Works Co.) DRV - (SPBBCDrv) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (NTIDrvr) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV - (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS) -- C:\WINDOWS\system32\drivers\ZD1211BU.sys (ZyDAS Technology Corporation) DRV - (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS) -- C:\WINDOWS\system32\drivers\ZD1211U.sys (ZyDAS Technology Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.) DRV - (SAVRTPEL) -- C:\Programme\Norton AntiVirus\Savrtpel.sys (Symantec Corporation) DRV - (SAVRT) -- C:\Programme\Norton AntiVirus\savrt.sys (Symantec Corporation) DRV - (IrBus) -- C:\WINDOWS\system32\drivers\irbus.sys (Microsoft Corporation) DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell) DRV - (int15.sys) -- C:\Acer\Empowering Technology\eRecovery\int15.sys () DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\Hdaudio.sys (Windows (R) Server 2003 DDK provider) DRV - (UBHelper) -- C:\WINDOWS\System32\drivers\UBHelper.sys () DRV - (m5287) -- C:\WINDOWS\system32\drivers\m5287.sys (ULi Electronics Inc.) DRV - (ZSMC301b) -- C:\WINDOWS\system32\drivers\usbVM31b.sys (VM) DRV - (ZDPSp50) -- C:\WINDOWS\system32\drivers\ZDPSp50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation) DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation) DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation) DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation) DRV - (USBCM) -- C:\WINDOWS\system32\drivers\Sacm2A.sys ( ) DRV - (PRISM_USB) -- C:\WINDOWS\system32\drivers\PRISMUSB.sys (GlobespanVirata, Inc.) DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = WEB.DE - E-Mail - Suche - DSL - De-Mail - Shopping - Entertainment IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/" FF - prefs.js..extensions.enabledItems: alaplaya@chibisuke:0.1.2 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7 FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=" FF - prefs.js..network.proxy.type: 4 FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.09.23 22:22:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.09.18 17:58:26 | 000,000,000 | ---D | M] [2010.03.22 22:17:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Extensions [2010.10.17 19:25:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\extensions [2010.06.15 18:16:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2006.11.04 14:29:09 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.09.18 18:04:14 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.07.23 11:51:56 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.03.30 13:28:49 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2008.08.20 11:28:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\extensions\alaplaya@chibisuke [2010.10.15 17:00:15 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\searchplugins\icqplugin-1.xml [2010.04.04 22:17:30 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\searchplugins\icqplugin-2.xml [2010.04.04 22:21:43 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\searchplugins\icqplugin-3.xml [2010.06.28 09:45:24 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\searchplugins\icqplugin-4.xml [2010.07.22 21:19:18 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\searchplugins\icqplugin-5.xml [2010.07.31 18:21:27 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\searchplugins\icqplugin-6.xml [2010.09.10 17:12:00 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\searchplugins\icqplugin-7.xml [2010.09.18 17:58:38 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\searchplugins\icqplugin-8.xml [2010.08.01 16:24:42 | 000,000,168 | ---- | M] () -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\searchplugins\icqplugin.gif [2010.08.01 16:24:42 | 000,000,618 | ---- | M] () -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\searchplugins\icqplugin.src [2010.03.30 13:38:51 | 000,000,944 | ---- | M] () -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\searchplugins\icqplugin.xml [2010.02.17 19:39:14 | 000,003,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Mozilla\Firefox\Profiles\8dsgcw3y.default\searchplugins\sweetim.xml [2010.10.17 19:25:41 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2007.01.27 20:54:12 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2009.07.14 18:37:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.03.17 22:54:36 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2007.06.14 22:05:53 | 000,000,000 | ---D | M] (WhenU) -- C:\Programme\Mozilla Firefox\extensions\{BEE3E87E-E1C6-4bfe-BE9D-48E84271AB34} [2010.05.30 19:49:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.05.30 19:48:47 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.07.22 21:18:49 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.07.22 21:18:50 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.07.22 21:18:50 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.07.22 21:18:50 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.07.22 21:18:50 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.10 21:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - No CLSID value found. