| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Systemprobleme nach TrojanerbefallWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
06.04.2011, 18:48
| #1 |
 |  Systemprobleme nach Trojanerbefall Danke, Arne! Hier sind die OTL-Scans:OTL Logfile: Code:
ATTFilter OTL logfile created on: 06.04.2011 19:30:49 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\###\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.17037) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 278,09 Gb Total Space | 183,12 Gb Free Space | 65,85% Space Free | Partition Type: NTFS Drive D: | 19,99 Gb Total Space | 12,12 Gb Free Space | 60,63% Space Free | Partition Type: FAT32 Computer Name: PC5 | User Name: ### | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\###\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Programme\Internet Explorer\ieuser.exe (Microsoft Corporation) PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.) PRC - C:\Programme\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia) PRC - C:\Programme\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) PRC - C:\Programme\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Windows\System32\wpcumi.exe (Microsoft Corporation) PRC - C:\Programme\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Modules (SafeList) ========== MOD - C:\Users\###\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (NBService) -- File not found SRV - (FirebirdServerMAGIXInstance) -- File not found SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirMailService) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.) SRV - (LBTServ) -- C:\Programme\Common Files\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (srvcPVR) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (LMouKE) -- C:\Windows\System32\drivers\LMouKE.Sys (Logitech, Inc.) DRV - (L8042mou) -- C:\Windows\System32\drivers\L8042mou.Sys (Logitech, Inc.) DRV - (L8042Kbd) -- C:\Windows\System32\drivers\L8042Kbd.sys (Logitech, Inc.) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.) DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.) DRV - (NCHSSVAD) -- C:\Windows\System32\drivers\nchssvad.sys (NCH Swift Sound) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (ss_mdm) -- C:\Windows\System32\drivers\ss_mdm.sys (MCCI Corporation) DRV - (ss_mdfl) -- C:\Windows\System32\drivers\ss_mdfl.sys (MCCI Corporation) DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\Windows\System32\drivers\ss_bus.sys (MCCI Corporation) DRV - (ViPrt) -- C:\Windows\system32\DRIVERS\ViPrt.sys (VIA Technologies, Inc.) DRV - (ViBus) -- C:\Windows\system32\DRIVERS\ViBus.sys (VIA Technologies, Inc.) DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (Philips Semiconductors GmbH) DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.) DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys () DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Wetter WetterOnline Wettervorhersage Aktuelles Wetter Regenradar Reisewetter IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.wetteronline.de/" FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.05 22:33:52 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.05 22:33:57 | 000,000,000 | ---D | M] [2011.04.03 00:48:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\###\AppData\Roaming\mozilla\Extensions [2011.04.03 00:47:48 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions File not found (No name found) -- [2010.03.24 23:06:50 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} File not found (No name found) -- C:\USERS\###\APPDATA\LOCAL\{02118E83-49C5-44F8-B668-2F94499EC828} [2009.08.20 19:05:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - File not found O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [ALDI_SUED_FotoSuite_Download] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [EEventManager] C:\Programme\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NeroFilterCheck] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation) O4 - HKLM..\Run: [QuickTime Task] File not found O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Programme\GoogleEULA\EULALauncher.exe ( ) O4 - HKLM..\Run: [TVBroadcast] C:\Programme\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation) O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKCU..\Run: [Nxokorawum] File not found O4 - HKCU..\Run: [Sidebar] C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {2EF98DE5-183F-11D4-83EC-EC6A1DB6E213} hxxp://www.dynageo.de/download/dynageoviewer.cab (DynaGeoX Element) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Program Files\jrfbdkrd\rxwnnkbt.exe) - C:\Programme\jrfbdkrd\rxwnnkbt.exe () O20 - Winlogon\Notify\gmecoss: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O24 - Desktop WallPaper: C:\Users\Public\Pictures\Osterferien 2009\IMG_2995.JPG O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Osterferien 2009\IMG_2995.JPG O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{0b0b635a-fde1-11de-ad5f-0019dbaa66d6}\Shell\1\Command - "" = .\recycled\info.exe O33 - MountPoints2\{0b0b635a-fde1-11de-ad5f-0019dbaa66d6}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\recycled\info.