Trojaner-Board - Firefox öffnet automatisch Werbetabs

Hallo Arne,

vielen Dank für die Rückmeldung. Ich habe in der Zwischenzeit (vielleicht?) den Grund für meine Probleme identifizieren können: das MS Tool zur Entfernung von Malware hat mir einen "win32/alureon.h" ausgegeben und entfernt(?). Seither funktioniert Firefox wieder anständig und auch Chrome lässt sich anwenden. Ich frage mich nur, warum weder Antivir noch irgendein anderes Programm diesen Virus (?) gefunden hat...

Gruß und Dank
Tom

Hier mein OTL Log

Code:

OTL logfile created on: 28.05.2010 09:24:31 - Run 1

OTL by OldTimer - Version 3.2.5.0     Folder = C:\Users\***\Desktop

 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 43,00% Memory free

4,00 Gb Paging File | 2,00 Gb Available in Paging File | 64,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 79,90 Gb Total Space | 7,75 Gb Free Space | 9,70% Space Free | Partition Type: NTFS

Drive D: | 146,72 Gb Total Space | 43,57 Gb Free Space | 29,70% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: ***

Current User Name: ***

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)

PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated)

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)

PRC - C:\Program Files\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe (Lenovo Group Limited)

PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Program Files\Lenovo\Access Connections\AcSvc.exe (Lenovo)

PRC - C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo)

PRC - C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe (Lenovo)

PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Windows\System32\igfxext.exe (Intel Corporation)

PRC - C:\Windows\System32\DTS.exe ()

PRC - C:\Windows\System32\AtService.exe (AuthenTec, Inc.)

PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)

PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)

PRC - C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)

PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)

PRC - C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)

PRC - C:\Windows\System32\TpShocks.exe (Lenovo.)

PRC - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)

PRC - C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited)

PRC - C:\Windows\System32\ibmpmsvc.exe (Lenovo.)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited)

PRC - C:\Program Files\Lenovo\ZOOM\TpScrex.exe (Lenovo Group Limited)

PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)

PRC - C:\Program Files\Intel\AMT\LMS.exe (Intel Corporation)

PRC - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Intel Corporation)

PRC - C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)

PRC - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

PRC - C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )

PRC - C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)

PRC - C:\Program Files\DesktopEarth\DesktopEarth.exe (CodeFromThe70s.org)

 

 
 ========== Modules (SafeList) ==========

 

MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)

MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (LENOVO.CAMMUTE) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited)

SRV - (LENOVO.TPKNRSVC) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited)

SRV - (DozeSvc) -- C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE (Lenovo.)

SRV - (AcSvc) -- C:\Program Files\Lenovo\Access Connections\AcSvc.exe (Lenovo)

SRV - (AcPrfMgrSvc) -- C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (dtsvc) -- C:\Windows\System32\DTS.exe ()

SRV - (ADMonitor) -- C:\Windows\System32\ADMonitor.exe ()

SRV - (ATService) -- C:\Windows\System32\AtService.exe (AuthenTec, Inc.)

SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)

SRV - (RegSrvc) Intel(R) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)

SRV - (TPHKSVC) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)

SRV - (dsNcService) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)

SRV - (IBMPMSVC) -- C:\Windows\System32\ibmpmsvc.exe (Lenovo.)

SRV - (LENOVO.MICMUTE) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)

SRV - (SUService) -- C:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited)

SRV - (TPHDEXLGSVC) -- C:\Windows\System32\TPHDEXLG.exe (Lenovo.)

SRV - (LMS) Intel(R) -- C:\Program Files\Intel\AMT\LMS.exe (Intel Corporation)

SRV - (UNS) Intel(R) -- C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Intel Corporation)

SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)

SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)

SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)

SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)

SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)

SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)

SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)

SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)

SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)

SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)

SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)

SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)

SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)

SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)

SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)

SRV - (HsfXAudioService) -- C:\Windows\System32\XAudio32.dll (Conexant Systems, Inc.)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (vdrvroot) -- C:\Windows\SYSTEM32\DRIVERS\VDRVROOT.SYS (Microsoft Corporation)

DRV - (Uim_IM) -- C:\Windows\System32\drivers\Uim_IM.sys (Paragon)

DRV - (UimBus) -- C:\Windows\System32\drivers\UimBus.sys (Windows (R) 2000 DDK provider)

DRV - (hotcore3) -- C:\Windows\system32\DRIVERS\hotcore3.sys (Paragon Software Group)

DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated)

DRV - (DozeHDD) -- C:\Windows\System32\DRIVERS\DozeHDD.sys (Lenovo.)

DRV - (TPPWRIF) -- C:\Windows\System32\drivers\TPPWR32V.SYS (Lenovo Group Limited)

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)

DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)

DRV - (ATSwpWDF) -- C:\Windows\System32\drivers\ATSwpWDF.sys (AuthenTec, Inc.)

DRV - (NETw5s32) Intel(R) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)

DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)

DRV - (dsNcAdpt) -- C:\Windows\System32\drivers\dsNcAdpt.sys (Juniper Networks)

DRV - (psadd) -- C:\Windows\System32\drivers\psadd.sys (Lenovo (United States) Inc.)