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Burn4Free Toolbar Helper) - {60BF5EE3-0105-4858-AD98-17C19F86B042} - C:\Programme\Burn4Free Toolbar\v3.3.0.0\Burn4Free_Toolbar.dll () O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (CNavExtBho Class) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programme\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Burn4Free Toolbar) - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - C:\Programme\Burn4Free Toolbar\v3.3.0.0\Burn4Free_Toolbar.dll () O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programme\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programme\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Burn4Free Toolbar) - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - C:\Programme\Burn4Free Toolbar\v3.3.0.0\Burn4Free_Toolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe ( ) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service) O4 - HKLM..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe (America Online, Inc) O4 - HKLM..\Run: [avgnt] C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE (Vimicro) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [ccApp] C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [D-Link Air USB Utility] C:\Programme\D-Link\Air USB Utility\AirCFG.exe (D-Link) O4 - HKLM..\Run: [D-Link D-Link Wireless N DWA-140] C:\Programme\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe (D-Link) O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.) O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.) O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) O4 - HKLM..\Run: [UserFaultCheck] File not found O4 - HKLM..\Run: [WebcamMaxMoniter] C:\Programme\WebcamMax\wcmmon.exe () O4 - HKLM..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe () O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\system32\WinSys2.exe () O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe File not found O4 - HKCU..\Run: [EA Core] C:\Programme\Electronic Arts\EADM\Core.exe File not found O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [RGSC] C:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acer WLAN 11g USB Dongle.lnk = C:\Programme\Acer WLAN 11g USB Dongle\ZDWlan.exe (X-Micro Technology Corp.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe (America Online, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe File not found O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} hxxp://static.pe.studivz.net/photouploader/ImageUploader4.cab?nocache=20080128-1 (Image Uploader Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Java Plug-in 1.5.0_05) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005.11.02 02:28:06 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.07.05 20:37:13 | 000,003,504 | ---- | M] () - C:\AutoRun_Log(0000).txt -- [ NTFS ] O32 - AutoRun File - [2009.08.16 13:32:48 | 000,001,918 | ---- | M] () - C:\AutoRun_Log(0001).txt -- [ NTFS ] O32 - AutoRun File - [2009.08.26 19:52:46 | 000,001,918 | ---- | M] () - C:\AutoRun_Log(0002).txt -- [ NTFS ] O32 - AutoRun File - [2010.05.02 19:57:20 | 000,001,918 | ---- | M] () - C:\AutoRun_Log(0003).txt -- [ NTFS ] O32 - AutoRun File - [2009.06.10 23:44:18 | 000,000,049 | R--- | M] () - F:\AutoRun.inf -- [ UDF ] O32 - AutoRun File - [2009.07.14 13:08:11 | 000,000,043 | R--- | M] () - G:\autorun.inf -- [ UDF ] O33 - MountPoints2\{4a4ab26e-6965-11de-84b6-00038a000015}\Shell - "" = AutoRun O33 - MountPoints2\{4a4ab26e-6965-11de-84b6-00038a000015}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{4a4ab26e-6965-11de-84b6-00038a000015}\Shell\AutoRun\command - "" = N:\USBAutoRun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.10.16 23:43:31 | 000,000,000 | ---D | C] -- C:\Programme\Lavalys [2010.10.16 22:05:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jens Müller\Eigene Dateien\Downloads [2010.10.16 21:56:59 | 000,000,000 | ---D | C] -- C:\Programme\Windows Imaging [2010.10.16 21:54:43 | 000,000,000 | ---D | C] -- C:\Programme\Windows OPK [2010.10.15 17:03:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jens Müller\Lokale Einstellungen\Anwendungsdaten\ManyCam [2010.10.12 20:13:25 | 000,000,000 | ---D | C] -- C:\UpdatePack-Files [2010.10.11 