| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Schreckliche Gefahr von '007guard.com'!......?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
31.03.2011, 17:19
| #1 |
| |  Schreckliche Gefahr von '007guard.com'!......? Hallo zusammen, ich hoffe es findet sich jemand, der vielleicht Lust hätte, zwei Ahnungslose (mich und mein Laptop) unter die Arme und Kabel zu greifen...  Problemdarstellung: Ich habe vorgestern von Softonic-Seite den Apache-Server heruntergeladen. Bei der Installation von Apache wurde ich aufgefordert den Domainnamen, den Servernamen und Email anzugeben. Nach der Installation hat Apache auf Befehle, wie z.B. Anhalten, Neustarten nirgendwie reagiert. Also, Entscheidung: deinstallieren, Neuinstallation. Bei der erneuten Installation standen in den Namen-Eingabefeldern merkwürdigerweise bereits: Domain: '007guard.com', Server: 'wXw.007guard.com', Email: 'admin@007guard.com'. Hä??? -> Google-> Euer Forum -> Beiträge gelesen, dass '007guard.com' Spyware sei! -> Seit drei Tagen Kopfschmerzen!!!  Was bereits unternommen: 1. Avira Antivir: nichts gefunden. 2. Spybot S&D: nichts gefunden. 3. Ad-Avare: nichts gefunden. 4. Microsoft Windows-Tool zum Entfernen bösartiger Software: sauber. 5. Bei der Google-Suche wurde Sophos als guter Entferner von 007guard.com erwähnt -> Download -> Checken lassen, wer hätte es gedacht: nichts gefunden! 6. In Eurem Forum wurde oft HijackThis vorgeschlagen ->Download ->Logfile erstellt -> gleich auf HijackThis-Seite Onlineauswertung gemacht: nichts großartiges, nur paar fragliche Kleinigkeiten. 7. In einem anderen Forum wurden 'netstat -a' und 'netstat -b' vorgeschlagen -> Gemacht (obwohl keine Ahnung was das soll): bei 'netstat -a' wurden Aktive Verbindungen angezeigt. Daraus konnte ich leider keine Rückschlusse ziehen.netstat -b wollte komischerweise nicht starten, da 'höhere Rechte' bedarf (was für Rechte? Ich bin als Adminstrator angemeldet...  ).8. Bei der Registrierung in Eurem Forum wurde ich aufgefordert das System vorab mit Malwarebytes und OTL durchzuchecken -> Download, gemacht: beide haben nichts gefunden. Wie für Hilfesuchende in den Forumsregeln hier vorgeschrieben, poste ich unten die Logfiles von MWB und OTL. Weitere Überlegungen: 1. Der Ressourcenmonitor zeigt im Netzwerk-Fenster, dass 'wXw.007guard.com' immer mit läuft!  Dabei immer mit den Namen der zwei ausführbaren Prozessdateien: lxbtcoms.exe und lxbtmon.exe und gelegentlich mit dem Prozessdateinamen: firefox.exe. Die Anzahl an gesendeten/empfangenen Bytes/sec (lxbtcoms.exe und lxbtmon.exe) liegt pro Minunte durchschnitlich bei 2 (manchmal bei 10-14). Firefox.exe ist immer bei 0 Bytes/sec.2. Die 'lxbtcoms.exe' und 'lxbtmon.exe' gehören beide zum Verzeichnis Lx_Cats (Dateipfad verfolgt). Dabei wird Lx_Cats laut Google oft als Trojaner identifiziert und wird von Lexmark verwndet, um Druckverhalten auszuspionieren! (?) 'wXw.007guard.com' und Lexmark gehören zusammen??? Also, da die Sache langsam meine geringen  Kompetenzen übersteigt, wollte mich an Euch wenden: - soll '007guard.com' raus oder ist das Ding doch harmlos? - wie könnte man den raus kriegen? - Lexmark-Drucker mit dem Ganzen deinstallieren? Ich hoffe, ich habe nicht zu überfordernd alles beschrieben und dass hier jemand mir helfen könnte. Vielen Dank im VoRaUs! ______________________________________ Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6224 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 31.03.2011 14:38:49 mbam-log-2011-03-31 (14-38-49).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 150957 Laufzeit: 3 Minute(n), 33 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) ______________________________________________OTL Logfile: Code:
ATTFilter OTL logfile created on: 31.03.2011 14:39:39 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Desktop An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 111,88 Gb Total Space | 76,70 Gb Free Space | 68,55% Space Free | Partition Type: NTFS Drive D: | 111,00 Gb Total Space | 63,96 Gb Free Space | 57,63% Space Free | Partition Type: NTFS Drive F: | 8,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: *** | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA) PRC - C:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA) PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\System32\perfmon.exe (Microsoft Corporation) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Programme\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc) PRC - C:\Programme\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc) PRC - C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.) PRC - C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics) PRC - C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Samsung Electronics Co., Ltd.) PRC - C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe (SAMSUNG Electronics co., LTD.) PRC - C:\Programme\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc) PRC - C:\Programme\Sophos\AutoUpdate\ALMon.exe (Sophos Plc) PRC - C:\Programme\Lexmark 5200 Series\ezprint.exe (Lexmark International Inc.) PRC - C:\Programme\Lexmark 5200 Series\lxbtmon.exe (Lexmark International, Inc.) PRC - C:\Windows\System32\lxbtcoms.exe ( ) ========== Modules (SafeList) ========== MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (nTuneService) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA) SRV - (UpdateCenterService) -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA) SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (SAVAdminService) -- C:\Programme\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc) SRV - (SAVService) -- C:\Programme\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc) SRV - (Sophos AutoUpdate Service) -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc) SRV - (Samsung Update Plus) -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe () SRV - (lxbt_device) -- C:\Windows\System32\lxbtcoms.exe ( ) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (Lavasoft Kernexplorer) -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys () DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (nvoclock) -- C:\Windows\System32\drivers\nvoclock.sys (NVIDIA Corp.) DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (SAVOnAccess) -- C:\Windows\System32\drivers\savonaccess.sys (Sophos Plc) DRV - (SophosBootDriver) -- C:\Windows\System32\drivers\SophosBootDriver.sys (Sophos Plc) DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (s217mdm) -- C:\Windows\System32\drivers\s217mdm.sys (MCCI Corporation) DRV - (s217bus) Sony Ericsson Device 217 driver (WDM) -- C:\Windows\System32\drivers\s217bus.sys (MCCI Corporation) DRV - (s217mdfl) -- C:\Windows\System32\drivers\s217mdfl.sys (MCCI Corporation) DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 49 32 36 8C 4E EA CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2 FF - prefs.js..keyword.URL: "hxxp://search.yahoo.com/search?fr=panda&type=PCAFSI1194&p=" FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.03.13 22:52:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.23 19:36:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.23 19:36:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.03.26 02:44:52 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.9\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.03.26 02:45:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2011.03.26 02:45:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.03.26 16:36:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\4p9lzusz.default\extensions [2011.03.23 19:36:30 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.05.10 01:39:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.09.07 08:52:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.10.15 22:33:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010.12.22 01:16:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.02.22 22:12:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} File not found (No name found) -- [2010.05.10 01:39:01 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.09.07 08:52:27 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.10.15 22:33:43 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010.12.22 01:16:40 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.02.22 22:12:41 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.03.13 22:52:11 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml O1 HOSTS File: ([2010.07.21 00:28:39 | 000,411,980 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 www.123fporn.info O1 - Hosts: 14234 more lines... O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 5200 Series\ezprint.exe (Lexmark International Inc.) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [LXBTCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXBTtime.DLL () O4 - HKLM..\Run: [lxbtmon.exe] C:\Program Files\Lexmark 5200 Series\lxbtmon.exe (Lexmark International, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [Power2GoExpress] File not found O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008.02.26 19:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2008.02.26 19:28:20 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{1023f9b1-944a-11df-ba5a-a09072033e11}\Shell - "" = AutoRun O33 - MountPoints2\{1023f9b1-944a-11df-ba5a-a09072033e11}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008.02.26 19:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{5a22b49e-3b70-11df-8283-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{5a22b49e-3b70-11df-8283-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008.02.26 19:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{9889f6f9-9d93-11df-8da8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{9889f6f9-9d93-11df-8da8-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008.02.26 19:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{a3872234-9b1c-11df-8d2a-001377ad76c6}\Shell - "" = AutoRun O33 - MountPoints2\{a3872234-9b1c-11df-8d2a-001377ad76c6}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008.02.26 19:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{a5a0d07a-2fd8-11e0-8d46-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{a5a0d07a-2fd8-11e0-8d46-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008.02.26 19:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{a5a0d0b0-2fd8-11e0-8d46-001377ad76c6}\Shell - "" = AutoRun O33 - MountPoints2\{a5a0d0b0-2fd8-11e0-8d46-001377ad76c6}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008.02.26 19:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{a5a0d0b3-2fd8-11e0-8d46-001377ad76c6}\Shell - "" = AutoRun O33 - MountPoints2\{a5a0d0b3-2fd8-11e0-8d46-001377ad76c6}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008.02.26 19:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{bcfe152b-3443-11e0-bcfc-001377ad76c6}\Shell - "" = AutoRun O33 - MountPoints2\{bcfe152b-3443-11e0-bcfc-001377ad76c6}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008.02.26 19:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{c3216cfb-7286-11df-8d17-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{c3216cfb-7286-11df-8d17-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008.02.26 19:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{cbb38d58-3c12-11df-b9c4-001377ad76c6}\Shell - "" = AutoRun O33 - MountPoints2\{cbb38d58-3c12-11df-b9c4-001377ad76c6}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008.02.26 19:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{e97324a4-9450-11df-8d7a-001377ad76c6}\Shell - "" = AutoRun O33 - MountPoints2\{e97324a4-9450-11df-8d7a-001377ad76c6}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2008.02.26 19:28:20 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.03.31 14:03:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.03.31 14:03:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.03.31 14:03:23 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.03.31 13:52:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2011.03.31 01:15:05 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0 [2011.03.30 16:56:19 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Sophos [2011.03.30 16:14:40 | 000,130,088 | -H-- | C] (Sophos Plc) -- C:\Windows\System32\46546021.stf [2011.03.30 16:14:40 | 000,130,088 | ---- | C] (Sophos Plc) -- C:\Windows\System32\sdccoinstaller.dll [2011.03.30 16:14:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos [2011.03.30 16:14:15 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Cisco Systems [2011.03.30 16:14:11 | 000,023,552 | ---- | C] (Sophos Plc) -- C:\Windows\System32\SophosBootTasks.exe [2011.03.30 16:14:00 | 000,000,000 | ---D | C] -- C:\Programme\Sophos [2011.03.30 16:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos [2011.03.30 16:11:31 | 000,020,288 | ---- | C] (Sophos Plc) -- C:\Windows\System32\drivers\SophosBootDriver.sys [2011.03.30 16:11:30 | 000,085,312 | ---- | C] (Sophos Plc) -- C:\Windows\System32\drivers\savonaccess.sys [2011.03.30 16:11:24 | 000,000,000 | ---D | C] -- C:\stdtsa [2011.03.30 14:52:15 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\This.exe [2011.03.30 02:34:38 | 000,000,000 | ---D | C] -- C:\PHPMyAdmin [2011.03.30 02:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL [2011.03.30 02:30:51 | 000,000,000 | ---D | C] -- C:\Programme\MySQL [2011.03.30 02:30:51 | 000,000,000 | ---D | C] -- C:\ProgramData\MySQL [2011.03.30 02:19:42 | 000,000,000 | ---D | C] -- C:\Programme\Apache Software Foundation [2011.03.30 02:02:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PHP 5 [2011.03.30 02:02:46 | 000,000,000 | ---D | C] -- C:\Programme\PHP [2011.03.30 01:07:35 | 000,000,000 | ---D | C] -- C:\Joomla_1.5.22-Stable-Full_Package_German [2011.03.30 00:58:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XAMPP for Windows [2011.03.30 00:52:56 | 000,000,000 | ---D | C] -- C:\Programme\XAMPP [2011.03.26 18:30:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner [2011.03.26 18:30:16 | 000,101,504 | R--- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys [2011.03.26 18:30:16 | 000,023,424 | R--- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys [2011.03.26 02:45:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Thunderbird [2011.03.26 02:45:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Thunderbird [2011.03.26 02:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird [2011.03.26 02:44:46 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Thunderbird [2011.03.25 02:49:46 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\BVRP Software [2011.03.25 02:48:48 | 000,000,000 | ---D | C] -- C:\Programme\Avanquest update [2011.03.25 02:48:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Phone Tools [2011.03.25 02:47:45 | 000,000,000 | ---D | C] -- C:\Programme\Motorola Phone Tools [2011.03.25 02:47:45 | 000,000,000 | ---D | C] -- C:\ProgramData\BVRP Software [2011.03.25 00:20:20 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mfc42loc.dll [2011.03.25 00:19:57 | 000,092,064 | ---- | C] (MCCI) -- C:\Users\***\mqdmmdm.sys [2011.03.25 00:19:57 | 000,079,328 | ---- | C] (MCCI) -- C:\Users\***\mqdmserd.sys [2011.03.25 00:19:57 | 000,066,656 | ---- | C] (MCCI) -- C:\Users\***\mqdmbus.sys [2011.03.25 00:19:57 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Users\***\usbsermptxp.sys [2011.03.25 00:19:57 | 000,009,232 | ---- | C] (MCCI) -- C:\Users\***\mqdmmdfl.sys [2011.03.25 00:19:57 | 000,006,208 | ---- | C] (MCCI) -- C:\Users\***\mqdmcmnt.sys [2011.03.25 00:19:57 | 000,005,936 | ---- | C] (MCCI) -- C:\Users\***\mqdmwhnt.sys [2011.03.25 00:19:57 | 000,004,048 | ---- | C] (MCCI) -- C:\Users\***\mqdmcr.sys [2011.03.25 00:19:56 | 000,022,768 | ---- | C] (Microsoft Corporation) -- C:\Users\***\usbsermpt.sys [2011.03.24 16:32:19 | 000,000,000 | ---D | C] -- C:\Programme\GimpZusatz [2011.03.24 15:40:06 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\gegl-0.0 [2011.03.24 05:40:12 | 000,000,000 | ---D | C] -- C:\Programme\Inkscape [2011.03.24 05:29:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIMPshop [2011.03.24 05:29:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMPshop [2011.03.24 05:28:39 | 000,000,000 | ---D | C] -- C:\Programme\GIMPshop [2011.03.24 05:25:29 | 000,000,000 | ---D | C] -- C:\Programme\gimp-painter- [2011.03.24 05:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtRage 2 Starter Edition [2011.03.24 05:15:38 | 000,000,000 | ---D | C] -- C:\Programme\Ambient Design [2011.03.24 05:05:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\IsolatedStorage [2011.03.24 05:05:40 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Screenbrush [2011.03.24 05:05:37 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Screenbrush_GmbH [2011.03.24 05:05:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screenbrush [2011.03.24 05:05:14 | 000,000,000 | ---D | C] -- C:\Programme\Screenbrush [2011.03.24 05:01:19 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GimPhoto [2011.03.24 05:01:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GimPhoto [2011.03.24 05:01:17 | 000,000,000 | ---D | C] -- C:\Programme\GimPhoto 1.4.3 [2011.03.24 04:41:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP [2011.03.24 04:40:58 | 000,000,000 | ---D | C] -- C:\Programme\GIMP-2.0 [2011.03.24 04:37:39 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image Analyzer [2011.03.24 04:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Analyzer [2011.03.24 04:37:33 | 000,000,000 | ---D | C] -- C:\Programme\MeeSoft [2011.03.24 04:36:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape [2011.03.24 04:35:57 | 000,000,000 | ---D | C] -- C:\Programme\PhotoScape [2011.03.24 04:19:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoCardMaker [2011.03.24 04:18:58 | 000,000,000 | ---D | C] -- C:\Programme\PhotoCardMaker [2011.03.24 04:13:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Debugmode [2011.03.24 04:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugmode [2011.03.24 04:13:27 | 000,000,000 | ---D | C] -- C:\Programme\DebugMode [2011.03.24 03:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\merge [2011.03.24 03:53:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\(app) [2011.03.24 03:53:47 | 000,000,000 | ---D | C] -- C:\Programme\Merge [2011.03.24 02:45:39 | 000,000,000 | ---D | C] -- C:\Users\***\Pavark [2011.03.24 02:38:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus [2011.03.24 02:38:20 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Panda Security [2011.03.24 02:38:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\SurfSecret Privacy Suite [2011.03.24 02:35:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security [2011.03.24 02:35:03 | 000,000,000 | ---D | C] -- C:\Programme\Panda Security [2011.03.24 01:44:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aura [2011.03.24 01:43:19 | 000,000,000 | ---D | C] -- C:\Programme\Aura [2011.03.24 01:42:30 | 000,000,000 | ---D | C] -- C:\Aura Program [2011.03.24 01:18:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D [2011.03.24 01:18:34 | 000,000,000 | ---D | C] -- C:\Programme\Sweet Home 3D [2011.03.24 00:28:37 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\OneNote-Notizbücher [2011.03.18 03:04:27 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe [2011.03.18 02:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2011.03.13 22:52:13 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\xing shared [2011.03.13 22:52:06 | 000,198,848 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2011.03.13 22:51:53 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2011.03.13 22:51:53 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2011.03.13 22:51:51 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2011.03.13 22:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real [2011.03.13 22:51:40 | 000,000,000 | ---D | C] -- C:\Programme\Real [2011.03.13 22:51:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2011.03.13 22:51:32 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Real [2011.03.12 17:31:54 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Roaming\.# [2011.03.12 17:31:11 | 000,000,000 | ---D | C] -- C:\Programme\BMWi Rechtsform [2011.03.08 23:57:18 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011.03.08 23:57:17 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2011.03.08 23:57:15 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2011.03.08 23:57:14 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll [2011.03.08 23:57:14 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2011.03.08 23:57:14 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2011.03.06 19:09:32 | 000,000,000 | ---D | C] -- C:\Windows\WinClon [2010.04.02 09:53:55 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbtinpa.dll [2010.04.02 09:53:55 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbtiesc.dll [2010.04.02 09:53:55 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxbthcp.dll [2010.04.02 09:53:54 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbtserv.dll [2010.04.02 09:53:54 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxbtusb1.dll [2010.04.02 09:53:54 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbtpmui.dll [2010.04.02 09:53:54 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbtprox.dll [2010.04.02 09:53:54 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbtpplc.dll [2010.04.02 09:53:53 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbthbn3.dll [2010.04.02 09:53:53 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbtlmpm.dll [2010.04.02 09:53:53 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxbtih.exe [2010.04.02 09:53:52 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbtcomc.dll [2010.04.02 09:53:52 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxbtcoms.exe [2010.04.02 09:53:52 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbtcomm.dll [2010.04.02 09:53:52 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxbtcfg.exe [2006.11.24 07:14:44 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll [2006.11.24 07:14:44 | 000,126,976 | ---- | C] ( ) -- C:\Windows\System32\MACSSDK.dll ========== Files - Modified Within 30 Days ========== [2011.03.31 13:52:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2011.03.31 12:49:47 | 000,001,246 | ---- | M] () -- C:\Users\***\Desktop\Spybot - Search & Destroy.lnk [2011.03.31 12:32:44 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.03.31 12:32:44 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.03.31 12:30:52 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.03.31 12:30:52 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.03.31 12:30:52 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.03.31 12:30:52 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.03.31 12:23:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.03.31 12:23:45 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys [2011.03.31 01:14:26 | 000,007,614 | ---- | M] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg [2011.03.30 16:46:08 | 000,000,000 | -H-- | M] () -- C:\Users\***\Documents\Default.rdp [2011.03.30 16:15:30 | 000,000,951 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk [2011.03.30 14:52:17 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\This.exe [2011.03.30 01:06:14 | 007,131,508 | ---- | M] () -- C:\Joomla_1.5.22-Stable-Full_Package_German.zip [2011.03.30 00:59:51 | 000,001,844 | ---- | M] () -- C:\Users\***\Desktop\XAMPP Control Panel.lnk [2011.03.27 23:15:53 | 000,324,822 | ---- | M] () -- C:\Users\***\Desktop\pp.xps [2011.03.26 18:30:22 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\Mobile Partner.lnk [2011.03.26 02:44:54 | 000,001,951 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2011.03.25 02:47:36 | 000,092,064 | ---- | M] (MCCI) -- C:\Users\***\mqdmmdm.sys [2011.03.25 02:47:36 | 000,079,328 | ---- | M] (MCCI) -- C:\Users\***\mqdmserd.sys [2011.03.25 02:47:36 | 000,066,656 | ---- | M] (MCCI) -- C:\Users\***\mqdmbus.sys [2011.03.25 02:47:36 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Users\***\usbsermptxp.sys [2011.03.25 02:47:36 | 000,022,768 | ---- | M] (Microsoft Corporation) -- C:\Users\***\usbsermpt.sys [2011.03.25 02:47:36 | 000,009,913 | ---- | M] () -- C:\Users\***\MCCI_MDM.INF [2011.03.25 02:47:36 | 000,009,232 | ---- | M] (MCCI) -- C:\Users\***\mqdmmdfl.sys [2011.03.25 02:47:36 | 000,009,232 | ---- | M] () -- C:\Users\***\USB_MOT_BRIT.INF [2011.03.25 02:47:36 | 000,007,201 | ---- | M] () -- C:\Users\***\USBMOT2000.INF [2011.03.25 02:47:36 | 000,006,989 | ---- | M] () -- C:\Users\***\MCCI_BUS.INF [2011.03.25 02:47:36 | 000,006,208 | ---- | M] (MCCI) -- C:\Users\***\mqdmcmnt.sys [2011.03.25 02:47:36 | 000,006,141 | ---- | M] () -- C:\Users\***\USBMOT2000XP.INF [2011.03.25 02:47:36 | 000,005,960 | ---- | M] () -- C:\Users\***\USB_MOT_A1000.INF [2011.03.25 02:47:36 | 000,005,936 | ---- | M] (MCCI) -- C:\Users\***\mqdmwhnt.sys [2011.03.25 02:47:36 | 000,005,880 | ---- | M] () -- C:\Users\***\USB_CMCS_2000.INF [2011.03.25 02:47:36 | 000,004,477 | ---- | M] () -- C:\Users\***\MCCI_SDM.INF [2011.03.25 02:47:36 | 000,004,048 | ---- | M] (MCCI) -- C:\Users\***\mqdmcr.sys [2011.03.25 02:40:21 | 000,009,913 | ---- | M] () -- C:\Users\***\1301014055-(null) - Kopie (7) [2011.03.25 02:39:56 | 000,004,477 | ---- | M] () -- C:\Users\***\1301014055-(null) - Kopie (6) [2011.03.25 02:39:32 | 000,006,989 | ---- | M] () -- C:\Users\***\1301014055-(null) - Kopie (5) [2011.03.25 02:39:00 | 000,009,232 | ---- | M] () -- C:\Users\***\1301014055-(null) - Kopie (4) [2011.03.25 02:38:27 | 000,005,960 | ---- | M] () -- C:\Users\***\1301014055-(null) - Kopie (3) [2011.03.25 02:37:58 | 000,006,141 | ---- | M] () -- C:\Users\***\1301014055-(null) - Kopie (2) [2011.03.25 02:37:02 | 000,005,880 | ---- | M] () -- C:\Users\***\1301014055-(null) - Kopie [2011.03.25 02:36:24 | 000,007,201 | ---- | M] () -- C:\Users\***\1301014055-(null) [2011.03.25 02:16:34 | 000,016,476 | ---- | M] () -- C:\Users\***\1301013339-(null) - Kopie [2011.03.25 00:25:52 | 000,009,913 | ---- | M] () -- C:\Users\***\1301013339-(null) - Kopie (6) [2011.03.25 00:25:20 | 000,004,477 | ---- | M] () -- C:\Users\***\1301013339-(null) - Kopie (5) [2011.03.25 00:24:20 | 000,006,989 | ---- | M] () -- C:\Users\***\1301013339-(null) - Kopie (4) [2011.03.25 00:23:32 | 000,009,232 | ---- | M] () -- C:\Users\***\1301013339-(null) - Kopie (3) [2011.03.25 00:22:51 | 000,005,960 | ---- | M] () -- C:\Users\***\1301013339-(null) - Kopie (2) [2011.03.25 00:22:31 | 000,006,141 | ---- | M] () -- C:\Users\***\1301013339-(null) [2011.03.25 00:22:08 | 000,005,880 | ---- | M] () -- C:\Users\***\1301013338-(null) - Kopie [2011.03.25 00:21:26 | 000,007,201 | ---- | M] () -- C:\Users\***\1301013338-(null) [2011.03.24 16:16:07 | 000,000,930 | ---- | M] () -- C:\Users\***\Desktop\run_gimp - Verknüpfung.lnk [2011.03.23 19:36:32 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.03.18 03:04:59 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.03.17 02:51:29 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011.03.14 03:10:44 | 000,001,499 | ---- | M] () -- C:\Users\***\Desktop\BMWi - Verknüpfung.lnk [2011.03.13 22:52:06 | 000,198,848 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2011.03.13 22:51:53 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2011.03.13 22:51:53 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2011.03.13 22:51:51 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll ========== Files Created - No Company Name ========== [2011.03.30 21:17:52 | 000,007,614 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg [2011.03.30 16:46:08 | 000,000,000 | -H-- | C] () -- C:\Users\***\Documents\Default.rdp [2011.03.30 16:15:30 | 000,000,951 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk [2011.03.30 01:05:25 | 007,131,508 | ---- | C] () -- C:\Joomla_1.5.22-Stable-Full_Package_German.zip [2011.03.30 00:58:12 | 000,001,844 | ---- | C] () -- C:\Users\***\Desktop\XAMPP Control Panel.lnk [2011.03.27 23:15:51 | 000,324,822 | ---- | C] () -- C:\Users\***\Desktop\pp.xps [2011.03.26 18:30:22 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\Mobile Partner.lnk [2011.03.26 02:44:54 | 000,001,951 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2011.03.25 02:47:35 | 000,009,913 | ---- | C] () -- C:\Users\***\1301014055-(null) - Kopie (7) [2011.03.25 02:47:35 | 000,009,232 | ---- | C] () -- C:\Users\***\1301014055-(null) - Kopie (4) [2011.03.25 02:47:35 | 000,007,201 | ---- | C] () -- C:\Users\***\1301014055-(null) [2011.03.25 02:47:35 | 000,006,989 | ---- | C] () -- C:\Users\***\1301014055-(null) - Kopie (5) [2011.03.25 02:47:35 | 000,006,141 | ---- | C] () -- C:\Users\***\1301014055-(null) - Kopie (2) [2011.03.25 02:47:35 | 000,005,960 | ---- | C] () -- C:\Users\***\1301014055-(null) - Kopie (3) [2011.03.25 02:47:35 | 000,005,880 | ---- | C] () -- C:\Users\***\1301014055-(null) - Kopie [2011.03.25 02:47:35 | 000,004,477 | ---- | C] () -- C:\Users\***\1301014055-(null) - Kopie (6) [2011.03.25 02:35:39 | 000,016,476 | ---- | C] () -- C:\Users\***\1301013339-(null) - Kopie [2011.03.25 02:35:39 | 000,009,913 | ---- | C] () -- C:\Users\***\1301013339-(null) - Kopie (6) [2011.03.25 02:35:39 | 000,009,232 | ---- | C] () -- C:\Users\***\1301013339-(null) - Kopie (3) [2011.03.25 02:35:39 | 000,006,989 | ---- | C] () -- C:\Users\***\1301013339-(null) - Kopie (4) [2011.03.25 02:35:39 | 000,006,141 | ---- | C] () -- C:\Users\***\1301013339-(null) [2011.03.25 02:35:39 | 000,005,960 | ---- | C] () -- C:\Users\***\1301013339-(null) - Kopie (2) [2011.03.25 02:35:39 | 000,004,477 | ---- | C] () -- C:\Users\***\1301013339-(null) - Kopie (5) [2011.03.25 02:35:38 | 000,007,201 | ---- | C] () -- C:\Users\***\1301013338-(null) [2011.03.25 02:35:38 | 000,005,880 | ---- | C] () -- C:\Users\***\1301013338-(null) - Kopie [2011.03.25 00:19:57 | 000,009,913 | ---- | C] () -- C:\Users\***\MCCI_MDM.INF [2011.03.25 00:19:57 | 000,009,232 | ---- | C] () -- C:\Users\***\USB_MOT_BRIT.INF [2011.03.25 00:19:57 | 000,006,989 | ---- | C] () -- C:\Users\***\MCCI_BUS.INF [2011.03.25 00:19:57 | 000,006,141 | ---- | C] () -- C:\Users\***\USBMOT2000XP.INF [2011.03.25 00:19:57 | 000,005,960 | ---- | C] () -- C:\Users\***\USB_MOT_A1000.INF [2011.03.25 00:19:57 | 000,005,880 | ---- | C] () -- C:\Users\***\USB_CMCS_2000.INF [2011.03.25 00:19:57 | 000,004,477 | ---- | C] () -- C:\Users\***\MCCI_SDM.INF [2011.03.25 00:19:56 | 000,007,201 | ---- | C] () -- C:\Users\***\USBMOT2000.INF [2011.03.24 16:16:07 | 000,000,930 | ---- | C] () -- C:\Users\***\Desktop\run_gimp - Verknüpfung.lnk [2011.03.24 05:46:14 | 000,001,009 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk [2011.03.23 19:36:32 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.03.18 03:04:59 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011.03.18 03:04:59 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.03.14 03:10:44 | 000,001,499 | ---- | C] () -- C:\Users\***\Desktop\BMWi - Verknüpfung.lnk [2011.01.23 22:10:40 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2010.08.30 02:26:51 | 000,000,070 | ---- | C] () -- C:\Windows\WinInit.Ini [2010.04.02 09:53:55 | 000,274,432 | ---- | C] () -- C:\Windows\System32\lxbtinst.dll [2010.03.30 03:28:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.03.30 03:00:04 | 000,001,612 | ---- | C] () -- C:\Windows\HotFixList.ini [2010.03.30 02:57:07 | 000,000,135 | R--- | C] () -- C:\Windows\System32\lngEng.ini [2010.03.30 02:57:07 | 000,000,117 | ---- | C] () -- C:\Windows\System32\lngKor.ini [2010.03.30 02:47:57 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2010.03.30 01:25:51 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe [2010.03.16 20:45:52 | 000,095,994 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin [2009.08.23 21:41:22 | 000,197,424 | ---- | C] () -- C:\Windows\System32\vpnapi.dll [2009.07.14 10:47:43 | 000,654,166 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.07.14 10:47:43 | 000,130,006 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 06:33:53 | 000,385,376 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009.07.14 04:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009.07.14 04:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2007.02.26 16:49:12 | 006,139,774 | ---- | C] () -- C:\Windows\imagine digital freedom.dat [2007.02.22 18:32:00 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbtcoin.dll [2007.02.15 09:51:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\NDADLL.dll [2006.11.29 10:00:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\MAWebControl.exe [2006.11.29 10:00:28 | 000,307,200 | ---- | C] () -- C:\Windows\System32\LDBGenWizView.dll [2006.10.09 03:01:28 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll [2005.08.18 06:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbtvs.dll [2005.05.25 09:07:26 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbtcnv4.dll < End of report > ___________________________________________OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 31.03.2011 14:39:39 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Desktop
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,88 Gb Total Space | 76,70 Gb Free Space | 68,55% Space Free | Partition Type: NTFS