DRV - (IBMPMDRV) -- C:\Windows\System32\drivers\ibmpmdrv.sys (Lenovo.)

DRV - (Shockprf) -- C:\Windows\System32\DRIVERS\Apsx86.sys (Lenovo.)

DRV - (TPDIGIMN) -- C:\Windows\System32\DRIVERS\ApsHM86.sys (Lenovo.)

DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)

DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)

DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)

DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)

DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)

DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)

DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)

DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)

DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)

DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)

DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)

DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)

DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)

DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)

DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)

DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)

DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)

DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)

DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)

DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)

DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)

DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)

DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)

DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)

DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)

DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)

DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)

DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)

DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)

DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)

DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)

DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)

DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)

DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)

DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)

DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)

DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)

DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)

DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)

DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)

DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)

DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)

DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)

DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)

DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)

DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)

DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)

DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)

DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)

DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)

DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)

DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)

DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)

DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)

DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)

DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)

DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)

DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)

DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)

DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)

DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)

DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)

DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)

DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)

DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)

DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)

DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)

DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)

DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)

DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)

DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)

DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)

DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)

DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)

DRV - (SrvHsfV92) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)

DRV - (SrvHsfWinac) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)

DRV - (SrvHsfHDA) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)

DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)

DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)

DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)

DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)

DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)

DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)

DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)

DRV - (HECI) Intel(R) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)

DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio32.sys (Conexant Systems, Inc.)

DRV - (e1yexpress) Intel(R) -- C:\Windows\System32\drivers\e1y6032.sys (Intel Corporation)

DRV - (lenovo.smi) -- C:\Windows\System32\drivers\smiif32.sys (Lenovo Group Limited)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

 

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.19 12:22:49 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.19 12:22:48 | 000,000,000 | ---D | M]

 

[2010.05.19 12:22:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2010.04.28 15:19:14 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

[2010.04.28 15:32:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010.04.28 15:32:18 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml

[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml

[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml

[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml

[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2010.05.27 18:20:44 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe ()

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)

O4 - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (AuthenTec)

O4 - HKLM..\Run: [FingerPrintSoftwareSplashScreen] C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe (AuthenTec, Inc.)

O4 - HKLM..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe File not found

O4 - HKLM..\Run: [picon] C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation)

O4 - HKLM..\Run: [PWMTRV] C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL (Lenovo Group Limited)

O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()

O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)

O4 - HKLM..\Run: [TpShocks] C:\Windows\System32\TpShocks.exe (Lenovo.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2010.05.27 20:53:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Adobe

[2010.05.27 20:53:12 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Adobe

[2010.05.27 20:52:53 | 000,000,000 | R--D | C] -- C:\Users\***\Searches

[2010.05.27 20:52:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Identities

[2010.05.27 20:52:38 | 000,000,000 | R--D | C] -- C:\Users\***\Contacts

[2010.05.27 20:52:32 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\VirtualStore

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\Vorlagen

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Verlauf

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Temporary Internet Files

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\Startmenü

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\SendTo

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\Recent

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\Netzwerkumgebung

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\Lokale Einstellungen

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Videos

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Musik

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\Eigene Dateien

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Bilder

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\Druckumgebung

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\Cookies

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Anwendungsdaten

[2010.05.27 20:52:28 | 000,000,000 | -HSD | C] -- C:\Users\***\Anwendungsdaten

[2010.05.27 20:52:27 | 000,000,000 | --SD | C] -- C:\Users\***\AppData\Roaming\Microsoft

[2010.05.27 20:52:27 | 000,000,000 | R--D | C] -- C:\Users\***\Videos

[2010.05.27 20:52:27 | 000,000,000 | R--D | C] -- C:\Users\***\Saved Games

[2010.05.27 20:52:27 | 000,000,000 | R--D | C] -- C:\Users\***\Pictures

[2010.05.27 20:52:27 | 000,000,000 | R--D | C] -- C:\Users\***\Music

[2010.05.27 20:52:27 | 000,000,000 | R--D | C] -- C:\Users\***\Links

[2010.05.27 20:52:27 | 000,000,000 | R--D | C] -- C:\Users\***\Favorites

[2010.05.27 20:52:27 | 000,000,000 | R--D | C] -- C:\Users\***\Downloads

[2010.05.27 20:52:27 | 000,000,000 | R--D | C] -- C:\Users\***\Documents

[2010.05.27 20:52:27 | 000,000,000 | R--D | C] -- C:\Users\***\Desktop

[2010.05.27 20:52:27 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData

[2010.05.27 20:52:27 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\temp

[2010.05.27 20:52:27 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Microsoft Help

[2010.05.27 20:52:27 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Microsoft

[2010.05.27 20:52:27 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Media Center Programs

[2010.05.27 16:34:03 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2010.05.27 16:29:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2010.05.27 16:27:27 | 000,000,000 | ---D | C] -- C:\Device