20:13:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MpEngineStore [2010.10.09 15:17:34 | 000,000,000 | ---D | C] -- C:\DBControl [2010.10.09 15:17:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\DBControl [2010.10.09 15:17:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\DBControl [2010.10.09 15:17:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jens Müller\Lokale Einstellungen\Anwendungsdaten\DBControl [2009.10.10 14:58:53 | 000,015,429 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm2A.sys [2006.09.29 20:35:41 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.10.17 19:09:51 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk [2010.10.17 18:58:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.10.17 18:58:11 | 2146,881,536 | -HS- | M] () -- C:\hiberfil.sys [2010.10.17 00:23:18 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat [2010.10.17 00:03:03 | 000,002,544 | ---- | M] () -- C:\WINDOWS\diagwrn.xml [2010.10.17 00:03:03 | 000,001,890 | ---- | M] () -- C:\WINDOWS\diagerr.xml [2010.10.16 23:43:35 | 000,000,751 | ---- | M] () -- C:\Dokumente und Einstellungen\Jens Müller\Desktop\EVEREST Home Edition.lnk [2010.10.16 18:18:54 | 000,062,976 | ---- | M] () -- C:\Dokumente und Einstellungen\Jens Müller\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.10.16 14:16:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.10.15 17:12:01 | 000,000,301 | ---- | M] () -- C:\Dokumente und Einstellungen\Jens Müller\Lokale Einstellungen\Anwendungsdaten\DelUnist.bat [2010.10.13 19:22:37 | 000,320,336 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.10.09 15:16:38 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.10.01 20:04:57 | 000,000,586 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Vollständige Systemprüfung ausführen - Jens Müller.job [2010.09.29 18:10:26 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Jens Müller.job [2010.09.29 18:00:01 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan.job [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.10.16 23:43:35 | 000,000,751 | ---- | C] () -- C:\Dokumente und Einstellungen\Jens Müller\Desktop\EVEREST Home Edition.lnk [2010.10.16 21:37:36 | 000,002,544 | ---- | C] () -- C:\WINDOWS\diagwrn.xml [2010.10.16 21:37:36 | 000,001,890 | ---- | C] () -- C:\WINDOWS\diagerr.xml [2010.10.15 17:12:01 | 000,000,301 | ---- | C] () -- C:\Dokumente und Einstellungen\Jens Müller\Lokale Einstellungen\Anwendungsdaten\DelUnist.bat [2010.10.12 19:51:34 | 2146,881,536 | -HS- | C] () -- C:\hiberfil.sys [2010.10.09 15:17:31 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log [2010.10.09 15:17:31 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\googleupdate.log [2010.10.09 15:17:31 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Jens Müller\Lokale Einstellungen\Anwendungsdaten\googleupdate.log [2010.04.04 21:16:18 | 000,000,860 | ---- | C] () -- C:\WINDOWS\ATICIM.INI [2010.01.17 20:40:40 | 000,000,073 | -HS- | C] () -- C:\WINDOWS\System32\SYSDRV004.SYS [2010.01.17 20:40:36 | 000,000,422 | ---- | C] () -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\Karaoke-Sing-n-Burn.INI [2010.01.17 20:40:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\System32\SYSTMBXNDRV.SYS [2009.10.11 19:19:45 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll [2009.10.10 14:58:54 | 000,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys [2009.07.05 20:37:27 | 000,221,291 | ---- | C] () -- C:\WINDOWS\Imei_dll.dll [2009.07.05 20:37:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\Sublock.dll [2008.12.04 23:19:04 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\WlanApp.dll [2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2008.07.23 18:50:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008.07.23 18:46:38 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2008.04.30 19:05:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini [2008.04.30 18:54:36 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll [2008.04.30 18:54:31 | 000,266,240 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll [2008.04.30 18:54:31 | 000,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll [2008.04.30 18:54:31 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll [2008.04.30 18:54:30 | 000,009,728 | R--- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys [2008.04.30 18:54:30 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\sysinfo.sys [2008.01.26 00:42:32 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat [2008.01.13 18:05:40 | 000,715,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2008.01.02 16:57:00 | 000,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\PnkBstrK.sys [2007.11.30 18:31:11 