|
Plagegeister aller Art und deren Bekämpfung: Mauscursor unpräzise SteuerungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
12.12.2010, 15:28 | #1 |
| Mauscursor unpräzise Steuerung Hallo allerseits, mein Mauscursor spinnt seit einiger Zeit, also er lääst sich nicht mehr so genau bewegen. Nach einem antivir suchlauf kamen folgende Viren/Trojaner: C:\Users\****\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\1c0702e6-27646895 JAVA/Agent.2212' [virus] C:\Users\Ngo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\3e36666f-5493f87c' EXP/Java.2009-3867' [exploit]. 'C:\Users\Ngo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\1c0702e6-27646895' JAVA/Agent.DU' [virus Ich habe sie vorerst in die Quaräntäne verschoben. hier ist mein OTL-Text Code:
ATTFilter OTL Extras logfile created on: 12/12/2010 3:13:28 PM - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Ngo\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 73.00% Memory free 8.00 Gb Paging File | 7.00 Gb Available in Paging File | 85.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 919.07 Gb Total Space | 874.58 Gb Free Space | 95.16% Space Free | Partition Type: NTFS Drive D: | 12.35 Gb Total Space | 1.51 Gb Free Space | 12.22% Space Free | Partition Type: NTFS Computer Name: NGO-HP | User Name: Ngo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series" = Canon MP540 series MP Drivers "{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit) "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu "{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "PC-Doctor for Windows" = Hardware Diagnostic Tools [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager "{495A8A3C-8FD0-4C46-9979-95C26181A1AB}" = HP Support Assistant "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation "{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer "{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video "{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update "{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2 "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F5C7FD70-2C0A-401E-95E9-916363567DDA}" = HP Setup "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call "{FA8BFB25-BF48-4F8B-8859-B30810745190}" = LightScribe System Software "{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video "7-Zip" = 7-Zip 4.65 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Age of Empires Gold 1.0" = Microsoft Age of Empires Gold "Age of Mythology 1.0" = Age of Mythology "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "CanonMyPrinter" = Canon Utilities My Printer "CCleaner" = CCleaner "Combat Arms EU" = Combat Arms EU "Cross Fire_is1" = Cross Fire En "DivX Setup.divx.com" = DivX-Setup "Foxit Reader" = Foxit Reader "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8 "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo "InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video "InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MP Navigator EX 2.0" = Canon MP Navigator EX 2.0 "Mp3tag" = Mp3tag v2.46a "MusicStationNetstaller" = MusicStation "PhotoScape" = PhotoScape "PokerStars.net" = PokerStars.net "Tunngle beta_is1" = Tunngle beta "Uninstall_is1" = Uninstall 1.0.0.1 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR "Yahoo! Messenger" = Yahoo! Messenger "Yenka" = Yenka ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 11/21/2010 12:44:01 PM | Computer Name = Ngo-HP | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: Engine.exe, Version: 0.0.0.0, Zeitstempel: 0x4cca188f Name des fehlerhaften Moduls: cshell.dll, Version: 0.0.0.0, Zeitstempel: 0x4cca1a60 Ausnahmecode: 0xc0000005 Fehleroffset: 0x003b6643 ID des fehlerhaften Prozesses: 0xfa0 Startzeit der fehlerhaften Anwendung: 0x01cb89992b89f466 Pfad der fehlerhaften Anwendung: C:\Nexon\Combat Arms EU\Engine.exe Pfad des fehlerhaften Moduls: C:\Nexon\Combat Arms EU\Game\cshell.dll Berichtskennung: 8a96e18f-f58e-11df-a0bf-78e7d1d99740 Error - 11/21/2010 1:24:41 PM | Computer Name = Ngo-HP | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: Engine.exe, Version: 0.0.0.0, Zeitstempel: 0x4cca188f Name des fehlerhaften Moduls: cshell.dll, Version: 0.0.0.0, Zeitstempel: 0x4cca1a60 Ausnahmecode: 0xc0000005 Fehleroffset: 0x003b6643 ID des fehlerhaften Prozesses: 0xc9c Startzeit der fehlerhaften Anwendung: 0x01cb899f127ace21 Pfad der fehlerhaften Anwendung: C:\Nexon\Combat Arms EU\Engine.exe Pfad des fehlerhaften Moduls: C:\Nexon\Combat Arms EU\Game\cshell.dll Berichtskennung: 38e838e3-f594-11df-b846-78e7d1d99740 Error - 11/22/2010 2:54:02 PM | Computer Name = Ngo-HP | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: Engine.exe, Version: 0.0.0.0, Zeitstempel: 0x4cca188f Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0a4c0000 ID des fehlerhaften Prozesses: 0xd4c Startzeit der fehlerhaften Anwendung: 0x01cb8a74b8c17e6e Pfad der fehlerhaften Anwendung: C:\Nexon\Combat Arms EU\Engine.