Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Virus- laut Antivir Kazi

Virus- laut Antivir Kazi


Log-Analyse und Auswertung: Virus- laut Antivir Kazi

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 28.04.2011, 18:41   #1
jules91
 
Virus- laut Antivir Kazi - Standard

Virus- laut Antivir Kazi


Hallo ihr, ich hab inzwischen alles gemacht. Ich hab des mit Otl gemacht.
Bei Extras.txt steht:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 4/28/2011 7:21:05 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Julia
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 56.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.00 Gb Total Space | 73.45 Gb Free Space | 73.45% Space Free | Partition Type: NTFS
Drive D: | 188.07 Gb Total Space | 187.86 Gb Free Space | 99.89% Space Free | Partition Type: NTFS
 
Computer Name: JULIA-PC | User Name: Julia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2651A51A-4EA2-4DF6-9F0D-43DDA7D2D6B1}" = ebi.BookReader3J
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2B288A23-A385-BA17-E1DA-5F3E9AFA2F45}" = Internet Radio
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{38E5A3B1-ADF1-47E0-8024-76310A30EB36}" = LiveUpdate
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4FF322B3-EDF0-49B9-97D1-29FED212800F}" = InternetRadioHelper
"{54A9A9E1-8C4C-44FE-AA6B-182EA1E779FD}" = Hercules WiFi Station N
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{75E9CAA3-B336-439D-85FB-7C7B2ACA1A16}" = LivCam
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{859D40CF-8491-44AD-8FA8-7389CB418C64}" = 32 Bit HP CIO Components Installer
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card
"{8FF90DB8-6DED-44A3-B182-244FEC09012F}" = Microsoft Touch Pack for Windows 7
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007
"{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0017-0410-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Italian) 2007
"{90120000-0017-0410-0000-0000000FF1CE}_OMUI.it-it_{342281AF-B7FE-4999-BE64-29F7D6249970}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0017-0413-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Dutch) 2007
"{90120000-0017-0413-0000-0000000FF1CE}_OMUI.nl-nl_{2E9BD56A-2290-46DA-869F-2EDCF0A24E8B}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.it-it_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.nl-nl_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.fr-fr_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.it-it_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.nl-nl_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.fr-fr_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.it-it_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.nl-nl_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.it-it_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}_OMUI.nl-nl_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_OMUI.fr-fr_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007
"{90120000-0044-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2007
"{90120000-0044-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_OMUI.it-it_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_OMUI.nl-nl_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007
"{90120000-00A1-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007
"{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2007
"{90120000-00BA-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2007
"{90120000-00BA-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007
"{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0410-0000-0000000FF1CE}" = Microsoft Office O MUI (Italian) 2007
"{90120000-0100-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0413-0000-0000000FF1CE}" = Microsoft Office O MUI (Dutch) 2007
"{90120000-0100-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007
"{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0410-0000-0000000FF1CE}" = Microsoft Office X MUI (Italian) 2007
"{90120000-0101-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0413-0000-0000000FF1CE}" = Microsoft Office X MUI (Dutch) 2007
"{90120000-0101-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.2 MUI
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ASUS VIBE" = ASUS VIBE
"ASUS WebStorage" = ASUS WebStorage
"AsusInternetRadio.FE3DA72B022E78FEBEB750602F72A2E5E345080B.1" = Internet Radio
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE" = Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403)
"B5C82F3814F82FB37F1513B3185399BD88892B08" = Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"Calculator_is1" = Calculator
"Eee Docking Touch_is1" = Eee Docking Touch 3.8.1
"FotoFun_is1" = FotoFun_3.3.0.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus!" = Messenger Plus! 5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français
"OMUI.it-it" = Microsoft Office Language Pack 2007 - Italian/Italiano
"OMUI.nl-nl" = Microsoft Office Language Pack 2007 - Dutch/Nederlands
"PenWrite_is1" = PenWrite v1.9.20.1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Touch Gate_is1" = Touch Gate 1.0.2.2
"TouchAPUninstaller" = 2DoorWay TouchSuite
"USB2.0 UVC WebCam " = USB2.0 UVC WebCam 
"WinLiveSuite_Wave3" = Windows Live Essentials
"XSManager" = XSManager
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 3/19/2011 1:28:22 PM | Computer Name = Julia-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16722,
Zeitstempel: 0x4d0c2f29 Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x002268b3 ID des fehlerhaften
Prozesses: 0x4f8 Startzeit der fehlerhaften Anwendung: 0x01cbe65affb12a1e Pfad der
fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad des
fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung:
499f0aa7-524e-11e0-86f3-cf528d8f291e
 