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2007.11.13 14:13:39 | 000,006,537 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini [2007.11.10 20:51:40 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2007.06.19 08:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll [2007.05.18 16:36:25 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2007.05.18 16:29:06 | 000,000,745 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpzinstall.log [2007.04.20 07:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2007.04.20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2007.01.17 21:23:38 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\miccyhook.dll [2007.01.07 17:30:12 | 000,000,067 | ---- | C] () -- C:\WINDOWS\StationRipper.INI [2006.12.29 13:27:07 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html [2006.12.22 12:49:02 | 000,000,009 | ---- | C] () -- C:\WINDOWS\nfsc_patch.ini [2006.11.11 13:01:50 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006.10.09 21:20:14 | 000,062,976 | ---- | C] () -- C:\Dokumente und Einstellungen\Jens Müller\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006.09.30 10:19:21 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Jens Müller\Anwendungsdaten\wklnhst.dat [2006.09.29 23:44:22 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini [2006.09.29 20:35:41 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll [2006.09.29 20:34:57 | 000,006,212 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI [2006.09.29 20:26:25 | 000,000,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Jens Müller\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2006.09.22 22:49:03 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\HCW34Co.dll [2006.09.22 22:49:01 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006.09.22 22:49:01 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006.09.22 22:48:59 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006.09.22 22:48:58 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2006.09.22 22:48:57 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006.09.22 22:48:57 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2006.09.22 22:48:33 | 000,001,066 | ---- | C] () -- C:\WINDOWS\ALAUNCH.INI.BAK [2006.05.12 19:50:50 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MWLPS.dll [2006.05.12 19:39:22 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2006.05.10 00:18:48 | 000,000,117 | ---- | C] () -- C:\WINDOWS\alaunch.ini [2005.11.07 19:37:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005.11.02 02:28:24 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll [2005.11.02 02:27:50 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll [2005.11.02 02:27:50 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll [2005.11.02 02:27:50 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll [2005.11.02 02:27:50 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll [2005.11.02 01:58:34 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005.10.26 01:25:28 | 000,008,073 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2005.09.16 15:14:36 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2005.08.05 15:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2005.08.03 00:03:51 | 000,224,768 | ---- | C] () -- C:\WINDOWS\System32\b4fm.dll [2005.07.12 14:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL [2004.12.17 18:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys [2004.08.10 21:00:00 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2004.03.23 17:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll [2001.12.26 17:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll [2001.09.04 00:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll [2001.07.30 17:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll [2001.07.23 23:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll [2001.07.07 03:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI < End of report > Bin mal gespannt, was du da rauslesen kannst ;-) |
|
17.10.2010, 20:10
| #4 |
| | Virusbefall? Windows startet nicht richtig "Problembericht senden" und hier die zweite:OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 17.10.2010 21:01:56 - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Dokumente und Einstellungen\Jens Müller\Eigene Dateien\Downloads
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 146,36 Gb Total Space | 93,41 Gb Free Space | 63,82% Space Free | Partition Type: NTFS