Drive D: | 111,00 Gb Total Space | 63,96 Gb Free Space | 57,63% Space Free | Partition Type: NTFS
Drive F: | 8,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{034759DA-E21A-4795-BFB3-C66D17FAD183}" = Sophos Anti-Virus
"{08B785C1-3893-4154-B53B-F5D341D0AAAA}" = Cisco Systems VPN Client 5.0.06.0110
"{15C418EB-7675-42be-B2B3-281952DA014D}" = Sophos AutoUpdate
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{2767A976-0FC8-350F-FA4E-31F6447AC14C}" = BMWi Zeiterfassung 1.5
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{394C2C3E-CA18-4216-B430-ACDD82C26973}" = ArtRage 2 Starter Edition
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CD4C30E-BD82-4592-B64A-8AD9784ECA9F}" = BMWi-Softwarepaket 10
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"{51DDFE79-3B2B-4AC7-8CAD-803D7D0DF6DD}" = MySQL Server 6.0
"{525BA381-389C-4975-BDD3-C36DCF66D5BD}" = BMWi Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7877F795-2C57-4DE8-A96D-DBD52373D89E}" = BMWi-Interaktive Programme
"{79846AA4-622E-5B48-18B2-02F53F423DFE}" = BMWi-Businessplaner Fuehren
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C1CE7EE2-8BCE-4F22-85C0-58331E33621E}" = Motorola Phone Tools
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E24242E3-A4FF-FC3C-05F2-C83A9C821971}" = BMWi-Businessplaner Gruenden
"{E24BF4D7-690E-4B51-9F5F-D1E0D22C5751}" = PHP 5.3.6
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{ED06FF37-178B-47EC-8C39-8152A1DD645C}" = Screenbrush 1.2.5
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Aura" = Aura
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BMWi Updater" = BMWi Updater
"BMWiBusinessplanerFuehren" = BMWi-Businessplaner Fuehren
"BMWiBusinessplanerGruenden" = BMWi-Businessplaner Gruenden
"BMWi-Softwarepaket 10" = BMWi-Softwarepaket 10
"DebugMode Wink" = DebugMode Wink
"DivX Setup.divx.com" = DivX-Setup
"FileZilla Client" = FileZilla Client 3.3.4.1
"GimPhoto" = GimPhoto 1.4.3
"GIMPshop" = GIMPshop 2.2.8
"HUAWEI DataCard Driver" = HUAWEI DataCard Driver 4.05.00.00
"Image Analyzer" = Image Analyzer
"Inkscape" = Inkscape 0.48.1
"InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0
"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{955597D8-E5E1-474D-B647-60AC44566D24}" = Play AVStation
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"Lexmark 5200 Series" = Lexmark 5200 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"merge_is1" = Merge Version 2.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9)
"NetObjects Fusion Essentials" = NetObjects Fusion Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Nvu_is1" = Nvu 1.0
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PhotoCardMaker_is1" = PhotoCardMaker 1.0.2
"PhotoScape" = PhotoScape
"RealPlayer 12.0" = RealPlayer
"Sweet Home 3D_is1" = Sweet Home 3D version 3.1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinGimp-2.0_is1" = GIMP 2.6.10
"Zeiterfassung.6E382B54F302B7E9C6B2FE0F7306F12B647405FB.1" = BMWi Zeiterfassung 1.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 06.02.2011 20:00:28 | Computer Name = *** | Source = RasClient | ID = 20227
Description =
Error - 06.02.2011 20:00:33 | Computer Name = *** | Source = RasClient | ID = 20227
Description =
Error - 08.02.2011 13:23:32 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\BMWi\BMWi
Updater\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\BMWi\BMWi
Updater\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element
ist ungültig.
Error - 08.02.2011 13:25:47 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\spybot
- search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
files\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 11.02.2011 13:07:57 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\BMWi\BMWi
Updater\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\BMWi\BMWi
Updater\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element
ist ungültig.
Error - 11.02.2011 13:10:10 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\spybot
- search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
files\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 11.02.2011 16:18:30 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 1.9.2.3989,
Zeitstempel: 0x4cf9293f Name des fehlerhaften Moduls: Updater.api_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4c9b3922 Ausnahmecode: 0xc0000005 Fehleroffset: 0x6ed5da0f
ID
des fehlerhaften Prozesses: 0xea8 Startzeit der fehlerhaften Anwendung: 0x01cbc9e92b096b9c
Pfad
der fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe Pfad des
fehlerhaften Moduls: Updater.api Berichtskennung: 16f63df5-361c-11e0-913c-001377ad76c6
Error - 12.02.2011 04:27:58 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: EMMSN.exe, Version: 8.6.5.334, Zeitstempel:
0x4cf52408 Name des fehlerhaften Moduls: EMMSN.exe, Version: 8.6.5.334, Zeitstempel:
0x4cf52408 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0007c2ce ID des fehlerhaften Prozesses:
0xa28 Startzeit der fehlerhaften Anwendung: 0x01cbca8c909cc552 Pfad der fehlerhaften
Anwendung: C:\Program Files\o2\Mobile Connection Manager\EMMSN.exe Pfad des fehlerhaften
Moduls: C:\Program Files\o2\Mobile Connection Manager\EMMSN.exe Berichtskennung:
fed77bef-3681-11e0-9106-001377ad76c6
Error - 14.02.2011 18:42:10 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\BMWi\BMWi
Updater\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\BMWi\BMWi
Updater\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element
ist ungültig.