[2010.05.27 16:18:46 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2010.05.27 16:18:46 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2010.05.27 16:18:46 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2010.05.27 16:18:38 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2010.05.27 16:18:01 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010.05.27 16:17:45 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2010.05.27 15:04:13 | 000,248,448 | ---- | C] (Intel Corporation) -- C:\Windows\System32\PROUnstl.exe

[2010.05.27 15:00:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2010.05.27 14:52:07 | 000,032,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\VDRVROOT.SYS

[2010.05.27 14:46:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\MpEngineStore

[2010.05.26 16:18:02 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Convoy 2009

[2010.05.26 15:39:39 | 000,000,000 | ---D | C] -- C:\Windows\pss

[2010.05.24 13:19:08 | 000,000,000 | ---D | C] -- C:\Navilog1

[2010.05.24 13:19:07 | 000,000,000 | ---D | C] -- C:\Program Files\navilog1

[2010.05.24 13:07:55 | 000,000,000 | ---D | C] -- C:\Program Files\HiJackThis

[2010.05.24 13:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro

[2010.05.24 13:03:48 | 000,000,000 | ---D | C] -- C:\rsit

[2010.05.24 12:53:25 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2010.05.20 23:23:19 | 000,000,000 | ---D | C] -- C:\archive_db

[2010.05.20 20:44:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Paragon

[2010.05.20 19:04:36 | 000,040,560 | ---- | C] (Paragon Software Group) -- C:\Windows\System32\drivers\hotcore3.sys

[2010.05.20 19:04:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE

[2010.05.20 19:03:53 | 000,000,000 | ---D | C] -- C:\Program Files\Paragon Software

[2010.05.19 20:52:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion

[2010.05.19 20:52:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared

[2010.05.19 20:52:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Research In Motion

[2010.05.19 20:52:07 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion

[2010.05.14 19:46:28 | 000,000,000 | ---D | C] -- C:\Program Files\Spiele

[2010.05.13 22:22:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010.05.13 18:54:35 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2010.05.13 18:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2010.05.13 18:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple

[2010.05.13 18:53:53 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update

[2010.05.13 18:53:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple

[2010.05.07 00:05:33 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2010.05.06 22:14:04 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2010.05.05 10:29:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt

[2010.05.05 09:33:50 | 000,000,000 | ---D | C] -- C:\Program Files\GanttProject

[2010.05.04 18:53:36 | 001,347,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm50.dll

[2010.05.04 18:53:36 | 000,504,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSXML.DLL

[2010.05.04 18:53:36 | 000,356,352 | ---- | C] (VideoSoft) -- C:\Windows\System32\Vsflex6.ocx

[2010.05.04 18:53:36 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSSTKPRP.DLL

[2010.05.04 18:53:36 | 000,045,056 | ---- | C] (microTOOL GmbH) -- C:\Windows\System32\native_w32.dll

[2010.05.04 18:50:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\microTOOL

[2010.05.04 18:50:39 | 003,541,464 | ---- | C] (Two Pilots) -- C:\Windows\System32\PDFCreatorPilot.dll

[2010.05.04 18:50:39 | 000,338,104 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.TaskPanel.v10.2.ocx

[2010.05.02 18:34:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2010.05.02 18:34:02 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy

[2010.05.02 13:24:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft

[2010.05.02 10:38:19 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN

[2010.05.02 01:33:10 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip

[2010.05.02 01:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip

[2010.05.02 01:27:14 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark

[2010.05.02 01:07:31 | 000,398,632 | ---- | C] (Juniper Networks) -- C:\Windows\System32\dsNcSmartCardProv.dll

[2010.05.02 01:07:31 | 000,345,384 | ---- | C] (Juniper Networks) -- C:\Windows\System32\dsNcCredProv.dll

[2010.05.02 01:07:09 | 000,000,000 | ---D | C] -- C:\Program Files\Juniper Networks

[2010.05.02 00:40:04 | 000,000,000 | ---D | C] -- C:\Program Files\DesktopEarth

[2010.05.02 00:18:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared

[2010.05.02 00:18:04 | 000,000,000 | ---D | C] -- C:\Program Files\DivX

[2010.05.02 00:17:07 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX

[2010.05.01 23:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works

[2010.05.01 23:51:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio

[2010.05.01 23:51:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER

[2010.05.01 23:50:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET

[2010.05.01 23:47:16 | 000,000,000 | R--D | C] -- C:\MSOCache

[2010.05.01 19:11:34 | 000,000,000 | ---D | C] -- C:\Program Files\WinISO

[2010.04.30 22:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games

[2010.04.30 22:03:48 | 000,000,000 | ---D | C] -- C:\Program Files\Valve

[2010.04.30 16:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0

[2010.04.29 17:44:36 | 000,029,272 | R--- | C] (Adobe Systems Incorporated.) -- C:\Windows\System32\AdobePDF.dll