Drive D: | 298,01 Gb Total Space | 298,00 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Drive E: | 146,81 Gb Total Space | 146,81 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Drive F: | 1,87 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 2,29 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 1,17 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive M: | 3,82 Gb Total Space | 3,68 Gb Free Space | 96,28% Space Free | Partition Type: FAT32
Computer Name: ACER-2C36AE85EB | User Name: Jens Müller | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\BearShare\BearShare.exe" = C:\Programme\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found
"C:\Programme\Java\jre1.5.0_06\bin\javaw.exe" = C:\Programme\Java\jre1.5.0_06\bin\javaw.exe:*:Disabled:Java(TM) 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\Programme\ICQLite\ICQLite.exe" = C:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite -- File not found
"C:\Programme\Ratajik Software\StationRipper\StationRipperConsole.exe" = C:\Programme\Ratajik Software\StationRipper\StationRipperConsole.exe:*:Enabled:StationRipperConsole -- File not found
"C:\Programme\Yahoo!\Messenger\YPager.exe" = C:\Programme\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- File not found
"C:\Programme\Yahoo!\Messenger\YServer.exe" = C:\Programme\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- File not found
"D:\Spiele\warhammer\Warhammer.exe" = D:\Spiele\warhammer\Warhammer.exe:*:Enabled:Warhammer®: Mark of Chaos™ -- File not found
"C:\Dokumente und Einstellungen\Jens Müller\Lokale Einstellungen\Temp\powerfootball\PowerFootball-D3D9.exe" = C:\Dokumente und Einstellungen\Jens Müller\Lokale Einstellungen\Temp\powerfootball\PowerFootball-D3D9.exe:*:Enabled:PowerFootball-D3D9 -- ()
"C:\Dokumente und Einstellungen\Jens Müller\Lokale Einstellungen\Temp\powerfootball\PowerFootball-OpenGL.exe" = C:\Dokumente und Einstellungen\Jens Müller\Lokale Einstellungen\Temp\powerfootball\PowerFootball-OpenGL.exe:*:Enabled:PowerFootball-OpenGL -- ()
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\Java\jre1.6.0_01\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_01\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre1.6.0_02\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_02\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Cyanide\Loki\Loki.exe" = C:\Programme\Cyanide\Loki\Loki.exe:*:Enabled:Loki -- File not found
"C:\Programme\Cyanide\Loki\Autorun\AutoRun.exe" = C:\Programme\Cyanide\Loki\Autorun\AutoRun.exe:*:Enabled:Loki - AutoRun -- File not found
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Gamigo Games\Smash Online\SmashOnline.exe" = C:\Gamigo Games\Smash Online\SmashOnline.exe:*:Enabled:SmashOnline -- File not found
"C:\Programme\KONAMI\Pro Evolution Soccer 2008\PES2008.exe" = C:\Programme\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 -- File not found
"C:\Programme\BearShare Applications\BearShare\BearShare.exe" = C:\Programme\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found
"C:\Programme\NetMeeting\conf.exe" = C:\Programme\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting® -- (Microsoft Corporation)
"C:\Programme\Real\RealPlayer\realplay.exe" = C:\Programme\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Programme\ICQ6\ICQ.exe" = C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Programme\Electronic Arts\EADM\Core.exe" = C:\Programme\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager -- File not found
"C:\Programme\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Programme\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- File not found
"C:\Programme\Java\jre1.6.0_05\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_05\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04440044-9149-45C6-A806-F2BF9CFCE762}" = Microsoft Encarta Enzyklopädie 2004
"{0CB98AC0-D691-4B21-AD3D-95982517021D}" = Acer WLAN 11g USB Dongle
"{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}" = ccCommon
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{228F6876-A313-40A3-91C0-C3CBE6997D09}" = Symantec
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{266CCC48-9AA1-404E-A1CB-558E8CC46F69}" = Windows OEM Preinstallation Kit
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}" = Internet Worm Protection
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2C3CE8F0-F4AD-4D54-A520-975309C617E2}" = LG PC Suite III
"{2CA94ED4-F38D-44B4-A79D-E5835E276EFC}" = Air USB Utility
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{2E1A71D5-7897-4F3F-B0E3-B412C86A646D}" = Need for Speed™ ProStreet
"{3248F0A8-6813-11D6-A77B-00B0D0150050}" = J2SE Runtime Environment 5.0 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}" = Norton AntiVirus Help
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}" = VIMICRO USB PC Camera
