Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Festplattenspeicher wird ohne mein Zutun voll gemacht...

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 01.12.2010, 19:47   #1
Tommi.M.
 
Festplattenspeicher wird ohne mein Zutun voll gemacht... - Unglücklich

Festplattenspeicher wird ohne mein Zutun voll gemacht...



Moin,
Hab meinen Rechner ein wenig aufräumen wollen (Datenmüll entsorgen). Nachdem ich einen Neustart durchgeführt habe erkannte antivir folgenden Virus:

SPR/Tool.VBInject.365

Habe den dann gelöscht. Trotzdem wird der freie Speicherplatz auf meiner Festplatte ohne irgendwelches Zutun meinerseits immer weniger. Anbei mal die Logdateien. Vielen Dank für eure Hilfe!!!
ein verzweifeltes Computeropfer, das hofft das jetzt alles richtig gemacht zu haben...


Das hier hat Malwarebytes ausgespuckt:

Malwarebytes' Anti-Malware 1.46
ww.malwarebytes.org

Datenbank Version: 5227

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

01.12.2010 19:17:06
mbam-log-2010-12-01 (19-17-06).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 161373
Laufzeit: 13 Minute(n), 22 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\Programme\RelevantKnowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Programme\RelevantKnowledge\MSVCP71.DLL (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Programme\RelevantKnowledge\MSVCR71.DLL (Spyware.MarketScore) -> Quarantined and deleted successfully.



Das ist von OTL:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 01.12.2010 19:27:38 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Dokumente und Einstellungen\All Users\Desktop\MFtools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.014,00 Mb Total Physical Memory | 213,00 Mb Available Physical Memory | 21,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 144,75 Gb Total Space | 3,76 Gb Free Space | 2,60% Space Free | Partition Type: NTFS
Drive E: | 1,84 Gb Total Space | 0,67 Gb Free Space | 36,57% Space Free | Partition Type: FAT
 