Error - 3/28/2011 10:24:47 AM | Computer Name = Julia-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7600.16722 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 179c Startzeit: 01cbed53912a1dd7 Endzeit: 0 Anwendungspfad: 
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: 
 
Error - 3/28/2011 10:26:46 AM | Computer Name = Julia-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7600.16722 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1518 Startzeit: 01cbed53e3e0326e Endzeit: 0 Anwendungspfad: 
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: 
 
Error - 3/29/2011 6:16:28 AM | Computer Name = Julia-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7600.16722 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: e34 Startzeit: 01cbedf9fce19cd3 Endzeit: 62 Anwendungspfad: 
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: 
 
Error - 3/29/2011 6:42:04 AM | Computer Name = Julia-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7600.16722 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 15e4 Startzeit: 01cbedfdb491e20e Endzeit: 0 Anwendungspfad: 
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: 
 
Error - 3/29/2011 6:43:34 AM | Computer Name = Julia-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7600.16722 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 488 Startzeit: 01cbedfdf129fa14 Endzeit: 0 Anwendungspfad: C:\Program
Files\Internet Explorer\iexplore.exe Berichts-ID: 
 
Error - 4/6/2011 3:20:32 PM | Computer Name = Julia-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7600.16722 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1324 Startzeit: 01cbf4871272e552 Endzeit: 47 Anwendungspfad:
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: 
 
Error - 4/9/2011 7:11:37 AM | Computer Name = Julia-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16722,
Zeitstempel: 0x4d0c2f29 Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7600.16722,
Zeitstempel: 0x4d0c44e7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001d9093 ID des fehlerhaften
Prozesses: 0x108c Startzeit der fehlerhaften Anwendung: 0x01cbf6a0ee3502d4 Pfad der
fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad des
fehlerhaften Moduls: C:\Windows\System32\mshtml.dll Berichtskennung: 22ce7fb9-629a-11e0-a6a0-c00dc952d62a
 
Error - 4/9/2011 12:31:13 PM | Computer Name = Julia-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Julia\AppData\Local\Temp\RarSFX1\redist.dll".
Die
abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
 
Error - 4/10/2011 11:39:45 AM | Computer Name = Julia-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7600.16722 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 11fc Startzeit: 01cbf7952f6bfbbf Endzeit: 62 Anwendungspfad:
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID: 
 
[ OSession Events ]
Error - 8/6/2010 10:18:34 PM | Computer Name = Julia-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
 
Error - 11/8/2010 9:37:41 AM | Computer Name = Julia-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 42
seconds with 0 seconds of active time. This session ended with a crash.
 
Error - 12/6/2010 8:12:29 AM | Computer Name = Julia-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 46
seconds with 0 seconds of active time. This session ended with a crash.
 
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
--- --- ---

bei Otl.txt steht:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 4/28/2011 7:21:05 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Julia
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 56.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.00 Gb Total Space | 73.45 Gb Free Space | 73.45% Space Free | Partition Type: NTFS
Drive D: | 188.07 Gb Total Space | 187.86 Gb Free Space | 99.89% Space Free | Partition Type: NTFS
 