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{4EAD2E21-1D4A-4E2B-A082-8D08961539C9}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5B680750-760B-49E4-81E7-21B2B337F9F7}" = Microsoft Works
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7057702F-6D71-4F30-8000-9E72BC771887}" = Acer ePerformance Management
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC
"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{80A97464-A741-44B0-8AD6-0C16B1FEF7F6}" = Norton Security Scan
"{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}" = Norton Protection Center
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{83622A51-877C-4FB8-92BB-2572B3B4F4B8}" = OOBE06_Exp2
"{8704D51E-25B7-4F23-81E7-AA4F54790220}" = Microsoft AutoRoute v11.0
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8AD824A5-1CCC-4BB7-82C9-E6FB25CC0479}" = Vimicro USB PC Camera LTI301P
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9E4444A9-EC85-4433-8C69-A07504E4E501}" = SweetIM for Messenger 2.9
"{9FC8D8F8-AF3A-4488-98AF-51C6DEC732F2}" = c3100_Help
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B0DC2DA9-2AF9-422A-88E0-1B84E0F65DB5}" = Speed-Link SL-6535 USB Pad
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2006
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan
"{D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8}" = Norton AntiVirus SYMLT MSI
"{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}" = D-Link Wireless N DWA-140
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Foto Premium 9
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton AntiVirus Parent MSI
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB8C9964-09AC-48bf-8B98-027609C78251}" = C3100
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F325CF11-27CE-4872-8022-6E9EB27DF24F}" = NAVShortcut
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F64306A5-4C32-41bb-B153-53986527FAB4}" = Norton WMI Update
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers
"{FA200000-0001-0000-0000-074957833700}" = ABBYY PDF Transformer 2.0
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7A1E1C4F-CC6F-4BF0-BB81-7CFC3F655564" = GemMaster Mystic
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"America Online de" = AOL Deutschland
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"AOL Connectivity Services" = AOL Optimized Dial-In
"AOL YGP Screensaver" = AOL Meine Fotos Bildschirmschoner
"AOLCoach de" = AOL Coach Version 1.0(Build:20040201.2 de)
"ATI Display Driver" = ATI Display Driver
"Burn4Free" = Burn4Free CD and DVD
"Burn4Free Toolbar" = Burn4Free Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE2005 Software Encoder
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"ICQToolbar" = ICQ Toolbar
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{0CB98AC0-D691-4B21-AD3D-95982517021D}" = Acer WLAN 11g USB Dongle
"InstallShield_{2CA94ED4-F38D-44B4-A79D-E5835E276EFC}" = Air USB Utility
"InstallShield_{385979FE-DC4F-4140-8EAD-A59625000D72}" = NTI Backup NOW! 4
"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSSSetup.{D16D8A48-65A4-4B19-8A02-DC9A40FB80C4}" = Norton Security Scan (Symantec Corporation)
"NVIDIA Drivers" = NVIDIA Drivers
"OcaHistoryUpd" = OCA Client history tool install
"PictureIt_v9" = Microsoft Picture It! Foto Premium 9
"QuickTime" = QuickTime
"RealPlayer 6.0" = RealPlayer Basic
"Shockwave" = Shockwave
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SymSetup.{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2006 (Symantec Corporation)
"Uninstall_is1" = Uninstall 1.0.0.1
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6a
"WebcamMax" = WebcamMax
"WebSTAR DPC2100 Uninstall" = Scientific-Atlanta WebSTAR 2000 series Cable Modem
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WMFDist11" = Windows Media Format 11 runtime
"Works2004Setup" = Setup-Start von Microsoft Works 2004
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Managerfrauen Part 1" = Managerfrauen Part 1
"Managerfrauen Part 2" = Managerfrauen Part 2
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.10.2010 18:03:03 | Computer Name = ACER-2C36AE85EB | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung setup.exe, Version 6.1.7600.16385, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 17.10.2010 12:58:52 | Computer Name = ACER-2C36AE85EB | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 17.10.2010 12:59:07 | Computer Name = ACER-2C36AE85EB | Source = Media Center Receiver | ID = 4
Description = TV tuner malfunction. (0xc0040597) WebcamMax, WDM Video Capture
Error - 17.10.2010 13:00:27 | Computer Name = ACER-2C36AE85EB | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung hpwuschd2.exe, Version 70.0.170.0, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x1000457e.