Error - 14.02.2011 18:44:19 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\spybot
- search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
files\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs
im assemblyIdentity-Element ist ungültig.
[ Media Center Events ]
Error - 19.04.2010 07:33:07 | Computer Name = *** | Source = MCUpdate | ID = 0
Description = 13:33:07 - Fehler beim Herstellen der Internetverbindung. 13:33:07
- Serververbindung konnte nicht hergestellt werden..
Error - 19.04.2010 07:33:17 | Computer Name = *** | Source = MCUpdate | ID = 0
Description = 13:33:12 - Fehler beim Herstellen der Internetverbindung. 13:33:12
- Serververbindung konnte nicht hergestellt werden..
Error - 03.05.2010 16:54:41 | Computer Name = *** | Source = MCUpdate | ID = 0
Description = 22:54:41 - Fehler beim Herstellen der Internetverbindung. 22:54:41
- Serververbindung konnte nicht hergestellt werden..
Error - 03.05.2010 16:54:50 | Computer Name = *** | Source = MCUpdate | ID = 0
Description = 22:54:46 - Fehler beim Herstellen der Internetverbindung. 22:54:46
- Serververbindung konnte nicht hergestellt werden..
Error - 14.05.2010 17:11:03 | Computer Name = *** | Source = MCUpdate | ID = 0
Description = 23:11:03 - Fehler beim Herstellen der Internetverbindung. 23:11:03
- Serververbindung konnte nicht hergestellt werden..
Error - 14.05.2010 17:11:15 | Computer Name = *** | Source = MCUpdate | ID = 0
Description = 23:11:09 - Fehler beim Herstellen der Internetverbindung. 23:11:09
- Serververbindung konnte nicht hergestellt werden..
Error - 20.05.2010 15:52:27 | Computer Name = *** | Source = MCUpdate | ID = 0
Description = 21:52:27 - Fehler beim Herstellen der Internetverbindung. 21:52:27
- Serververbindung konnte nicht hergestellt werden..
Error - 20.05.2010 15:52:36 | Computer Name = *** | Source = MCUpdate | ID = 0
Description = 21:52:32 - Fehler beim Herstellen der Internetverbindung. 21:52:32
- Serververbindung konnte nicht hergestellt werden..
Error - 27.05.2010 16:39:37 | Computer Name = *** | Source = MCUpdate | ID = 0
Description = 22:39:37 - Fehler beim Herstellen der Internetverbindung. 22:39:37
- Serververbindung konnte nicht hergestellt werden..
Error - 27.05.2010 16:39:49 | Computer Name = *** | Source = MCUpdate | ID = 0
Description = 22:39:43 - Fehler beim Herstellen der Internetverbindung. 22:39:43
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 25.03.2011 04:57:17 | Computer Name = *** | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{51472FB2-54A6-406D-BDA9-6735134C0CB4} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 25.03.2011 09:11:40 | Computer Name = *** | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{51472FB2-54A6-406D-BDA9-6735134C0CB4} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 26.03.2011 07:19:56 | Computer Name = *** | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{51472FB2-54A6-406D-BDA9-6735134C0CB4} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 30.03.2011 10:15:34 | Computer Name = *** | Source = Service Control Manager | ID = 7030
Description = Der Dienst "Sophos AutoUpdate Service" ist als interaktiver Dienst
gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste
nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 30.03.2011 10:44:11 | Computer Name = *** | Source = DCOM | ID = 10016
Description =
Error - 30.03.2011 10:44:35 | Computer Name = *** | Source = DCOM | ID = 10016
Description =
Error - 30.03.2011 10:44:53 | Computer Name = *** | Source = DCOM | ID = 10016
Description =
Error - 30.03.2011 19:15:47 | Computer Name = *** | Source = DCOM | ID = 10016
Description =
Error - 30.03.2011 19:15:56 | Computer Name = *** | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Sophos Anti-Virus" wurde mit folgendem Fehler beendet:
%%-2147467259
Error - 30.03.2011 19:15:56 | Computer Name = *** | Source = SAVOnAccess | ID = 3997733
Description = Treiber-Threads sind noch aktiv, wenn der Treiber heruntergefahren
wird.
< End of report >
|
| Themen zu Schreckliche Gefahr von '007guard.com'!......? |
| 007guard.com, ad-aware, antivir, autorun, avgntflt.sys, avira, bho, cloud, document, email, entfernen, error, excel.exe, fehler, flash player, hijack, hijackthis, home, install.exe, installation, langsam, lexmark, location, logfile, media center, microsoft office word, mozilla, mozilla thunderbird, netstat, nicht starten, nvlddmkm.sys, oldtimer, otl.exe, plug-in, progressive, registry, ressourcenmonitor, richtlinie, safer networking, saver, searchplugins, senden, shell32.dll, software, spybot, spyware, start menu, studio, system, taskhost.exe, trojaner, usb, visual studio, webcheck, windows-tool |
Baum-Darstellung