Computer Name: LENOVO-E0FB4D5E | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\All Users\Desktop\MFtools\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Logitech\QuickCam\Quickcam.exe ()
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe ()
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\LQCVFX\COCIManager.exe (Logitech Inc.)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)
PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\WINDOWS\system32\TpShocks.exe (Lenovo.)
PRC - C:\Programme\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited)
PRC - C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo )
PRC - C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (Lenovo )
PRC - C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo )
PRC - C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo )
PRC - C:\Programme\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited)
PRC - C:\Programme\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Limited)
PRC - C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\TPHDEXLG.exe (Lenovo.)
PRC - C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\ThinkPad\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
PRC - c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe ()
PRC - C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited)
PRC - C:\Programme\Gemeinsame Dateien\Lenovo\Logger\logmon.exe ()
PRC - C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe ()
PRC - C:\Programme\ThinkVantage\AMSG\Amsg.exe (LENOVO)
PRC - C:\Programme\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe (IBM)
PRC - C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
PRC - C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited)
PRC - c:\Programme\Lenovo\System Update\SUService.exe ( )
PRC - C:\Programme\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
PRC - C:\Programme\Digital Line Detect\DLG.exe (Avanquest Software )
PRC - C:\Programme\Lenovo\ZOOM\TpScrex.exe (Lenovo Group Limited)
PRC - C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
PRC - C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIABE.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Programme\Gemeinsame Dateien\Installshield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\WINDOWS\twain_32\FlatBed\HotKey.Exe (Pmx. Electronics Ltd.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\All Users\Desktop\MFtools\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\Temp\logishrd\LVPrcInj01.dll (Logitech Inc.)
MOD - C:\WINDOWS\system32\BtMmHook.dll (Broadcom Corporation.)
MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Application Updater) -- C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (LVSrvLauncher) -- C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (LVPrcSrv) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LVCOMSer) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (IBMPMSVC) -- C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)
SRV - (CVPND) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (AcSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo )
SRV - (AcPrfMgrSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo )
SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (S24EventMonitor) Intel(R) -- C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (RegSrvc) Intel(R) -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (TPHDEXLGSVC) -- C:\WINDOWS\system32\TPHDEXLG.exe (Lenovo.)
SRV - (btwdins) -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (TVT Scheduler) -- c:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
SRV - (TVT Backup Protection Service) -- C:\Programme\Lenovo\Rescue and Recovery\rrpservice.exe ()
SRV - (TVT Backup Service) -- C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited)
SRV - (tvtnetwk) -- C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe ()
SRV - (TSSCoreService) -- C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe (IBM)
SRV - (ThinkVantage Registry Monitor Service) -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (IPSSVC) -- C:\WINDOWS\system32\IPSSVC.EXE (Lenovo Group Limited)
SRV - (SUService) -- c:\Programme\Lenovo\System Update\SUService.exe ( )
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Diskeeper) -- C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (UIUSys) -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS File not found
DRV - (SSPORT) -- C:\WINDOWS\System32\Drivers\SSPORT.sys File not found
DRV - (DgiVecp) -- C:\WINDOWS\System32\Drivers\DgiVecp.sys File not found
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys (B.H.A Corporation)
DRV - (seehcri) -- C:\WINDOWS\system32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\WINDOWS\system32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\WINDOWS\system32\drivers\lv302af.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (LVcKap) -- C:\WINDOWS\system32\drivers\Lvckap.sys (Logitech Inc.)
DRV - (tvtfilter) -- C:\WINDOWS\system32\drivers\tvtfilter.sys (Lenovo)
DRV - (pmem) -- C:\WINDOWS\system32\drivers\pmemnt.sys (Microsoft Corporation)
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (IBMPMDRV) -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys (Lenovo.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\CHDAudN.sys (Conexant Systems Inc.)
DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (TSMAPIP) -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS ()
DRV - (NETw4x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (smihlp) SMI Helper Driver (smihlp) -- C:\Programme\Gemeinsame Dateien\ThinkVantage Fingerprint Software\Drivers\smihlp.sys (UPEK Inc.)
DRV - (TcUsb) -- C:\WINDOWS\system32\drivers\tcusb.sys (UPEK Inc.)
DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (Shockprf) -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys (Lenovo.)
DRV - (TPDIGIMN) -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys (Lenovo.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (e1express) Intel(R) -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (iaStor) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (TVTPktFilter) -- C:\WINDOWS\system32\drivers\tvtpktfilter.sys (Lenovo Group Limited)
DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (TPPWRIF) -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS ()
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (PROCDD) -- C:\WINDOWS\system32\drivers\PROCDD.SYS (Lenovo Group Limited)
DRV - (TPHKDRV) -- C:\WINDOWS\system32\drivers\TPHKDRV.sys (IBM Corporation)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (btwmodem) -- C:\WINDOWS\system32\drivers\btwmodem.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (TVTI2C) -- C:\WINDOWS\system32\drivers\tvti2c.sys (Lenovo (United States) Inc.)
DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (IBMTPCHK) -- C:\WINDOWS\system32\drivers\IBMBLDID.sys ()
DRV - (ANC) -- C:\WINDOWS\system32\drivers\ANC.sys (IBM Corp.)
DRV - (risdptsk) -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys (REDC)
DRV - (atmeltpm) -- C:\WINDOWS\system32\drivers\atmeltpm.sys (Atmel, Inc.)
DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs LLC)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (Iviaspi) -- C:\WINDOWS\system32\drivers\iviaspi.sys (InterVideo, Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (G400) -- C:\WINDOWS\system32\drivers\G400m.sys (Matrox Graphics Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (ac97intc) Intel(r) 82801 Audiotreiber-Installationsdienst (WDM) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.windfinder.com/forecast/kiel_leuchtturm
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.order.2: "Amazon.de"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.windfinder.com/forecast/kiel_leuchtturm"
FF - prefs.js..browser.startup.homepage: "hxxp://go.web.de/home | hxxp://go.web.de/tab2"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: finder@meingutscheincode.de:1.0.2
FF - prefs.js..extensions.enabledItems: {40c3cc16-7269-4b32-9531-17f2950fb06f}:2.5.8.6
FF - prefs.js..keyword.URL: "hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q="
 
FF - HKLM\software\mozilla\Firefox\extensions\\support@predictad.com: C:\Programme\AutocompletePro\support@predictad.com File not found
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.10.29 07:45:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.10.29 07:45:43 | 000,000,000 | ---D | M]
 