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.06 19:29:42 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\###\Desktop\OTL.exe [2011.04.05 18:02:37 | 000,000,000 | ---D | C] -- C:\Programme\jrfbdkrd [2011.04.04 23:15:04 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\###\Desktop\Erunt-setup.exe [2011.04.04 22:56:57 | 000,000,000 | ---D | C] -- C:\Users\###\AppData\Roaming\Malwarebytes [2011.04.04 22:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.04 22:56:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.04.04 22:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.04.04 22:56:43 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.04.04 22:56:43 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.04.03 00:48:02 | 000,000,000 | ---D | C] -- C:\Users\###\AppData\Roaming\Mozilla [2011.04.01 17:43:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.04.01 17:41:56 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2011.04.01 17:41:54 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2011.04.01 17:40:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.03.29 18:04:18 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011.03.29 17:44:47 | 000,000,000 | ---D | C] -- C:\Users\###\AppData\Local\{02118E83-49C5-44F8-B668-2F94499EC828} ========== Files - Modified Within 30 Days ========== [2011.04.06 19:30:07 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7C2A7A38-43F2-48CC-8BC5-39FA38BC2272}.job [2011.04.06 19:30:00 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D5E5568D-8ED7-4DCC-8A39-16EA5E01CB39}.job [2011.04.06 19:30:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F1B4121B-B4F4-430B-A585-F72CE81C3EE1}.job [2011.04.06 19:29:46 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\###\Desktop\OTL.exe [2011.04.06 19:25:31 | 000,651,112 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.06 19:25:31 | 000,618,272 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.06 19:25:31 | 000,120,908 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.06 19:25:31 | 000,107,416 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.06 19:19:56 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.04.06 19:09:15 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2011.04.06 19:06:00 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.06 19:06:00 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.06 19:05:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.06 19:05:40 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys [2011.04.06 10:00:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.04.04 23:15:32 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\###\Desktop\Erunt-setup.exe [2011.04.04 22:56:48 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.04 22:21:52 | 000,000,120 | ---- | M] () -- C:\Users\###\AppData\Local\Uvayec.dat [2011.04.04 18:20:46 | 000,377,280 | ---- | M] () -- C:\Users\###\Desktop\Load.exe [2011.04.04 18:04:19 | 000,000,000 | ---- | M] () -- C:\Users\###\AppData\Local\Obevewobeyitam.bin [2011.04.03 00:47:50 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.04.02 21:41:20 | 000,456,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.04.01 17:43:35 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.04.01 17:32:04 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk [2011.03.16 19:12:05 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011.03.12 15:12:28 | 000,047,616 | ---- | M] () -- C:\Users\###\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== Files Created - No Company Name ========== [2011.04.04 22:56:48 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.04 18:20:36 | 000,377,280 | ---- | C] () -- C:\Users\###\Desktop\Load.exe [2011.04.03 00:47:50 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.04.03 00:47:50 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.04.01 17:43:35 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.03.29 17:44:49 | 000,000,120 | ---- | C] () -- C:\Users\###\AppData\Local\Uvayec.dat [2011.03.29 17:44:49 | 000,000,000 | ---- | C] () -- C:\Users\###\AppData\Local\Obevewobeyitam.bin [2011.03.22 23:38:15 | 000,001,052 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job [2009.05.14 18:51:15 | 000,004,096 | -H-- | C] () -- C:\Users\###\AppData\Local\keyfile3.drm [2009.05.11 23:19:06 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2009.05.11 22:57:43 | 000,000,059 | ---- | C] () -- C:\Windows\wininit.ini [2009.05.11 22:51:33 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2009.05.10 17:37:15 | 000,075,043 | ---- | C] () -- C:\Users\###\AppData\Roaming\mdbu.bin [2009.05.10 17:26:35 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2009.05.05 11:33:37 | 000,000,760 | ---- | C] () -- C:\Users\###\AppData\Roaming\setup_ldm.iss [2008.02.10 23:36:29 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2008.02.10 23:36:29 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2008.02.10 23:36:29 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2008.02.10 23:36:29 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2008.02.10 23:36:29 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2008.02.10 23:36:29 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2008.02.10 23:36:29 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2008.02.10 23:36:29 