Computer Name: JULIA-PC | User Name: Julia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Julia\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\HerculesWiFiService.exe (Guillemot Corporation)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\ASUS\Eee Docking Touch\Eee Docking Touch.exe ()
PRC - C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
PRC - C:\Program Files\ASUS\LivCam\LivCam.exe (ASUSTek)
PRC - C:\Program Files\asus\2DoorWayTouchSuite\AsusUacSvc.exe ()
PRC - C:\Program Files\ASUS\TouchHomeKey\TouchHomeKey.exe ()
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
PRC - C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\XSManager\WTGService.exe ()
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Julia\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (HerculesWiFi) -- C:\windows\System32\\HerculesWiFiService.exe ()
SRV - (AsusUacSvc) -- C:\Program Files\asus\2DoorWayTouchSuite\AsusUacSvc.exe ()
SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WTGService) -- C:\Program Files\XSManager\WTGService.exe ()
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (RTL8192su) -- C:\Windows\System32\drivers\RTL8192su.sys (Realtek Semiconductor Corporation )
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (usbsmi) -- C:\Windows\System32\drivers\SMIksdrv.sys (SMI)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (AsUpIO) -- C:\Windows\System32\drivers\AsUpIO.sys ()
DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.)
DRV - (cmnsusbser) -- C:\Windows\System32\drivers\cmnsusbser.sys (Mobile Connector)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://web.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | -H-- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ASUS WebStorage] C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Eee Docking Touch] C:\Program Files\ASUS\Eee Docking Touch\Eee Docking Touch.exe ()
O4 - HKLM..\Run: [LivCam] C:\Program Files\ASUS\LivCam\LivCam.exe (ASUSTek)
O4 - HKLM..\Run: [LiveUpdate] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PenWrite] C:\Program Files\ASUS\PenWrite\PenWrite.exe ()
O4 - HKLM..\Run: [starter4g] File not found
O4 - HKLM..\Run: [SuperHybridEngine] File not found
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [TouchHomeKey] C:\Program Files\asus\TouchHomeKey\TouchHomeKey.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\windows\system32\ShellTrayDll.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2150f1d3-3fdc-11df-80cb-1c4bd6073675}\Shell - "" = AutoRun
O33 - MountPoints2\{2150f1d3-3fdc-11df-80cb-1c4bd6073675}\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/04/28 19:10:04 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Julia\OTL.exe
[2011/04/28 17:30:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/04/28 17:30:26 | 000,000,000 | -H-D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/04/28 17:30:26 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/04/28 17:20:27 | 000,000,000 | -H-D | C] -- C:\Users\Julia\AppData\Roaming\Malwarebytes
[2011/04/28 17:19:58 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/04/28 17:19:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/28 17:19:53 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes
[2011/04/28 17:19:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/04/28 17:19:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/28 10:49:27 | 000,000,000 | -H-D | C] -- C:\Users\Julia\AppData\Roaming\Avira
[2011/04/27 23:09:31 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\prevhost.exe
[2011/04/27 23:09:18 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\esent.dll
[2011/04/27 23:09:18 | 000,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\storport.sys
[2011/04/27 23:09:17 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fsutil.exe
[2011/04/27 23:09:06 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll
[2011/04/27 23:09:03 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2011/04/15 15:40:25 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript.dll
[2011/04/15 15:40:25 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll
[2011/04/15 15:40:23 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dnscacheugc.exe
[2011/04/15 15:40:21 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll
[2011/04/15 15:40:21 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll
[2011/04/15 15:40:09 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll
[2011/04/15 15:40:09 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2011/04/15 15:40:09 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2011/04/15 15:40:08 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2011/04/15 15:40:08 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2011/04/15 15:40:08 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2011/04/15 15:40:08 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2011/04/15 15:40:07 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2011/04/15 15:40:07 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2011/04/15 15:40:07 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2011/04/15 15:40:07 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2011/04/15 15:36:35 | 002,331,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2011/04/15 15:36:33 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FXSCOVER.exe
[2011/04/15 15:36:31 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll
[2011/04/15 15:36:26 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42u.dll
[2011/04/15 15:36:26 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42.dll
[2011/04/09 18:32:26 | 000,028,520 | -H-- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys
[2011/04/09 18:32:23 | 000,137,656 | -H-- | C] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys
[2011/04/09 18:32:23 | 000,061,960 | -H-- | C] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys
[2011/04/09 18:32:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\Avira
[2011/04/09 18:32:21 | 000,000,000 | -H-D | C] -- C:\Program Files\Avira
[2011/04/01 15:02:43 | 000,000,000 | -H-D | C] -- C:\.jagex_cache_32
[2009/10/06 15:08:27 | 000,013,880 | -H-- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys
[1 C:\Users\Julia\Documents\*.tmp files -> C:\Users\Julia\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/04/28 19:26:44 | 000,000,160 | ---- | M] () -- C:\Users\Julia\.bat
[2011/04/28 19:11:52 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/28 19:11:52 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/28 19:08:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Julia\OTL.exe
[2011/04/28 19:02:13 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/04/28 19:02:07 | 1602,887,680 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/28 17:30:48 | 000,001,216 | -H-- | M] () -- C:\Users\Julia\Desktop\Spybot - Search & Destroy.lnk
[2011/04/28 17:08:51 | 000,377,260 | -H-- | M] () -- C:\Users\Julia\Desktop\Load.exe
[2011/04/28 11:13:24 | 000,000,392 | -H-- | M] () -- C:\ProgramData\28630792
[2011/04/28 11:09:04 | 000,000,184 | -H-- | M] () -- C:\ProgramData\~28630792
[2011/04/28 11:09:02 | 000,000,144 | -H-- | M] () -- C:\ProgramData\~28630792r
[2011/04/24 18:52:35 | 000,663,842 | -H-- | M] () -- C:\windows\System32\perfh007.dat
[2011/04/24 18:52:35 | 000,624,292 | -H-- | M] () -- C:\windows\System32\perfh009.dat
[2011/04/24 18:52:35 | 000,135,078 | -H-- | M] () -- C:\windows\System32\perfc007.dat
[2011/04/24 18:52:35 | 000,110,276 | -H-- | M] () -- C:\windows\System32\perfc009.dat
[2011/04/18 18:11:09 | 000,333,384 | -H-- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/04/15 17:33:01 | 000,000,034 | -H-- | M] () -- C:\Users\Julia\jagex_runescape_preferences.dat
[2011/04/15 17:33:00 | 000,000,129 | -H-- | M] () -- C:\Users\Julia\jagex_runescape_preferences2.dat
[2011/04/05 20:53:23 | 000,099,458 | -H-- | M] () -- C:\Users\Julia\Documents\Imma.pdf
[1 C:\Users\Julia\Documents\*.tmp files -> C:\Users\Julia\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/04/28 17:30:48 | 000,001,216 | -H-- | C] () -- C:\Users\Julia\Desktop\Spybot - Search & Destroy.lnk
[2011/04/28 17:08:49 | 000,377,260 | -H-- | C] () -- C:\Users\Julia\Desktop\Load.exe
[2011/04/28 11:09:02 | 000,000,184 | -H-- | C] () -- C:\ProgramData\~28630792
[2011/04/28 11:09:02 | 000,000,144 | -H-- | C] () -- C:\ProgramData\~28630792r
[2011/04/28 11:08:18 | 000,000,392 | -H-- | C] () -- C:\ProgramData\28630792
[2011/04/05 20:53:23 | 000,099,458 | -H-- | C] () -- C:\Users\Julia\Documents\Imma.pdf
[2011/04/01 15:04:09 | 000,000,129 | -H-- | C] () -- C:\Users\Julia\jagex_runescape_preferences2.dat
[2011/04/01 15:02:50 | 000,000,034 | -H-- | C] () -- C:\Users\Julia\jagex_runescape_preferences.dat
[2011/02/10 02:41:01 | 000,007,607 | -H-- | C] () -- C:\Users\Julia\AppData\Local\Resmon.ResmonCfg
[2011/01/18 20:27:31 | 000,001,940 | -H-- | C] () -- C:\Users\Julia\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/06/17 23:57:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/16 03:58:43 | 000,131,368 | -H-- | C] () -- C:\ProgramData\FullRemove.exe
[2010/01/16 03:53:46 | 000,011,448 | -H-- | C] () -- C:\windows\System32\drivers\AsUpIO.sys
[2010/01/16 03:53:39 | 000,001,769 | ---- | C] () -- C:\windows\Language_trs.ini
[2010/01/16 03:26:49 | 000,013,931 | -H-- | C] () -- C:\windows\System32\RaCoInst.dat
[2009/12/31 05:48:36 | 000,163,840 | -H-- | C] () -- C:\windows\System32\SM37XCoInst.dll
[2009/10/26 05:38:22 | 000,000,176 | ---- | C] () -- C:\windows\explorer.exe.config
[2009/07/27 00:01:28 | 000,663,842 | -H-- | C] () -- C:\windows\System32\perfh007.dat
[2009/07/27 00:01:28 | 000,295,922 | -H-- | C] () -- C:\windows\System32\perfi007.dat
[2009/07/27 00:01:28 | 000,135,078 | -H-- | C] () -- C:\windows\System32\perfc007.dat
[2009/07/27 00:01:28 | 000,038,104 | -H-- | C] () -- C:\windows\System32\perfd007.dat
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 06:33:53 | 000,333,384 | -H-- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,624,292 | -H-- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | -H-- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,110,276 | -H-- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | -H-- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | -H-- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | -H-- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2010/04/05 00:31:12 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Asus
[2010/01/16 04:03:46 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\ASUS WebStorage
[2011/04/27 23:23:56 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\ICQ
[2010/04/04 21:58:57 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\TouchGate2Doorway
[2010/06/19 18:38:02 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\XSManager
[2011/04/01 20:18:59 | 000,032,640 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
< End of report >
--- --- ---