[2008.08.08 22:23:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Extensions
[2010.12.01 12:34:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\modws4rk.default\extensions
[2010.07.28 22:00:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\modws4rk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.22 11:37:18 | 000,000,000 | ---D | M] (Winload Toolbar) -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\modws4rk.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
[2010.11.03 23:43:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\modws4rk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.10.17 11:09:06 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\modws4rk.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.11.22 11:37:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\modws4rk.default\extensions\finder@meingutscheincode.de
[2008.08.08 22:30:33 | 000,001,579 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\modws4rk.default\searchplugins\aol-search.xml
[2008.09.27 16:59:19 | 000,000,681 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\modws4rk.default\searchplugins\ask.xml
[2009.10.29 12:12:48 | 000,002,399 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Mozilla\Firefox\Profiles\modws4rk.default\searchplugins\daemon-search.xml
[2010.12.01 12:34:32 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.10.23 15:22:15 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.10.23 15:22:15 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.10.23 15:22:16 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.23 15:22:16 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.23 15:22:16 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.09.10 15:29:37 | 000,000,882 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 0.0.0.0 www.google-analytics.com
O1 - Hosts: 0.0.0.0 google-analytics.com
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll (Google Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll File not found
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll File not found
O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ACTray] C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo )
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AMSG] C:\Programme\ThinkVantage\AMSG\Amsg.exe (LENOVO)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AwaySch] C:\Programme\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL ()
O4 - HKLM..\Run: [cssauth] C:\Programme\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EPSON Stylus D68 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EZEJMNAP] C:\Programme\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [HotKey] C:\WINDOWS\twain_32\FlatBed\HotKey.Exe (Pmx. Electronics Ltd.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\Installshield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [LPManager] C:\Programme\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Programme\pdfforge Toolbar\SearchSettings.exe File not found
O4 - HKLM..\Run: [SoundMAX] C:\Programme\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TPFNF7] C:\Programme\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPHOTKEY] C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)
O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Digital Line Detect.lnk = C:\Programme\Digital Line Detect\DLG.exe (Avanquest Software )
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk = C:\WINDOWS\Installer\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}\Icon3E5562ED7.ico ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {4D054067-DE3A-48F9-B19B-BCD229B9AE8D} hxxp://www.samsungdp.com/printerhelp/ActiveX/DrPrinter.cab (PrinterHelpEtcActiveX Control)
O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} https://stream.web.de/mail/activex/mail_upload_11213.cab (Attachment Upload Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ACNotify: DllName - ACNotify.dll - C:\Programme\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo )
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\psfus: DllName - C:\WINDOWS\system32\psqlpwd.dll - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
O20 - Winlogon\Notify\tpfnf2: DllName - C:\Programme\Lenovo\HOTKEY\notifyf2.dll - C:\Programme\Lenovo\HOTKEY\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - C:\Programme\Lenovo\HOTKEY\tphklock.dll - C:\Programme\Lenovo\HOTKEY\tphklock.dll ()
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.01.27 03:18:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{db2356f4-99bf-11dd-9d0f-001c26fc7083}\Shell\AutoRun\command - "" = F:\gi2ky.exe -- File not found
O33 - MountPoints2\{db2356f4-99bf-11dd-9d0f-001c26fc7083}\Shell\open\Command - "" = F:\gi2ky.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.12.01 17:05:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Malwarebytes
[2010.12.01 17:04:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.01 17:04:41 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.01 17:04:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.12.01 17:04:40 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.12.01 17:01:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Desktop\MFtools