[2010.04.29 12:32:32 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4r.dll

[2010.04.29 12:32:32 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll

[2010.04.29 12:32:30 | 000,000,000 | ---D | C] -- C:\Program Files\TeXnicCenter

[2010.04.29 12:15:31 | 000,000,000 | ---D | C] -- C:\ProgramData\MiKTeX

[2010.04.29 12:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\MiKTeX 2.8

[2010.04.29 00:28:26 | 000,000,000 | ---D | C] -- C:\Program Files\xerox

[2010.04.28 23:57:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office

[2010.04.28 23:57:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help

[2010.04.28 18:56:25 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe

[2010.04.28 18:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet

[2010.04.28 18:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared

[2010.04.28 18:03:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe

[2010.04.28 18:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2010.04.28 18:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2010.04.28 17:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedProject

[2010.04.28 17:06:41 | 000,232,448 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll

[2010.04.28 17:06:40 | 000,301,568 | ---- | C] (Sonix) -- C:\Windows\System32\vsnp2uvc.dll

[2010.04.28 17:06:40 | 000,196,608 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll

[2010.04.28 17:06:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SNP2UVC

[2010.04.28 17:06:14 | 000,000,000 | ---D | C] -- C:\Program Files\ThinkVantage

[2010.04.28 17:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Lenovo

[2010.04.28 17:05:15 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations

[2010.04.28 17:02:22 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll

[2010.04.28 17:02:21 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll

[2010.04.28 17:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect

[2010.04.28 17:02:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine

[2010.04.28 17:02:01 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp

[2010.04.28 16:47:23 | 000,013,480 | ---- | C] (Lenovo Group Limited) -- C:\Windows\System32\drivers\smiif32.sys

[2010.04.28 16:46:14 | 000,394,600 | ---- | C] (Lenovo Group Limited) -- C:\Windows\PWMBTHLV.EXE

[2010.04.28 16:46:12 | 000,677,224 | ---- | C] (Lenovo Group Limited) -- C:\Windows\System32\PWMCP32V.cpl

[2010.04.28 16:46:12 | 000,024,304 | ---- | C] (Lenovo.) -- C:\Windows\System32\drivers\DOZEHDD.SYS

[2010.04.28 16:46:12 | 000,011,552 | ---- | C] (Lenovo Group Limited) -- C:\Windows\System32\drivers\TPPWR32V.SYS

[2010.04.28 16:45:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield

[2010.04.28 16:45:20 | 000,038,248 | ---- | C] (Lenovo.) -- C:\Windows\System32\ibmpmsvc.exe

[2010.04.28 16:45:20 | 000,035,176 | ---- | C] (Lenovo.) -- C:\Windows\System32\tpinspm.dll

[2010.04.28 16:45:20 | 000,026,608 | ---- | C] (Lenovo.) -- C:\Windows\System32\drivers\ibmpmdrv.sys

[2010.04.28 16:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics

[2010.04.28 16:44:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\postureAgent

[2010.04.28 16:44:19 | 001,006,104 | ---- | C] (Intel Corporation) -- C:\Windows\System32\mesoludlg.exe

[2010.04.28 16:44:03 | 000,330,264 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iaStor.sys

[2010.04.28 16:42:38 | 000,262,144 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\UCI32A42.dll

[2010.04.28 16:42:37 | 001,729,024 | ---- | C] (Conexant Systems Inc.) -- C:\Windows\System32\CX32TP17.dll

[2010.04.28 16:42:37 | 000,460,800 | ---- | C] (Conexant Systems Inc.) -- C:\Windows\System32\drivers\CHDRT32.sys

[2010.04.28 16:42:25 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll

[2010.04.28 16:42:05 | 002,326,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2010.04.28 16:41:06 | 000,000,000 | ---D | C] -- C:\Program Files\Digital Line Detect

[2010.04.28 16:40:38 | 000,000,000 | ---D | C] -- C:\Program Files\NetWaiting

[2010.04.28 16:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT

[2010.04.28 16:40:08 | 000,410,624 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\XAudio32.dll

[2010.04.28 16:40:08 | 000,258,048 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\UCI32M41.dll

[2010.04.28 16:40:08 | 000,008,704 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio32.sys

[2010.04.28 16:40:07 | 000,981,504 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys

[2010.04.28 16:40:07 | 000,661,504 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys

[2010.04.28 16:40:07 | 000,207,360 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWAZL.sys

[2010.04.28 16:40:07 | 000,094,208 | ---- | C] (Conexant) -- C:\Windows\System32\mdmxsdk.dll

[2010.04.28 16:39:46 | 000,172,032 | ---- | C] (Ricoh Company,Ltd) -- C:\Windows\System32\rixdicon.dll

[2010.04.28 16:39:46 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\Windows\System32\snymsico.dll

[2010.04.28 16:39:46 | 000,048,128 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys

[2010.04.28 16:39:46 | 000,044,544 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys

[2010.04.28 16:39:46 | 000,038,400 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys

[2010.04.28 16:39:45 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information

[2010.04.28 16:39:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang

[2010.04.28 16:39:25 | 000,989,720 | ---- | C] (Intel Corporation) -- C:\Windows\System32\heciudlg.exe

[2010.04.28 16:39:24 | 000,000,000 | ---D | C] -- C:\Intel

[2010.04.28 16:39:23 | 000,040,832 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\HECI.sys