Error - 17.10.2010 13:00:30 | Computer Name = ACER-2C36AE85EB | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung sweetim.exe, Version 2.9.0.3, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x0133457e.
Error - 17.10.2010 13:00:30 | Computer Name = ACER-2C36AE85EB | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung airncfg.exe, Version 4.1.3.415, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x0129457e.
Error - 17.10.2010 13:00:34 | Computer Name = ACER-2C36AE85EB | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung ICQ Service.exe, Version 1.0.0.1, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x1000457e.
Error - 17.10.2010 13:01:56 | Computer Name = ACER-2C36AE85EB | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung pdvdserv.exe, Version 6.0.0.1027, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x010b457e.
Error - 17.10.2010 13:03:43 | Computer Name = ACER-2C36AE85EB | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung MemCheck.exe, Version 2.0.2007.0, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x1000457e.
Error - 17.10.2010 13:05:12 | Computer Name = ACER-2C36AE85EB | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung ccapp.exe, Version 104.0.14.2, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x7add3c42.
[ System Events ]
Error - 11.10.2010 12:58:52 | Computer Name = ACER-2C36AE85EB | Source = Service Control Manager | ID = 7034
Description = Dienst "SeaPort" wurde unerwartet beendet. Dies ist bereits 1 Mal
passiert.
Error - 11.10.2010 13:01:33 | Computer Name = ACER-2C36AE85EB | Source = DCOM | ID = 10010
Description = Der Server "{7F6316B4-4D69-4765-B0A3-B2598F2FA80A}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 11.10.2010 13:02:01 | Computer Name = ACER-2C36AE85EB | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Remoteprozeduraufruf (RPC)" wurde unerwartet beendet.
Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000
Millisekunden durchgeführt: Starten Sie den Computer neu..
Error - 11.10.2010 13:02:04 | Computer Name = ACER-2C36AE85EB | Source = Service Control Manager | ID = 7034
Description = Dienst "AntiVir PersonalEdition Classic Guard" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
Error - 11.10.2010 13:02:36 | Computer Name = ACER-2C36AE85EB | Source = Service Control Manager | ID = 7034
Description = Dienst "SSDP Discovery Service" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
Error - 11.10.2010 13:08:14 | Computer Name = ACER-2C36AE85EB | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Automatisches
LiveUpdate - Scheduler.
Error - 11.10.2010 13:08:14 | Computer Name = ACER-2C36AE85EB | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Automatisches LiveUpdate - Scheduler" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 11.10.2010 13:08:14 | Computer Name = ACER-2C36AE85EB | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Media Center Receiver Service" wurde mit folgendem Fehler
beendet: %%2147500053
Error - 11.10.2010 13:08:14 | Computer Name = ACER-2C36AE85EB | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Norton AntiVirus Auto-Protect-Dienst" wurde mit folgendem
Fehler beendet: %%2147500053
Error - 17.10.2010 13:02:04 | Computer Name = ACER-2C36AE85EB | Source = Service Control Manager | ID = 7034
Description = Dienst "Bluetooth Support Service" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
< End of report >
|
|
| Themen zu Virusbefall? Windows startet nicht richtig "Problembericht senden" |
| anti-malware, beenden, entfernen, folge, folgendes, formatieren, laufen, miteinander, nicht mehr, nichts, problembericht senden, programm reagiert nicht, programme, programmen, reagiert, reagiert nicht, richtig, runterfahren, schließe, schonmal, senden, startet, startet nicht, startet nicht richtig, stinger, system, verschiedene, virusbefall?, windows, windows startet nicht, wurm |
Linear-Darstellung