[2010.11.29 11:42:00 | 000,000,000 | ---D | C] -- C:\FormOver
[2010.11.22 11:37:23 | 000,000,000 | ---D | C] -- C:\Programme\Conduit
[2010.11.22 11:37:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\Conduit
[2010.11.18 07:59:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Desktop\Writing a Poem
[2010.11.15 10:28:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
[2010.11.15 10:28:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NortonInstaller
[2010.11.13 20:20:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Desktop\ipod
[2010.11.13 20:17:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Desktop\gsx
[2010.11.13 16:01:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\SharePod
[2010.11.11 18:12:19 | 001,000,992 | ---- | C] (Bennet-Tec Information Systems, Inc) -- C:\WINDOWS\System32\TList8.ocx
[2010.11.11 18:12:19 | 000,450,560 | ---- | C] (LogicNP Software (hxxp://www.ssware.com)) -- C:\WINDOWS\System32\fldrvw90.ocx
[2010.11.11 18:12:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\AllDup
[2010.11.11 18:12:18 | 002,344,880 | ---- | C] (Codejock Software) -- C:\WINDOWS\System32\Codejock.CommandBars.v13.2.1.ocx
[2010.11.11 18:12:18 | 000,171,752 | ---- | C] (Michael Thummerer Software Design) -- C:\WINDOWS\System32\mtRTF2.ocx
[2010.11.11 18:12:18 | 000,089,888 | ---- | C] (Michael Thummerer Software Design) -- C:\WINDOWS\System32\mtFrame.ocx
[2010.11.11 18:12:18 | 000,086,016 | ---- | C] (Michael Thummerer Software Design) -- C:\WINDOWS\System32\mtSplitter.ocx
[2010.11.11 18:12:18 | 000,044,736 | ---- | C] (Michael Thummerer Software Design) -- C:\WINDOWS\System32\mtSubclass.dll
[2010.11.11 18:12:16 | 000,000,000 | ---D | C] -- C:\Programme\AllDup
[2010.11.07 17:44:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010.11.07 17:18:32 | 000,000,000 | ---D | C] -- C:\Programme\SimpleOCR
[2010.11.03 20:38:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WindSolutions
[2010.11.03 20:38:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\WindSolutions
[2008.09.11 14:32:32 | 005,928,368 | ---- | C] (DVD Video Soft Limited. ) -- C:\Programme\FreeVideoToMp3Converter3113.exe
[2007.10.09 18:48:02 | 000,167,936 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2007.10.09 18:48:02 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010.12.01 19:23:12 | 000,002,423 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk
[2010.12.01 19:22:05 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2010.12.01 19:21:18 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.01 19:20:46 | 000,025,261 | ---- | M] () -- C:\WINDOWS\System32\PROCDB.INI
[2010.12.01 19:20:23 | 000,000,480 | ---- | M] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2010.12.01 19:20:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.12.01 19:20:17 | 1063,563,264 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.01 19:14:37 | 000,000,738 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Lehrersoftware Green Line.lnk
[2010.12.01 17:05:58 | 000,462,384 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.12.01 17:05:58 | 000,444,446 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.12.01 17:05:58 | 000,072,322 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.12.01 17:05:57 | 000,085,650 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.12.01 17:04:48 | 000,000,683 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.01 17:01:20 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Desktop\defogger.exe
[2010.12.01 17:01:19 | 000,288,107 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Desktop\Gmer.zip
[2010.12.01 16:59:09 | 000,471,560 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Desktop\Load.exe
[2010.12.01 11:42:30 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010.11.29 12:05:06 | 001,856,538 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Desktop\Sri Lanka.docx
[2010.11.28 22:49:25 | 000,212,480 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.24 21:07:38 | 000,837,007 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Desktop\100426_witn_zuma_report_au_bb-1.mp3
[2010.11.24 19:41:54 | 048,968,860 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Desktop\ANC Aids Denial - South Africa.flv
[2010.11.21 18:19:26 | 007,112,583 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Desktop\Culture Clan - Protect Thyself.flv
[2010.11.20 20:17:52 | 000,000,847 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Paint.NET.lnk
[2010.11.08 10:27:05 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.11.07 17:44:04 | 000,000,357 | ---- | M] () -- C:\WINDOWS\SoftWriting.ini
[2010.11.07 17:21:08 | 000,000,101 | ---- | M] () -- C:\WINDOWS\BUZZTWLC.INI
[2010.11.07 17:18:37 | 000,000,687 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Desktop\SimpleOCR.lnk
[2010.11.07 10:03:00 | 008,639,702 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Desktop\Udo Lindenberg.. Cello.mp4
[2010.11.02 15:00:42 | 000,012,172 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Desktop\word.docx
 