[2010.04.28 16:39:07 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll

[2010.04.28 16:38:34 | 000,000,000 | ---D | C] -- C:\Program Files\ThinkPad

[2010.04.28 16:37:02 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco

[2010.04.28 16:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel

[2010.04.28 16:37:00 | 000,000,000 | ---D | C] -- C:\Program Files\Intel

[2010.04.28 16:37:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel

[2010.04.28 16:26:22 | 000,000,000 | ---D | C] -- C:\Program Files\Lenovo

[2010.04.28 16:15:25 | 000,000,000 | ---D | C] -- C:\AuthLog

[2010.04.28 16:14:57 | 000,031,680 | ---- | C] (Lenovo (United States) Inc.) -- C:\Windows\System32\drivers\psadd.sys

[2010.04.28 16:14:52 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX

[2010.04.28 16:14:44 | 000,000,000 | ---D | C] -- C:\Program Files\Lenovo Fingerprint Software

[2010.04.28 15:47:08 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[2010.04.28 15:41:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft

[2010.04.28 15:41:30 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive

[2010.04.28 15:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live

[2010.04.28 15:40:53 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH

[2010.04.28 15:40:45 | 000,000,000 | ---D | C] -- C:\Program Files\VoipStunt

[2010.04.28 15:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live

[2010.04.28 15:32:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2010.04.28 15:32:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2010.04.28 15:32:27 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2010.04.28 15:32:27 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2010.04.28 15:32:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2010.04.28 15:32:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2010.04.28 15:32:17 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2010.04.28 15:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\TrueSuite

[2010.04.28 15:22:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\wocaffe

[2010.04.28 15:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\TrueSuite

[2010.04.28 15:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations

[2010.04.28 15:20:04 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2010.04.28 15:20:00 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2010.04.28 15:19:58 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2010.04.28 15:19:57 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2010.04.28 15:19:57 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2010.04.28 15:19:55 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll

[2010.04.28 15:19:54 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys

[2010.04.28 15:19:52 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll

[2010.04.28 15:19:51 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL

[2010.04.28 15:19:51 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe

[2010.04.28 15:19:51 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe

[2010.04.28 15:19:49 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

[2010.04.28 15:19:46 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll

[2010.04.28 15:19:46 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll

[2010.04.28 15:19:46 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll

[2010.04.28 15:19:46 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax

[2010.04.28 15:19:45 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll

[2010.04.28 15:19:45 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll

[2010.04.28 15:19:45 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe

[2010.04.28 15:19:45 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe

[2010.04.28 15:19:45 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe

[2010.04.28 15:19:45 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe

[2010.04.28 15:19:45 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll

[2010.04.28 15:19:45 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll

[2010.04.28 15:19:44 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2010.04.28 15:19:44 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2010.04.28 15:19:44 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll

[2010.04.28 15:19:44 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll

[2010.04.28 15:19:43 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2010.04.28 15:19:42 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll

[2010.04.28 15:19:42 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll

[2010.04.28 15:19:42 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll

[2010.04.28 15:19:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

[2010.04.28 15:19:02 | 000,000,000 | R--D | C] -- C:\Program Files\Skype

[2010.04.28 15:18:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[2010.04.28 15:12:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2010.04.28 15:09:09 | 000,181,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

[2010.04.28 15:08:50 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys

[2010.04.28 15:08:50 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys

[2010.04.28 15:08:50 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys

[2010.04.28 15:08:50 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys

[2010.04.28 15:08:50 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys

[2010.04.28 15:08:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2010.04.28 15:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\Avira

[2010.04.28 15:06:40 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[2010.04.28 15:05:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed

[2010.04.28 14:58:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen

[2010.04.28 14:58:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü

[2010.04.28 14:58:34 | 000,000,000 | -HSD | C] -- C:\Programme

[2010.04.28 14:58:34 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien

[2010.04.28 14:58:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten

[2010.04.28 14:58:34 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos

[2010.04.28 14:58:34 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik

[2010.04.28 14:58:34 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder

[2010.04.28 14:58:34 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen

[2010.04.28 14:58:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente

[2010.04.28 14:58:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten

[2010.04.28 14:58:34 | 000,000,000 | ---D | C] -- C:\Recovery

[2010.04.28 14:51:13 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2010.04.28 14:48:34 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

[2010.04.28 14:48:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[2010.04.28 11:48:24 | 000,159,744 | ---- | C] (Lexmark International) -- C:\Windows\System32\lexlog.dlL

[2010.04.28 11:48:21 | 000,110,592 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\System32\LEXDRVX.DLL

[2010.04.28 11:48:21 | 000,098,304 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\System32\LEXCFI.DLL

[2010.04.28 11:48:17 | 000,041,984 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\System32\DRVNPANT.DLL

[2010.02.20 15:35:06 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

 
 ========== Files - Modified Within 30 Days ==========

 