und des mit der anti malware hab ich auch gemacht

da steht:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6465

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

28.04.2011 18:55:35
mbam-log-2011-04-28 (18-55-35).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 144571
Laufzeit: 5 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 3
Infizierte Verzeichnisse: 1
Infizierte Dateien: 6

Infizierte Speicherprozesse:
c:\programdata\ltubjrjrdevvad.exe (Trojan.FakeAlert) -> 3556 -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LtuBJrJRDEvvaD (Trojan.FakeAlert) -> Value: LtuBJrJRDEvvaD -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallPaper (PUM.Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
c:\Users\Julia\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery (Trojan.FakeAV) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\programdata\ltubjrjrdevvad.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Julia\AppData\Local\Temp\Low\adobe_flash_player.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Julia\AppData\Local\Temp\Low\tmp1D02.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Julia\Desktop\windows recovery.lnk (Trojan.FakeAV) -> Quarantined and deleted successfully.
c:\Users\Julia\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery\uninstall windows recovery.lnk (Trojan.FakeAV) -> Quarantined and deleted successfully.
c:\Users\Julia\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery\windows recovery.lnk (Trojan.FakeAV) -> Quarantined and deleted successfully.


ich hoffe des hilft, damit ihr mir helfen könnt.
es ist übrigens windows 7

danke schon mal
lg julia

 

Themen zu Virus- laut Antivir Kazi
32 bit, adobe, antivir, avg, avgntflt.sys, avira, bho, calculator, defender, desktop, disabletaskmgr, error, excel, extras.txt, flash player, format, home, host.exe, iexplore.exe, install.exe, installation, location, logfile, microsoft office word, nicht gefunden, office 2007, oldtimer, otl.txt, plug-in, programm, realtek, registry, rundll, safer networking, saver, scan, sched.exe, security, security update, server, shell32.dll, software, start menu, super, usb, webcheck, windows


« BKA-Trojaner: MBAM-Log | Virus.Ramnit auf USB-Stick gefunden - was ist das und was ist zu tun? »


Ähnliche Themen: Virus- laut Antivir Kazi


  1. Laut Adw-Cleaner Virus in Chrome und kann ihn nicht entfernen.
    Plagegeister aller Art und deren Bekämpfung - 27.04.2015 (14)
  2. Virus laut Emsisoft und Malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 31.08.2014 (5)
  3. Windows7: wincpu.exe laut AntiVir ein BitCoinMiner. Entfernte Datei ist nach Systemneustart wieder da.
    Log-Analyse und Auswertung - 03.07.2014 (25)
  4. Laut Meldung vom Virusprogramm habe ich den BOO/TDss.O' Virus
    Plagegeister aller Art und deren Bekämpfung - 12.01.2014 (24)
  5. Script.virus Bedrohung am Imac laut Dr. Web - gefährlich?
    Alles rund um Mac OSX & Linux - 10.12.2013 (3)
  6. Bundespolizei Virus eingefangen seitdem Pc laut
    Log-Analyse und Auswertung - 13.06.2013 (23)
  7. Trojaner TR/Injection.aqu laut Antivir‏ eingefangen durch zip Datei einer angeblichen Mahnung von Amazon
    Plagegeister aller Art und deren Bekämpfung - 19.03.2013 (24)
  8. Virus in JPG? Trojan.W32.jpgifram (v) laut AdAware
    Plagegeister aller Art und deren Bekämpfung - 08.03.2012 (1)
  9. Lüfter sehr laut, Laut Highjackthis-Analyse Schadsoftware auf Laptop
    Log-Analyse und Auswertung - 05.12.2011 (10)
  10. Zeus Virus laut web.de
    Plagegeister aller Art und deren Bekämpfung - 25.11.2011 (24)
  11. Windows Recovery? TR/Kazy.mekml.1 eingefangen laut AntiVir!
    Log-Analyse und Auswertung - 30.04.2011 (6)
  12. Trojaner TR/kazy.mekml.1 (laut AntiVir) ?
    Log-Analyse und Auswertung - 21.04.2011 (20)
  13. Zeus Virus laut web.de abuse
    Plagegeister aller Art und deren Bekämpfung - 08.01.2011 (4)
  14. Windows Recovery auf C:\ nach Befall von JAVA Agent.M.1 (laut Antivir). Reicht das?
    Plagegeister aller Art und deren Bekämpfung - 03.09.2010 (6)
  15. laut Virustotal mehrere Viren nur Antivir findet nichts ?!
    Log-Analyse und Auswertung - 13.05.2007 (2)
  16. Trojaner laut AntiVir/Bitte Hijacker Logs überprüfen, danke!!!
    Log-Analyse und Auswertung - 29.04.2007 (8)
  17. Problem: TR/FakeAlert.CY laut AntiVir
    Plagegeister aller Art und deren Bekämpfung - 09.08.2006 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Virus- laut Antivir Kazi - Hallo ihr, ich hab inzwischen alles gemacht. Ich hab des mit Otl gemacht. Bei Extras.txt steht:OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL Extras logfile created on: 4/28/2011 7:21:05 PM - Virus- laut Antivir Kazi...
Archiv
Du betrachtest: Virus- laut Antivir Kazi auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131