========== Files Created - No Company Name ==========
 
[2010.12.01 17:04:48 | 000,000,683 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.01 17:01:19 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Desktop\defogger.exe
[2010.12.01 17:01:17 | 000,288,107 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Desktop\Gmer.zip
[2010.12.01 16:59:09 | 000,471,560 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Desktop\Load.exe
[2010.11.29 10:42:24 | 001,856,538 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Desktop\Sri Lanka.docx
[2010.11.24 21:05:30 | 000,837,007 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Desktop\100426_witn_zuma_report_au_bb-1.mp3
[2010.11.24 19:22:14 | 048,968,860 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Desktop\ANC Aids Denial - South Africa.flv
[2010.11.21 18:19:26 | 007,112,583 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Desktop\Culture Clan - Protect Thyself.flv
[2010.11.20 20:17:52 | 000,000,847 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Paint.NET.lnk
[2010.11.18 07:56:20 | 000,034,304 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Desktop\Verlaufsplan f_r Unterrichtsentwurf _Why do you learn English__.doc
[2010.11.18 07:56:19 | 000,037,888 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Desktop\Why do you learn English_.doc
[2010.11.07 17:21:08 | 000,000,101 | ---- | C] () -- C:\WINDOWS\BUZZTWLC.INI
[2010.11.07 17:18:37 | 000,000,687 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Desktop\SimpleOCR.lnk
[2010.11.07 17:18:37 | 000,000,357 | ---- | C] () -- C:\WINDOWS\SoftWriting.ini
[2010.11.07 10:01:05 | 008,639,702 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Desktop\Udo Lindenberg.. Cello.mp4
[2010.10.28 00:00:37 | 000,177,176 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.10.01 16:19:19 | 000,000,551 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\AutoGK.ini
[2010.02.21 19:00:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010.02.21 18:58:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2010.02.21 18:58:22 | 000,000,141 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2010.02.21 18:58:17 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\brlmw03a.ini
[2010.02.21 18:58:08 | 000,009,030 | ---- | C] () -- C:\WINDOWS\HL-2030.INI
[2010.02.21 18:56:03 | 000,000,229 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2009.12.20 15:35:27 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009.12.18 16:36:28 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2009.11.04 14:25:52 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\cl31cl3.dll
[2009.10.29 12:06:49 | 000,721,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.09.27 16:53:19 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.07.23 19:02:58 | 000,066,482 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008.03.26 09:27:17 | 000,212,480 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.02.13 20:23:47 | 000,000,032 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ezsid.dat
[2008.02.11 12:27:28 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2008.02.05 17:20:08 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007.12.17 23:55:33 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4860.dll
[2007.12.17 23:55:32 | 000,910,464 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007.12.17 23:22:10 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007.10.10 02:31:15 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2007.10.09 19:17:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007.10.09 19:07:07 | 000,006,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2007.10.09 19:00:23 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007.10.09 18:58:36 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007.10.09 18:58:36 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007.10.09 18:58:36 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007.10.09 18:58:36 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007.10.09 18:58:36 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007.10.09 18:58:36 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007.10.09 18:49:59 | 000,012,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2007.10.09 18:48:48 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2007.10.09 18:48:02 | 009,598,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2007.10.09 18:48:02 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2007.10.09 18:46:58 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2007.04.03 15:18:26 | 000,197,672 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2007.04.03 15:18:06 | 000,193,576 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2007.03.02 13:15:36 | 000,025,261 | ---- | C] () -- C:\WINDOWS\System32\PROCDB.INI
[2007.03.02 13:15:25 | 000,000,480 | ---- | C] () -- C:\WINDOWS\System32\IPSCtrl.INI
[2007.02.27 16:48:38 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007.02.27 16:29:32 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2007.01.16 16:12:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006.09.05 13:20:36 | 000,079,400 | ---- | C] () -- C:\WINDOWS\System32\DEVMAN.DLL
[2006.01.27 18:18:01 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006.01.27 18:05:14 | 000,002,963 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006.01.26 18:09:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2001.11.14 11:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2000.08.29 14:40:10 | 000,006,137 | ---- | C] () -- C:\WINDOWS\System32\E1.ini
 
< End of report >
         
--- --- ---


und das ist das Extra Log von OTL:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 01.12.2010 19:27:38 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Dokumente und Einstellungen\All Users\Desktop\MFtools
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.014,00 Mb Total Physical Memory | 213,00 Mb Available Physical Memory | 21,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 144,75 Gb Total Space | 3,76 Gb Free Space | 2,60% Space Free | Partition Type: NTFS
Drive E: | 1,84 Gb Total Space | 0,67 Gb Free Space | 36,57% Space Free | Partition Type: FAT
 