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: debb507b-f669-11df-b568-78e7d1d99740 Error - 11/24/2010 2:42:21 PM | Computer Name = Ngo-HP | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 1.9.2.3951, Zeitstempel: 0x4cc7ae16 Name des fehlerhaften Moduls: FOXITR~1.OCX, Version: 1.0.1.224, Zeitstempel: 0x4b849404 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00002dce ID des fehlerhaften Prozesses: 0xcf0 Startzeit der fehlerhaften Anwendung: 0x01cb8c073d3bfec7 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad des fehlerhaften Moduls: C:\PROGRA~2\FOXITS~1\FOXITR~1\plugins\FOXITR~1.OCX Berichtskennung: 91a71697-f7fa-11df-abc0-78e7d1d99740 Error - 11/26/2010 2:49:22 PM | Computer Name = Ngo-HP | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 1.9.2.3951, Zeitstempel: 0x4cc7ae16 Name des fehlerhaften Moduls: FOXITR~1.OCX, Version: 1.0.1.224, Zeitstempel: 0x4b849404 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00002dce ID des fehlerhaften Prozesses: 0x390 Startzeit der fehlerhaften Anwendung: 0x01cb8d97a7b1b635 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad des fehlerhaften Moduls: C:\PROGRA~2\FOXITS~1\FOXITR~1\plugins\FOXITR~1.OCX Berichtskennung: e196d683-f98d-11df-b39b-78e7d1d99740 Error - 12/3/2010 11:32:20 AM | Computer Name = Ngo-HP | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: Engine.exe, Version: 0.0.0.0, Zeitstempel: 0x4ce4e419 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0a5b0000 ID des fehlerhaften Prozesses: 0xb98 Startzeit der fehlerhaften Anwendung: 0x01cb92f9ae13d88f Pfad der fehlerhaften Anwendung: C:\Nexon\Combat Arms EU\Engine.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 8418ea42-fef2-11df-9e1b-78e7d1d99740 Error - 12/4/2010 8:27:21 AM | Computer Name = Ngo-HP | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 1.9.2.3951, Zeitstempel: 0x4cc7ae16 Name des fehlerhaften Moduls: FOXITR~1.OCX, Version: 1.0.1.224, Zeitstempel: 0x4b849404 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00002dce ID des fehlerhaften Prozesses: 0xf38 Startzeit der fehlerhaften Anwendung: 0x01cb93ab8eaf0e23 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad des fehlerhaften Moduls: C:\PROGRA~2\FOXITS~1\FOXITR~1\plugins\FOXITR~1.OCX Berichtskennung: d6e7d6f3-ffa1-11df-a174-78e7d1d99740 Error - 12/4/2010 8:57:12 AM | Computer Name = Ngo-HP | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7600.16450, Zeitstempel: 0x4aebab8d Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7600.16644, Zeitstempel: 0x4c4ef25d Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000002884f2 ID des fehlerhaften Prozesses: 0x604 Startzeit der fehlerhaften Anwendung: 0x01cb93ab5fbb8bce Pfad der fehlerhaften Anwendung: C:\Windows\Explorer.EXE Pfad des fehlerhaften Moduls: C:\Windows\system32\SHELL32.dll Berichtskennung: 0249f460-ffa6-11df-a174-78e7d1d99740 Error - 12/5/2010 11:40:55 AM | Computer Name = Ngo-HP | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 1.9.2.3951, Zeitstempel: 0x4cc7ae16 Name des fehlerhaften Moduls: FOXITR~1.OCX, Version: 1.0.1.224, Zeitstempel: 0x4b849404 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00002dce ID des fehlerhaften Prozesses: 0xf40 Startzeit der fehlerhaften Anwendung: 0x01cb94914558bff3 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad des fehlerhaften Moduls: C:\PROGRA~2\FOXITS~1\FOXITR~1\plugins\FOXITR~1.OCX Berichtskennung: 0bb864f3-0086-11e0-9db9-78e7d1d99740 Error - 12/6/2010 1:46:29 PM | Computer Name = Ngo-HP | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 1.9.2.3951, Zeitstempel: 0x4cc7ae16 Name des fehlerhaften Moduls: FOXITR~1.OCX, Version: 1.0.1.224, Zeitstempel: 0x4b849404 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00002dce ID des fehlerhaften Prozesses: 0xe48 Startzeit der fehlerhaften Anwendung: 0x01cb95682bcb661d Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad des fehlerhaften Moduls: C:\PROGRA~2\FOXITS~1\FOXITR~1\plugins\FOXITR~1.OCX Berichtskennung: c0c05855-0160-11e0-9def-78e7d1d99740 [ System Events ] Error - 