[2010.05.28 09:24:04 | 000,786,432 | -HS- | M] () -- C:\Users\***\NTUSER.DAT

[2010.05.28 09:19:05 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010.05.28 09:19:05 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010.05.28 09:17:48 | 001,472,002 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010.05.28 09:17:48 | 000,643,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2010.05.28 09:17:48 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010.05.28 09:17:48 | 000,126,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2010.05.28 09:17:48 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010.05.28 09:11:44 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010.05.28 09:11:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010.05.28 09:11:28 | 1528,844,288 | -HS- | M] () -- C:\hiberfil.sys

[2010.05.27 20:55:42 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms

[2010.05.27 20:55:42 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms

[2010.05.27 20:55:42 | 000,065,536 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf

[2010.05.27 20:55:38 | 000,780,440 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db

[2010.05.27 20:53:31 | 000,002,593 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DesktopEarth AutoStart.lnk

[2010.05.27 20:53:05 | 000,109,680 | ---- | M] () -- C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT

[2010.05.27 20:52:28 | 000,000,020 | -HS- | M] () -- C:\Users\***\ntuser.ini

[2010.05.27 18:20:44 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2010.05.27 16:29:23 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini

[2010.05.27 14:52:07 | 000,032,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\VDRVROOT.SYS

[2010.05.19 21:21:59 | 000,000,256 | ---- | M] () -- C:\Windows\System32\pool.bin

[2010.05.04 12:31:55 | 000,008,487 | ---- | M] () -- C:\WirelessDiagLog.csv

[2010.05.02 21:20:30 | 000,000,824 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100503-151816.backup

[2010.05.02 01:27:19 | 000,000,067 | ---- | M] () -- C:\Windows\System32\Monitor.inf

[2010.05.02 01:27:17 | 000,008,521 | ---- | M] () -- C:\Windows\lmpcl2a.ini

[2010.05.01 23:59:33 | 000,410,880 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010.05.01 23:48:52 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini

[2010.05.01 20:41:18 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2010.05.01 20:41:18 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010.05.01 13:56:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2010.04.28 16:45:15 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf

[2010.04.28 16:41:35 | 000,001,867 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk

[2010.04.28 15:32:18 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2010.04.28 15:32:18 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2010.04.28 15:32:18 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2010.04.28 15:32:18 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2010.04.28 15:22:50 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ATSwpWDF_01009.Wdf

[2010.04.28 15:20:13 | 000,000,048 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat

[2010.04.28 14:52:02 | 000,057,035 | ---- | M] () -- C:\Windows\System32\license.rtf

 
 ========== Files Created - No Company Name ==========

 

[2010.05.27 20:52:28 | 000,524,288 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms

[2010.05.27 20:52:28 | 000,524,288 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms

[2010.05.27 20:52:28 | 000,262,144 | -HS- | C] () -- C:\Users\***\ntuser.dat.LOG1

[2010.05.27 20:52:28 | 000,065,536 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf

[2010.05.27 20:52:28 | 000,000,020 | -HS- | C] () -- C:\Users\***\ntuser.ini

[2010.05.27 20:52:28 | 000,000,000 | -HS- | C] () -- C:\Users\***\ntuser.dat.LOG2

[2010.05.27 20:52:27 | 000,786,432 | -HS- | C] () -- C:\Users\***\NTUSER.DAT

[2010.05.27 16:18:46 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe

[2010.05.27 16:18:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2010.05.27 16:18:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2010.05.27 16:18:46 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe

[2010.05.27 16:18:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2010.05.26 15:44:44 | 000,002,593 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DesktopEarth AutoStart.lnk

[2010.05.26 15:44:44 | 000,001,867 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk

[2010.05.19 20:53:35 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin

[2010.05.02 01:27:19 | 000,000,067 | ---- | C] () -- C:\Windows\System32\Monitor.inf

[2010.05.02 01:27:17 | 000,008,521 | ---- | C] () -- C:\Windows\lmpcl2a.ini

[2010.05.01 20:41:18 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS

[2010.05.01 20:41:18 | 000,000,000 | RHS- | C] () -- C:\IO.SYS

[2010.05.01 13:56:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2010.04.28 17:24:59 | 000,008,487 | ---- | C] () -- C:\WirelessDiagLog.csv

[2010.04.28 17:06:40 | 003,486,208 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys

[2010.04.28 17:06:40 | 000,028,544 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys

[2010.04.28 17:06:40 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

[2010.04.28 17:06:40 | 000,013,021 | ---- | C] () -- C:\Windows\snp2uvc.src

[2010.04.28 16:45:15 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf

[2010.04.28 16:40:07 | 000,146,036 | ---- | C] () -- C:\Windows\System32\drivers\HSFProf.cty

[2010.04.28 15:22:50 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ATSwpWDF_01009.Wdf

[2010.04.28 15:20:13 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010.04.28 14:48:15 | 1528,844,288 | -HS- | C] () -- C:\hiberfil.sys

[2010.04.28 11:48:22 | 000,175,534 | ---- | C] () -- C:\Windows\System32\LMPCLHOW.HLP

[2010.04.28 11:48:21 | 000,076,086 | ---- | C] () -- C:\Windows\System32\LEXMV95.HLP