Computer Name: LENOVO-E0FB4D5E | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.reg [@ = Regedit.Document] -- c:\Winnt\Regedit.exe File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\LimeWire\LimeWire.exe" = C:\Programme\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Programme\BitTorrent\bittorrent.exe" = C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" = C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player -- File not found
"C:\Programme\Free Music Zilla\FMZilla.exe" = C:\Programme\Free Music Zilla\FMZilla.exe:*:Enabled:FMZilla -- ()
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{075473F5-846A-448B-BCB3-104AA1760205}" = RecordNow Data
"{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message
"{1195D6DC-BBEB-41E5-A55B-50AF233CFAB2}" = Firefox 3.0 mit WEB.DE Ergänzungen
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad-Dienstprogramm 'EasyEject'
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = Dienstprogramm "ThinkPad UltraNav"
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Integrated Camera
"{3B0CFB08-515C-4AD4-89DF-997BF8545622}" = Nuance Voice Recorder
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41894269-0DD1-4C85-B3DD-1EB41B07621D}" = ThinkVantage Fingerprint Software 5.6
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{5791B7D3-8B34-4218-9750-6A8E45D0AD32}" = pdfforge Toolbar v1.1.2
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{639673E9-D53F-44F4-A046-485C8A6ADA15}" = Paint.NET v3.5.6
"{6444D9D9-CD6C-4464-B970-55C606C944DC}" = Logitech QuickCam
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Präsentationsdirektor
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77077FFF-8831-470F-9627-E86F06A50CCD}" = Avery Wizard 3.1
"{796E076A-82F7-4D49-98C8-DEC0C3BC733A}" = Diskeeper Lite
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{7FC3BBEC-5A91-41B0-9CB8-960EC4421411}" = InterVideo WinDVD Creator 3
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Energie-Manager
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = RecordNow Audio
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.5 - Deutsch
"{AC76BA86-7AD7-1031-7B44-A81300000003}_814" = KB408682
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = RecordNow Copy
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B334D9AE-1393-423E-97C0-3BDC3360E692}" = Sonic Icons for Lenovo
"{B5A7081A-0C91-41C1-9EFF-5BD8696053A2}" = SIMCardReaderPro
"{BCBF308E-7DE3-4D32-ABC7-A92F553CC829}" = Brother HL-2035
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C54ED2B6-1AF2-416F-BBA8-5E2B8CDCB5C4}" = XP Themes
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}" = Cisco Systems VPN Client 5.0.00.0340
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D728E945-256D-4477-B377-6BBA693714AC}" = Ergänzung zu Productivity Center für ThinkPad
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}" = Wallpapers
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{F055E1B2-8A05-4D87-8039-1BE979BA4193}" = Client Security Solution
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F151F2B3-0C32-44D3-90E2-E639B8024622}" = Rescue and Recovery
"{F705E3E1-A471-426B-9A09-73429F3418EE}" = System Migration Assistant
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"AllDup_is1" = AllDup 3.2.14
"Ashampoo Burning Studio 6" = Ashampoo Burning Studio 6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AwayTask" = Maintenance Manager
"Basketball Playbook 009_is1" = Basketball Playbook 009 j
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_17AA20DA" = HDAUDIO Soft Data Fax Modem with SmartCP
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"F13EE0B22AD5D087DFA50E3D4D6F13FC1AAAFB32" = Windows-Treiberpaket - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)
"Free Audio Converter_is1" = Free Audio Converter version 1.1
"Free Audio Dub_is1" = Free Audio Dub version 1.4
"Free Music Zilla_is1" = Free Music Zilla
"Free Video to Mp3 Converter_is1" = Free Video to Mp3 Converter version 3.1
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.8
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"GIMPshop" = GIMPshop 2.2.8
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Klett Lehrersoftware Green Line (Band 5)" = Klett Lehrersoftware Green Line (Band 5)
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.0 (Standard)
"Lenovo Registration" = Lenovo Registration
"lvdrivers_11.70" = Logitech QuickCam-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OnScreenDisplay" = Anzeige am Bildschirm
"PC-Doctor 5 for Windows" = PC-Doctor 5 für Windows
"PCMCIAPW" = ThinkPad PC Card Power Policy
"PDF Blender" = PDF Blender
"Picasa 3" = Picasa 3
"Power Management Driver" = ThinkPad Power Management Driver
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"Remove Multimedia Center" = Remove Multimedia Center
"Samsung CLP-310 Series" = Samsung CLP-310 Series
"SimpleOCR 3.1" = SimpleOCR 3.1
"Some PDF to Txt Converter_is1" = Some PDF to Txt Converter 1.5
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"Uninstall_is1" = Uninstall 1.0.0.1
"USB Scanner" = USB Scanner
"VLC media player" = VLC media player 0.9.9
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Aku Shaper" = Aku Shaper
"CopyTrans Suite" = Nur Deinstallierung der CopyTrans Suite möglich.
"HollowBoard Template Maker" = HollowBoard Template Maker
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 29.11.2010 15:15:00 | Computer Name = LENOVO-E0FB4D5E | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 29.11.2010 15:15:00 | Computer Name = LENOVO-E0FB4D5E | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1786703
 