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2008.02.10 23:36:29 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2008.02.10 23:36:29 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2008.02.10 23:36:29 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2008.02.10 23:36:29 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2008.02.10 23:36:29 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2008.02.10 23:36:29 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2008.02.10 23:36:29 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2008.02.10 23:36:29 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2008.02.10 23:36:29 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2008.02.10 23:36:29 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2008.02.10 23:36:29 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2008.02.10 23:35:33 | 000,065,793 | ---- | C] () -- C:\Windows\System32\esfw66.bin [2008.02.10 23:35:24 | 000,000,027 | ---- | C] () -- C:\Windows\CDE V10V100V350EFGD.ini [2007.11.26 21:56:28 | 000,151,415 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2007.09.05 22:20:44 | 000,047,616 | ---- | C] () -- C:\Users\###\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.07.31 01:14:28 | 000,000,000 | ---- | C] () -- C:\Users\###\AppData\Roaming\wklnhst.dat [2007.06.26 11:37:21 | 000,299,008 | ---- | C] () -- C:\Windows\System32\midas.dll [2007.06.26 11:37:21 | 000,120,320 | ---- | C] () -- C:\Windows\System32\UnzDll.dll [2007.06.22 11:28:13 | 001,018,748 | ---- | C] () -- C:\Windows\System32\nvucode.bin [2007.06.22 10:57:55 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2007.06.21 12:34:37 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe [2007.06.20 16:15:08 | 000,000,199 | ---- | C] () -- C:\Windows\WISO.INI [2007.06.13 15:38:14 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll [2007.05.07 15:47:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll [2006.12.11 06:06:31 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2006.11.02 17:33:31 | 000,651,112 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 17:33:31 | 000,120,908 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,456,456 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,618,272 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,107,416 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2006.09.20 07:34:10 | 000,000,000 | ---- | C] () -- C:\Windows\Buhl.ini [2003.08.29 11:24:02 | 000,094,274 | ---- | C] () -- C:\Windows\System32\HPBHEALR.DLL < End of report > ...und hier Nummer zwei:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 06.04.2011 19:30:49 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\###\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,09 Gb Total Space | 183,12 Gb Free Space | 65,85% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 12,12 Gb Free Space | 60,63% Space Free | Partition Type: FAT32
Computer Name: PC5 | User Name: ### | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{24A4C0FA-F6F7-4074-8959-B9D172A63F2C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{49CF92CC-07B0-40C4-9B60-BC476B5CAC05}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4B430847-2E10-4777-8E37-271FEA8D6DD4}" = lport=139 | protocol=6 | dir=in | app=system |
"{7B1EF08D-4852-40AA-804E-0F43A9798584}" = lport=138 | protocol=17 | dir=in | app=system |
"{7C3F5343-3849-43BA-A032-27ED444DFF83}" = rport=445 | protocol=6 | dir=out | app=system |
"{8F024B95-508F-4590-80BF-97FF0EC537DE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{C2000EB0-02AD-43CF-ADEA-098FC6548900}" = lport=137 | protocol=17 | dir=in | app=system |
"{C6050439-0EAD-4950-AA43-691EDA6E14C7}" = rport=139 | protocol=6 | dir=out | app=system |
"{D85F604B-F468-4C06-ADF4-6B222754D2AF}" = rport=138 | protocol=17 | dir=out | app=system |
"{F467A64A-15B1-448F-ADD8-8791ABC4A426}" = lport=445 | protocol=6 | dir=in | app=system |
"{FC259F95-D04F-45B3-B6D5-952B746BAE3E}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1FA8FDE2-F384-4B1D-A695-2B647DDF8588}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{24D4EECD-4115-4D39-AB72-F99415B781AF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{52652B72-1198-4DEF-8791-DB5377EAF945}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{62B66B24-11D1-42E5-A5FE-BF22FA352D4F}" = dir=in | app=c:\program files\home cinema\powerdvd\powerdvd.exe |
"{649DDD61-A8EF-4F25-9E0F-5B2D8B673514}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{69E40F8B-D1F8-48D5-973E-32F6EFD84C29}" = dir=in | app=c:\program files\home cinema\powerdirector\pdr.exe |
"{6F90DC98-FEE0-435B-A2FF-C7D3A7E9F00D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{75CE2114-0B4C-4845-98F5-7ED3707F6C36}" = protocol=6 | dir=in | app=c:\program files\empire interactive\flatout ultimate carnage\fouc.exe |
"{7A3FAD7D-B58E-4BAE-B2A8-F6D0BDAE2596}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7E0D437B-62E2-4FE8-BD13-D51C010DDB52}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A85F6BCC-6D72-4BB2-A173-7DF0B87833D6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AB5BA8C0-28B4-4FD8-A33E-D92E7EA28118}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C04C4F6C-664F-4B9F-BAFE-780241C42443}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C31270C1-4BD9-49C6-ABD9-72127A2239C4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C4BD3073-B31C-413F-9BFB-167340F16B04}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C5621B07-223B-4EEC-8893-F8BEBD16D675}" = protocol=17 | dir=in | app=c:\program files\empire interactive\flatout ultimate carnage\fouc.exe |