[2010.02.20 15:27:38 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll

[2010.02.20 15:27:38 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll

[2009.12.02 19:39:02 | 020,317,504 | ---- | C] () -- C:\Windows\System32\TrueSuiteCoInst02020000.dll

[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

< End of report >

und das Extra:

Code:

OTL Extras logfile created on: 28.05.2010 09:24:31 - Run 1

OTL by OldTimer - Version 3.2.5.0     Folder = C:\Users\***\Desktop

 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 43,00% Memory free

4,00 Gb Paging File | 2,00 Gb Available in Paging File | 64,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 79,90 Gb Total Space | 7,75 Gb Free Space | 9,70% Space Free | Partition Type: NTFS

Drive D: | 146,72 Gb Total Space | 43,57 Gb Free Space | 29,70% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: ***

Current User Name: ***

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)

Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6

"{17CBC505-D1AE-459D-B445-3D2000A85842}" = Dienstprogramm "ThinkPad UltraNav"

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{25C64847-B900-48AD-A164-1B4F9B774650}" = System Update

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{2D440AF4-7330-43F0-A085-35DE1A90E703}" = Lenovo Fingerprint Software

"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Integrated Camera

"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger

"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent

"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support

"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.64.02

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility

"{8E537894-A559-4D60-B3CB-F4485E3D24E3}" = ThinkVantage Access Connections

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars

"{AB562530-921D-11DE-A208-005056C00008}" = Paragon Backup & Recovery™ 10.2 Free Edition

"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch

"{B90E5EBE-DF18-44D5-9D18-689ADEE9DA6C}" = Intel(R) PROSet/Wireless WiFi-Software

"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help

"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5

"{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Energie-Manager

"{DBA5E973-660D-4CBE-A469-F5C37FBF0CE4}" = DesktopEarth

"{E6C44758-FF49-47D1-8182-65E3818ACE23}" = AuthenTec TrueSuite

"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials

"0481B164C8D1D26C560D6A5E717C5920D4362D60" = Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric  (01/14/2010 8.6.0.13)

"0D531DBBCCFED6ED4D4C297EE922CEF5D0A99DEE" = Windows-Treiberpaket - Intel (NETw5v32) net  (01/13/2010 13.1.1.1)

"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.1.3 Professional

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"BlackBerry_{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1

"CCleaner" = CCleaner

"CNXT_AUDIO_HDA" = Conexant 20561 SmartAudio HD

"CNXT_MODEM_HDA_HSF" = ThinkPad Modem Adapter

"DivX Setup.divx.com" = DivX-Setup

"ENTERPRISE" = Microsoft Office Enterprise 2007

"GanttProject" = GanttProject

"HECI" = Intel(R) Management Engine Interface

"Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0

"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control

"LENOVO.SMIIF" = Lenovo System Interface Driver

"Lexmark Printer Software Uninstall" = Lexmark Drucker-Software deinstallieren

"MESOL" = Intel® Active-Management-Technologie

"MiKTeX 2.8" = MiKTeX 2.8

"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)

"OnScreenDisplay" = Anzeige am Bildschirm

"Power Management Driver" = ThinkPad Power Management Driver

"ProInst" = Intel PROSet Wireless

"PROSet" = Intel(R) Network Connections Drivers

"SynTPDeinstKey" = ThinkPad UltraNav Driver

"TeXnicCenter_is1" = TeXnicCenter Version 1.0 Stable RC1

"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier

"VLC media player" = VLC media player 1.0.5

"VoipStunt_is1" = VoipStunt

"Winamp" = Winamp

"WinISO_is1" = WinISO 5.3

"WinLiveSuite_Wave3" = Windows Live Essentials

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 26.05.2010 10:54:12 | Computer Name = *** | Source = VSS | ID = 8193

Description = 

 

Error - 26.05.2010 10:59:42 | Computer Name = *** | Source = VSS | ID = 8193

Description = 

 

Error - 26.05.2010 11:03:38 | Computer Name = *** | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: tvsu.exe, Version: 4.0.0.1, Zeitstempel:

 0x4adc2eb3  Name des fehlerhaften Moduls: tvsutil.dll, Version: 0.0.0.0, Zeitstempel:

 0x4adc2eb7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00002683  ID des fehlerhaften Prozesses:

 0xf84  Startzeit der fehlerhaften Anwendung: 0x01cafce4986715d5  Pfad der fehlerhaften

 Anwendung: C:\Program Files\Lenovo\System Update\tvsu.exe  Pfad des fehlerhaften 

Moduls: C:\Program Files\Lenovo\System Update\tvsutil.dll  Berichtskennung: dcf9ddc1-68d7-11df-9f65-00247e6a20a7

 

Error - 27.05.2010 08:43:04 | Computer Name = *** | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: tvsu.exe, Version: 4.0.0.1, Zeitstempel:

 0x4adc2eb3  Name des fehlerhaften Moduls: tvsutil.dll, Version: 0.0.0.0, Zeitstempel:

 0x4adc2eb7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00002683  ID des fehlerhaften Prozesses:

 0x13dc  Startzeit der fehlerhaften Anwendung: 0x01cafd9a2543ebfe  Pfad der fehlerhaften

 Anwendung: C:\Program Files\Lenovo\System Update\tvsu.exe  Pfad des fehlerhaften 

Moduls: C:\Program Files\Lenovo\System Update\tvsutil.dll  Berichtskennung: 63f18b7c-698d-11df-9618-00247e6a20a7

 

Error - 27.05.2010 10:20:24 | Computer Name = *** | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: PEV.cfxxe, Version: 0.0.0.0, Zeitstempel:

 0x4bd0e994  Name des fehlerhaften Moduls: PEV.cfxxe, Version: 0.0.0.0, Zeitstempel:

 0x4bd0e994  Ausnahmecode: 0xc0000417  Fehleroffset: 0x00082899  ID des fehlerhaften Prozesses:

 0x55c  Startzeit der fehlerhaften Anwendung: 0x01cafda7bd84ac73  Pfad der fehlerhaften

 Anwendung: C:\ComboFix\PEV.cfxxe  Pfad des fehlerhaften Moduls: C:\ComboFix\PEV.cfxxe

Berichtskennung:

 fccaa402-699a-11df-9f04-00247e6a20a7

 

Error - 27.05.2010 14:46:04 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 513

Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts

 "System Writer".  Details: AddLegacyDriverFiles: Unable to back up image of binary

 SASDIFSV.  System Error: Das System kann die angegebene Datei nicht finden.  .

 

Error - 27.05.2010 14:46:04 | Computer Name = *** | Source = Microsoft-Windows-CAPI2 | ID = 513

Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts

 "System Writer".  Details: AddLegacyDriverFiles: Unable to back up image of binary

 SASKUTIL.  System Error: Das System kann die angegebene Datei nicht finden.  .

 

Error - 27.05.2010 14:48:59 | Computer Name = *** | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: AtService.exe, Version: 3.3.2.27,

 Zeitstempel: 0x4b6c027f  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,

 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften

 Prozesses: 0x39c  Startzeit der fehlerhaften Anwendung: 0x01cafda8d7e29545  Pfad der

 fehlerhaften Anwendung: C:\Windows\system32\AtService.exe  Pfad des fehlerhaften 

Moduls: unknown  Berichtskennung: 822bef54-69c0-11df-89dd-00247e6a20a7

 

Error - 27.05.2010 14:52:40 | Computer Name = *** | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7600.16385,

 Zeitstempel: 0x4a5bccb3  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385,

 Zeitstempel: 0x4a5bdaae  Ausnahmecode: 0x0000046b  Fehleroffset: 0x00009617  ID des fehlerhaften

 Prozesses: 0xe00  Startzeit der fehlerhaften Anwendung: 0x01cafdcdb48a36b5  Pfad der

 fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe  Pfad 

des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 061c938e-69c1-11df-9982-00247e6a20a7

 

Error - 27.05.2010 15:17:51 | Computer Name = *** | Source = SideBySide | ID = 16842811

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Lenovo\Access

 Connections\AcCryptHlpr.dll". Fehler in Manifest- oder Richtliniendatei "C:\Program

 Files\Lenovo\Access Connections\AcCryptHlpr.dll" in Zeile 0.  Ungültige XML-Syntax.

 

[ System Events ]

Error - 27.05.2010 10:19:52 | Computer Name = *** | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

Error - 27.05.2010 10:26:52 | Computer Name = *** | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

Error - 27.05.2010 10:26:59 | Computer Name = *** | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

Error - 27.05.2010 10:28:15 | Computer Name = *** | Source = EventLog | ID = 6008

Description = Das System wurde zuvor am ?27.?05.?2010 um 16:27:18 unerwartet heruntergefahren.

 

Error - 27.05.2010 11:02:15 | Computer Name = *** | Source = BROWSER | ID = 8032

Description = 

 

Error - 27.05.2010 14:49:02 | Computer Name = *** | Source = Service Control Manager | ID = 7034

Description = Dienst "AuthenTec Fingerprint Service" wurde unerwartet beendet. Dies

 ist bereits 1 Mal passiert.

 

Error - 27.05.2010 14:49:04 | Computer Name = *** | Source = Service Control Manager | ID = 7016

Description = Der Dienst "Data Transfer Service" hat einen ungültigen aktuellen 

Status gemeldet: 0

 

Error - 27.05.2010 14:52:48 | Computer Name = *** | Source = Service Control Manager | ID = 7031

Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet

 beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden

 in 30000 Millisekunden durchgeführt: Neustart des Diensts.

 

Error - 27.05.2010 17:58:47 | Computer Name = *** | Source = Service Control Manager | ID = 7016

Description = Der Dienst "Data Transfer Service" hat einen ungültigen aktuellen 

Status gemeldet: 0

 

Error - 28.05.2010 03:11:49 | Computer Name = *** | Source = Service Control Manager | ID = 7023

Description = Der Dienst "Server" wurde mit folgendem Fehler beendet:   %%14

 

 

< End of report >