Error - 29.11.2010 15:15:00 | Computer Name = LENOVO-E0FB4D5E | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1786703
 
Error - 29.11.2010 15:15:02 | Computer Name = LENOVO-E0FB4D5E | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 29.11.2010 15:15:02 | Computer Name = LENOVO-E0FB4D5E | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1788672
 
Error - 29.11.2010 15:15:02 | Computer Name = LENOVO-E0FB4D5E | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1788672
 
Error - 29.11.2010 17:43:10 | Computer Name = LENOVO-E0FB4D5E | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 29.11.2010 17:53:02 | Computer Name = LENOVO-E0FB4D5E | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 01.12.2010 10:00:22 | Computer Name = LENOVO-E0FB4D5E | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung wmpnetwk.exe, Version 11.0.5721.5145, fehlgeschlagenes
Modul kernel32.dll, Version 5.1.2600.5781, Fehleradresse 0x00012afb.
 
Error - 01.12.2010 10:48:40 | Computer Name = LENOVO-E0FB4D5E | Source = ABBYY FineReader 10 | ID = 1
Description = 
 
[ OSession Events ]
Error - 10.03.2010 10:01:21 | Computer Name = LENOVO-E0FB4D5E | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8037
seconds with 3240 seconds of active time. This session ended with a crash.
 
[ System Events ]
Error - 01.12.2010 06:39:01 | Computer Name = LENOVO-E0FB4D5E | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
 
Error - 01.12.2010 06:50:23 | Computer Name = LENOVO-E0FB4D5E | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
 
Error - 01.12.2010 10:01:21 | Computer Name = LENOVO-E0FB4D5E | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet
beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden
in 30000 Millisekunden durchgeführt: Starten Sie den Dienst neu..
 
Error - 01.12.2010 13:56:27 | Computer Name = LENOVO-E0FB4D5E | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
 
Error - 01.12.2010 13:57:01 | Computer Name = LENOVO-E0FB4D5E | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
 
Error - 01.12.2010 13:57:01 | Computer Name = LENOVO-E0FB4D5E | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
 
Error - 01.12.2010 14:20:23 | Computer Name = LENOVO-E0FB4D5E | Source = sr | ID = 1
Description = Beim Verarbeiten der Datei "" auf Volume "HarddiskVolume1" ist im 
Wiederherstellungsfilter der unerwartete Fehler "0xC0000001" aufgetreten. Die Volumeüberwachung
wurde angehalten.
 
Error - 01.12.2010 14:20:23 | Computer Name = LENOVO-E0FB4D5E | Source = sptd | ID = 262148
Description = Der Treiber hat einen internen Fehler in seinen Datenstrukturen für
festgestellt.
 
Error - 01.12.2010 14:20:30 | Computer Name = LENOVO-E0FB4D5E | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
 
Error - 01.12.2010 14:20:30 | Computer Name = LENOVO-E0FB4D5E | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
 
 
< End of report >
         
--- --- ---



Danke!!!

Alt 01.12.2010, 21:56   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Festplattenspeicher wird ohne mein Zutun voll gemacht... - Standard

Festplattenspeicher wird ohne mein Zutun voll gemacht...