"{CECCDD47-6BA4-44C0-A33F-0D5B16A1A7E3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E66A58CF-34F9-491F-944D-D843EB8B1A9A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{ED929A2B-9F5B-4256-B23E-13497663FCFF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F52015BA-737D-428C-9C4A-2C1884CC5427}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{F6FBFD9D-070A-41C0-AB0D-F864007627F7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{5BD62EB2-0E72-460D-B89C-065E1E442E6F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{6D5F49D7-0040-417C-80B4-5AB111C7FCFE}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{AD9D67A2-2FD5-437E-91A2-6CEED8DA88BE}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{BAE2B8B3-3B87-4629-94D7-DC17FBFF6B11}C:\program files\nero\nero 7\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero 7\nero showtime\showtime.exe |
"UDP Query User{135100A3-CAA8-49D3-B901-7685408E42E0}C:\program files\nero\nero 7\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero 7\nero showtime\showtime.exe |
"UDP Query User{6E7B207F-3607-433B-B803-84C5FD397EC2}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{EBEF4B1E-5A1D-4DB9-9067-AFC238F7573F}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{F0119A95-F102-4205-9474-CB24B2BD5B07}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08E4F3CE-A34E-4667-8DE9-147249FAE468}" = Mein Geld Professional
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0FAAA044-04CF-4766-84A2-A6A95CE196BD}" = Samsung PC Studio 3
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = EPSON Event Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{5573691E-F76A-4221-92C4-8EB50EC9025C}_is1" = Flinky Zeugnis
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.2
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{81AB1374-098A-43CB-BE57-31CEB5EB1031}" = Nero 7 Essentials
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8AAEFF3D-5DB4-4208-B514-E9C223DB3E88}" = Avatar - Der Herr der Elemente
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B117809E-5680-4AD0-A632-D0FAF223ACA0}" = T-Sinus 130 DSL
"{B480BD2A-F1BA-4FE6-8C8E-34C6111B72C9}" = ElsterFormular 2007/2008
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C73F2967-062E-48F2-A462-D335B8950183}" = Safari
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CCC8E84E-AB61-4EC0-890D-8B553915B3AD}" = TVsweeper
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}" = ArcSoft PhotoImpression 5
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"ALDI Foto Manager Free Sued D" = ALDI Foto Manager Free Sued 3.4.0.466 (D)
"ALDI Fotobuch Druck Service_is1" = ALDI Fotobuch Druck Service
"ALDI Online Druck Service (Sued)" = ALDI Online Druck Service (Sued)
"ALDI Sued Foto Service D" = ALDI Sued Foto Service 1.10.1.67 (D)
"Aldi Süd Fotoservice_is1" = Aldi Süd Fotoservice
"Avira AntiVir Desktop" = Avira AntiVir Premium
"Denken und Rechnen 1" = Denken und Rechnen 1
"DynaGeo_is1" = DynaGeo 3.0f
"ElsterFormular 11.5.1.4843" = ElsterFormular
"ENTERPRISER" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"ExpressBurn" = Express Burn Uninstall
"ExpressRip" = Express Rip Uninstall
"FastStone Capture" = FastStone Capture 5.3
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"FlatOut Ultimate Carnage" = FlatOut Ultimate Carnage
"Free RAR Extract Frog" = Free RAR Extract Frog
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"LetsTrade" = LetsTrade Komponenten
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"MEDION Fotos auf CD Sued D" = MEDION Fotos auf CD Sued 6.0.2.0 (D)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 4.0 (x86 de)" = Mozilla Firefox 4.0 (x86 de)
"NVIDIA Drivers" = NVIDIA Drivers
"PerfV10_V100 Ben.handbuch" = PerfV10_V100 Ben.handbuch
"RealPlayer 6.0" = RealPlayer
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SoundTap" = SoundTap
"ST4UNST #1" = GSZEUG_94_S
"ST4UNST #2" = GSZEUG_94_S (C:\Program Files\GSZEUG_94_S\)
"ST4UNST #3" = GSZEUG_94_S (C:\Program Files\GSZEUG_94_S\) #3
"Switch" = Switch Uninstall
"ToolBand.SkypeIEToolbarToolbar" = Skype add-on for IE
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"WavePad" = WavePad Uninstall
"X10Hardware" = X10 Hardware(TM)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 05.04.2011 19:22:53 | Computer Name = PC5 | Source = VSS | ID = 12289
Description =
Error - 05.04.2011 19:23:06 | Computer Name = PC5 | Source = VSS | ID = 12289
Description =
Error - 05.04.2011 19:23:17 | Computer Name = PC5 | Source = VSS | ID = 12289
Description =
Error - 06.04.2011 00:22:57 | Computer Name = PC5 | Source = WerSvc | ID = 5007
Description =
Error - 06.04.2011 00:35:47 | Computer Name = PC5 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 06.04.2011 03:41:26 | Computer Name = PC5 | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc000071b, Fehleroffset 0x0008ac88, Prozess-ID 0x498, Anwendungsstartzeit
01cbf4119a845bfe.