10/27/2010 12:59:43 AM | Computer Name = Ngo-HP | Source = Service Control Manager | ID = 7043 Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Error - 11/11/2010 12:00:45 PM | Computer Name = Ngo-HP | Source = Service Control Manager | ID = 7006 Description = Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error - 11/15/2010 5:42:00 PM | Computer Name = Ngo-HP | Source = DCOM | ID = 10016 Description = Error - 11/15/2010 5:45:11 PM | Computer Name = Ngo-HP | Source = DCOM | ID = 10016 Description = Error - 11/15/2010 5:45:57 PM | Computer Name = Ngo-HP | Source = DCOM | ID = 10016 Description = Error - 11/15/2010 8:13:00 PM | Computer Name = Ngo-HP | Source = DCOM | ID = 10016 Description = Error - 11/15/2010 8:13:10 PM | Computer Name = Ngo-HP | Source = DCOM | ID = 10016 Description = Error - 11/18/2010 3:41:21 PM | Computer Name = Ngo-HP | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Volumeschattenkopie erreicht. Error - 11/18/2010 3:41:21 PM | Computer Name = Ngo-HP | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Volumeschattenkopie" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 11/18/2010 3:41:31 PM | Computer Name = Ngo-HP | Source = DCOM | ID = 10005 Description = < End of report > Code:
ATTFilter OTL logfile created on: 12/12/2010 3:13:28 PM - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Ngo\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 73.00% Memory free 8.00 Gb Paging File | 7.00 Gb Available in Paging File | 85.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 919.07 Gb Total Space | 874.58 Gb Free Space | 95.16% Space Free | Partition Type: NTFS Drive D: | 12.35 Gb Total Space | 1.51 Gb Free Space | 12.22% Space Free | Partition Type: NTFS Computer Name: NGO-HP | User Name: Ngo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Ngo\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS) PRC - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard) ========== Modules (SafeList) ========== MOD - C:\Users\Ngo\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (ezSharedSvc) -- C:\Windows\SysNative\ezSharedSvcHost.exe File not found SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (VX3000) -- C:\Windows\SysNative\drivers\VX3000.sys (Microsoft Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/12 15:00:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/12 15:00:35 | 000,000,000 | ---D | M] [2010/09/11 15:09:53 | 000,000,000 | ---D | M] -- C:\Users\Ngo\AppData\Roaming\mozilla\Extensions [2010/12/12 11:03:01 | 000,000,000 | ---D | M] -- C:\Users\Ngo\AppData\Roaming\mozilla\Firefox\Profiles\yjysjok6.default\extensions [2010/09/19 18:05:34 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Ngo\AppData\Roaming\mozilla\Firefox\Profiles\yjysjok6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/09/11 16:44:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/09/11 16:44:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/09/11 16:44:37 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010/09/11 16:17:34 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll [2010/10/22 18:04:51 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010/10/22 18:04:51 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2010/10/22 18:04:51 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010/10/22 18:04:51 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010/10/22 18:04:51 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard) O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Ngo\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Ngo\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/12/12 14:46:10 | 000,189,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe [2010/12/12 14:46:10 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe [2010/12/12 14:46:10 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe [2010/12/12 14:46:06 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010/12/07 17:34:07 | 000,143,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iacenc.dll [2010/12/03 20:03:15 | 000,000,000 | ---D | C] -- C:\Users\Ngo\Documents\Tunngle [2010/12/03 20:03:12 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys [2010/12/03 20:03:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle [2010/11/27 20:12:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games [2010/11/19 16:54:47 | 000,000,000 | ---D | C] -- C:\Users\Ngo\Documents\Cross Fire [2010/11/16 19:09:51 | 000,000,000 | ---D | C] -- C:\Users\Ngo\AppData\Roaming\Canneverbe