Zitat:
01.12.2010 19:17:06
mbam-log-2010-12-01 (19-17-06).txt

Art des Suchlaufs: Quick-Scan
Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________

__________________

Antwort

Themen zu Festplattenspeicher wird ohne mein Zutun voll gemacht...
0x00000001, 0xc0000001, antivir, avgntflt.sys, avira, bho, bonjour, cdburnerxp, codejock software, converter, desktop, error, excel, festplatte, firefox, firefox.exe, flash player, fontcache, google, helper.exe, hilfe!!, iastor.sys, limewire, location, logfile, microsoft office word, mozilla, object, office 2007, oldtimer, otl logfile, otl.exe, pdfforge toolbar, picasa, plug-in, registry, rundll, saver, sched.exe, searchplugins, security, security update, senden, shell32.dll, software, speicherplatz, spigot, sptd.sys, spyware.marketscore, starten, studio, system restore, thinkvantage registry monitor service, torrent.exe, virus, vlc media player, windows internet, winload toolbar




Ähnliche Themen: Festplattenspeicher wird ohne mein Zutun voll gemacht...


  1. cmd.exe öffnet sich und lädt treiber ohne mein zutun
    Plagegeister aller Art und deren Bekämpfung - 31.03.2015 (20)
  2. Outlook startet im laufenden Betrieb immer wieder ohne mein Zutun
    Plagegeister aller Art und deren Bekämpfung - 30.03.2015 (23)
  3. Systemfestplatte wird ohne zutun voller
    Plagegeister aller Art und deren Bekämpfung - 23.03.2015 (23)
  4. Computer fährt runter OHNE mein zutun!
    Plagegeister aller Art und deren Bekämpfung - 04.03.2015 (37)
  5. Auf meinen neuen Rechner, wurde illegal was gedownloaded. ohne mein zutun
    Plagegeister aller Art und deren Bekämpfung - 26.11.2013 (3)
  6. ohne mein zutun wird "http://wisersearch.com/?channel=de" als Startseite ausgeführt.
    Log-Analyse und Auswertung - 26.09.2013 (19)
  7. Mein GMX-Account versendet Spam-Mails ohne mein zutun
    Plagegeister aller Art und deren Bekämpfung - 23.05.2012 (0)
  8. E-Mails werden ohne mein Zutun versendet
    Plagegeister aller Art und deren Bekämpfung - 03.05.2012 (1)
  9. Ominöse Emails werden ohne mein Zutun versendet
    Plagegeister aller Art und deren Bekämpfung - 01.05.2012 (7)
  10. Festplattenspeicher wird aufgefressen
    Log-Analyse und Auswertung - 18.12.2011 (1)
  11. Wallpaper ohne zutun geändert, Sicherheitscheck
    Log-Analyse und Auswertung - 11.10.2010 (1)
  12. Ordneröffnen Sound ohne Zutun + Netzwerkverkehrausschlag
    Mülltonne - 08.01.2010 (1)
  13. Ordneröffnen Sound ohne Zutun + Netzwerkverkehrausschlag
    Log-Analyse und Auswertung - 08.01.2010 (1)
  14. Festplattenspeicher wird immer kleiner!
    Plagegeister aller Art und deren Bekämpfung - 16.11.2009 (1)
  15. WinXP Indexdienst startet ohne mein Zutun
    Alles rund um Windows - 29.09.2006 (2)
  16. Browser öffnet sich ohne mein Zutun
    Plagegeister aller Art und deren Bekämpfung - 28.12.2005 (3)
  17. Traffic [upl und dwld] ohne mein zutun! Hilfe
    Plagegeister aller Art und deren Bekämpfung - 17.08.2004 (6)

Zum Thema Festplattenspeicher wird ohne mein Zutun voll gemacht... - Moin, Hab meinen Rechner ein wenig aufräumen wollen (Datenmüll entsorgen). Nachdem ich einen Neustart durchgeführt habe erkannte antivir folgenden Virus: SPR/Tool.VBInject.365 Habe den dann gelöscht. Trotzdem wird der freie Speicherplatz - Festplattenspeicher wird ohne mein Zutun voll gemacht......
Archiv
Du betrachtest: Festplattenspeicher wird ohne mein Zutun voll gemacht... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.