Error - 06.04.2011 04:03:49 | Computer Name = PC5 | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc000071b, Fehleroffset 0x0008ac88, Prozess-ID 0x5cc, Anwendungsstartzeit
01cbf42e455340a0.
Error - 06.04.2011 09:46:48 | Computer Name = PC5 | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe, Version 6.0.6000.16386, Zeitstempel
0x4549adc4, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc000071b, Fehleroffset 0x0008ac88, Prozess-ID 0xb98, Anwendungsstartzeit
01cbf43165adb1c0.
Error - 06.04.2011 13:11:31 | Computer Name = PC5 | Source = WerSvc | ID = 5007
Description =
Error - 06.04.2011 13:20:03 | Computer Name = PC5 | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ OSession Events ]
Error - 12.04.2008 13:33:49 | Computer Name = PC5 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18390
seconds with 60 seconds of active time. This session ended with a crash.
Error - 12.04.2009 19:18:06 | Computer Name = PC5 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1665
seconds with 0 seconds of active time. This session ended with a crash.
Error - 14.06.2009 07:39:01 | Computer Name = PC5 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 313
seconds with 0 seconds of active time. This session ended with a crash.
Error - 07.09.2009 17:45:14 | Computer Name = PC5 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3394
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 04.04.2011 17:13:41 | Computer Name = PC5 | Source = Service Control Manager | ID = 7026
Description =
Error - 04.04.2011 17:29:34 | Computer Name = PC5 | Source = Service Control Manager | ID = 7026
Description =
Error - 05.04.2011 11:52:35 | Computer Name = PC5 | Source = Service Control Manager | ID = 7026
Description =
Error - 05.04.2011 12:05:49 | Computer Name = PC5 | Source = DCOM | ID = 10010
Description =
Error - 05.04.2011 12:14:19 | Computer Name = PC5 | Source = DCOM | ID = 10005
Description =
Error - 05.04.2011 16:30:44 | Computer Name = PC5 | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.2.130 für die Netzwerkkarte mit der Netzwerkadresse
0019DBAA66D6 wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 06.04.2011 00:19:21 | Computer Name = PC5 | Source = Service Control Manager | ID = 7026
Description =
Error - 06.04.2011 03:44:08 | Computer Name = PC5 | Source = Service Control Manager | ID = 7032
Description =
Error - 06.04.2011 09:41:37 | Computer Name = PC5 | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.2.130 für die Netzwerkkarte mit der Netzwerkadresse
0019DBAA66D6 wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 06.04.2011 13:07:20 | Computer Name = PC5 | Source = Service Control Manager | ID = 7026
Description =
< End of report >
Mein Mozilla Firefox ist inzwischen völlig zerschossen... Aber der (eigentlich stillgelegte) MSIE funktioniert zum Glück noch! Anders als gestern kommen heute von Avira keine ständigen Befallsmeldungen mehr. Auch das Google-Redirect passiert im Moment nicht. Hat am Ende Avira den ungebetenen Gästen doch den Garaus gemacht? Danke schon Mal für alle weiteren Tipps! Gruß, lilafepi |
|
| Themen zu Systemprobleme nach Trojanerbefall |
| abhängigkeitsdienst, abhängigkeitsgruppe, aktiv, antivir, arbeitet, betriebssystem, falsche, falsche seite, fehlermeldung, fenster öffnen sich, folge, forum, frage, gdata, google redirect problem, hostprozess, kaspersky, langsam, links, load.exe, malwarebytes, problem, probleme, prozess, rechner, seite, seiten, shellexecuteex, system, trojaner, trojaner befall, vista |
Hybrid-Darstellung