Limited [2010/11/16 19:09:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited [2010/11/16 19:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP ========== Files - Modified Within 30 Days ========== [2010/12/12 15:08:36 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/12/12 15:08:36 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/12/12 15:05:30 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010/12/12 15:05:30 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010/12/12 15:05:30 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010/12/12 15:05:30 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010/12/12 15:05:30 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010/12/12 15:01:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/12/12 15:01:12 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys [2010/12/12 14:59:20 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat [2010/12/12 14:46:06 | 000,521,448 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll [2010/12/12 14:46:06 | 000,189,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe [2010/12/12 14:46:06 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe [2010/12/12 14:46:06 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe [2010/12/12 12:14:38 | 000,107,815 | ---- | M] () -- C:\Users\Ngo\Desktop\800px-New-Map-Francophone_World.PNG [2010/12/07 20:15:29 | 000,361,528 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010/12/06 18:46:28 | 000,061,151 | ---- | M] () -- C:\Users\Ngo\Documents\44B02FF3d01.pdf [2010/11/28 13:30:15 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010/11/27 20:18:27 | 000,002,094 | ---- | M] () -- C:\Users\Public\Desktop\Age of Mythology.lnk [2010/11/15 17:25:54 | 001,960,452 | ---- | M] () -- C:\Users\Ngo\Documents\deutschblatt.jpg ========== Files Created - No Company Name ========== [2010/12/12 12:14:38 | 000,107,815 | ---- | C] () -- C:\Users\Ngo\Desktop\800px-New-Map-Francophone_World.PNG [2010/12/07 17:34:07 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll [2010/12/06 18:46:42 | 000,061,151 | ---- | C] () -- C:\Users\Ngo\Documents\44B02FF3d01.pdf [2010/11/27 20:18:27 | 000,002,094 | ---- | C] () -- C:\Users\Public\Desktop\Age of Mythology.lnk [2010/11/15 17:24:44 | 001,960,452 | ---- | C] () -- C:\Users\Ngo\Documents\deutschblatt.jpg [2010/09/11 16:33:04 | 000,000,284 | ---- | C] () -- C:\Users\Ngo\AppData\Roaming\wklnhst.dat [2010/05/20 14:26:30 | 000,015,498 | ---- | C] () -- C:\Windows\VX3000.ini [2010/02/10 02:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll < End of report > |
14.12.2010, 11:20 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Mauscursor unpräzise Steuerung Hallo und
__________________Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________ |
15.12.2010, 16:12 | #3 |
| Mauscursor unpräzise Steuerung es wurde nichts gefunden
__________________Code:
ATTFilter Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Datenbank Version: 5319 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 15.12.2010 16:08:24 mbam-log-2010-12-15 (16-08-24).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 313547 Laufzeit: 24 Minute(n), 42 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
15.12.2010, 16:32 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Mauscursor unpräzise Steuerung Dann wirst du wohl kaum ein Malwareproblem haben. Die ersten Funde im Java-Cache-Ordner haben sich schon oft als Fehlalarm entpuppt. Was hast du da für eine Maus? Eine optische oder noch mit Kugel? Mal ne andere Maus getestet?
__________________ Logfiles bitte immer in CODE-Tags posten |
15.12.2010, 17:34 | #5 |
| Mauscursor unpräzise Steuerung hm ich glaub lag wohl mehr an der maus. hab mir eine neue gekauft und java update gemacht. scheint wieder alles zu funktioniren. aber das malwarebites ist ja nur ein scanner kein vollwertiges antivirenprogramm oder? danke für die hilfe bis dahin |
Themen zu Mauscursor unpräzise Steuerung |
64-bit, 7-zip, adblock, adobe, antivir, autorun, avgntflt.sys, avira, bho, c:\windows\system32\rundll32.exe, canon, converter, defender, desktop, error, explorer, firefox.exe, flash player, format, home, home premium, ieframe.dll, install.exe, java agent, location, logfile, mausverzögerung, mozilla, mp3, oldtimer, otl.exe, plug-in, programdata, präzise, realtek, registry, rundll, saver, scan, sched.exe, searchplugins, security, server, shell32.dll, shortcut, software, syswow64, virus, webcheck, windows |