| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows detected a hard disk problemWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.03.2012, 16:24
| #1 |
| |  Windows detected a hard disk problem Hallo Zusammen, folgende Fehlermedlung trat an meinem Rechner auf: Windows detected a hard disk problem Der PC ist automatisch runtergefahren, die Fehlermeldung konnte ich mit Malwarebytes beseitigen. Jetzt startet der Rechner zumindest wieder und fährt nicht mehr automatisch runter. Jedoch ist mein Startmenü leer und z.b. der programm ordner inhalt ist versteckt. Anbei meine zwei logfiles erstellt mit OLT. ich hoffe ihr könnt mir helfen. vielen dank Code:
ATTFilter OTL logfile created on: 16.03.2012 16:08:44 - Run 1 OTL by OldTimer - Version 3.2.37.1 Folder = C:\Users\Administrator\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 57,59% Memory free 6,49 Gb Paging File | 4,38 Gb Available in Paging File | 67,49% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 297,88 Gb Total Space | 190,25 Gb Free Space | 63,87% Space Free | Partition Type: NTFS Drive I: | 897,28 Gb Total Space | 609,17 Gb Free Space | 67,89% Space Free | Partition Type: NTFS Drive Y: | 897,28 Gb Total Space | 609,17 Gb Free Space | 67,89% Space Free | Partition Type: NTFS Drive Z: | 897,28 Gb Total Space | 609,17 Gb Free Space | 67,89% Space Free | Partition Type: NTFS Computer Name: WIN7-PREISNER | User Name: bpreisne | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Administrator\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Users\bpreisne\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\DYMO\DYMO Label Software\DymoPnpService.exe (Sanford, L.P.) PRC - C:\Programme\DYMO\DYMO Label Software\DymoQuickPrint.exe (Sanford, L.P.) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Programme\Trend Micro\OfficeScan Client\PccNTMon.exe (Trend Micro Inc.) PRC - C:\Programme\Trend Micro\OfficeScan Client\TmListen.exe (Trend Micro Inc.) PRC - C:\Programme\Trend Micro\OfficeScan Client\NTRtScan.exe (Trend Micro Inc.) PRC - C:\Programme\Trend Micro\OfficeScan Client\TmPfw.exe (Trend Micro Inc.) PRC - C:\Programme\Trend Micro\BM\TMBMSRV.exe (Trend Micro Inc.) PRC - C:\Programme\Trend Micro\OfficeScan Client\CNTAoSMgr.exe (Trend Micro Inc.) PRC - C:\Programme\Trend Micro\OfficeScan Client\TmProxy.exe (Trend Micro Inc.) PRC - C:\Windows\System32\rserver30\FamItrfc.Exe (Famatech Corp.) PRC - C:\Windows\System32\rserver30\rserver3.exe (Famatech Corp.) PRC - C:\Programme\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\f01c5c76d0a19516a37b7bd191a02cda\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll () MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll () MOD - C:\Programme\DYMO\DYMO Label Software\DYMO.Common.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Programme\Notepad++\NppShell_01.dll () MOD - C:\Windows\System32\rserver30\1031.lng_rad () MOD - C:\Programme\Common Files\microsoft shared\Web Folders\1031\NSEXTINT.DLL () ========== Win32 Services (SafeList) ========== SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_7de0ed9.dll () SRV - (NWSAPAutoWorkstationUpdateSvc) -- C:\Programme\SAP\SapSetup\setup\Updater\NwSapAutoWorkstationUpdateService.exe (SAP AG) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (DymoPnpService) -- C:\Programme\DYMO\DYMO Label Software\DymoPnpService.exe (Sanford, L.P.) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (tmlisten) -- C:\Programme\Trend Micro\OfficeScan Client\TmListen.exe (Trend Micro Inc.) SRV - (ntrtscan) -- C:\Programme\Trend Micro\OfficeScan Client\NTRtScan.exe (Trend Micro Inc.) SRV - (TmPfw) -- C:\Programme\Trend Micro\OfficeScan Client\TmPfw.exe (Trend Micro Inc.) SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Programme\WinPcap\rpcapd.exe (CACE Technologies, Inc.) SRV - (TMBMServer) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe (Trend Micro Inc.) SRV - (TmProxy) -- C:\Programme\Trend Micro\OfficeScan Client\TmProxy.exe (Trend Micro Inc.) SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (RServer3) -- C:\Windows\System32\rserver30\RServer3.exe (Famatech Corp.) SRV - (LVPrcSrv) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (FirebirdGuardianDefaultInstance) -- C:\Programme\Firebird\V2_0_5\Bin\fbguard.exe (FirebirdSQL Project) SRV - (FirebirdServerDefaultInstance) -- C:\Programme\Firebird\V2_0_5\Bin\fbserver.exe (FirebirdSQL Project) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (TryAndDecideService) -- C:\Programme\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe () SRV - (AcrSch2Svc) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (PSI_SVC_2) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (MDM) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (pwdrvio) -- C:\Windows\System32\pwdrvio.sys () DRV - (pwdspio) -- C:\Windows\System32\pwdspio.sys () DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.) DRV - (TmFilter) -- C:\Programme\Trend Micro\OfficeScan Client\TmXpflt.sys (Trend Micro Inc.) DRV - (TmPreFilter) -- C:\Programme\Trend Micro\OfficeScan Client\TmPreflt.sys (Trend Micro Inc.) DRV - (VSApiNt) -- C:\Programme\Trend Micro\OfficeScan Client\vsapiNT.sys (Trend Micro Inc.) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (LVUVC) Logitech QuickCam Pro 9000(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.) DRV - (tmactmon) -- C:\Windows\System32\drivers\tmactmon.sys (Trend Micro Inc.) DRV - (tmevtmgr) -- C:\Windows\System32\drivers\tmevtmgr.sys (Trend Micro Inc.) DRV - (tmcomm) -- C:\Windows\System32\drivers\tmcomm.sys (Trend Micro Inc.) DRV - (androidusb) -- C:\Windows\System32\drivers\androidusb.sys (Google Inc) DRV - (tmwfp) -- C:\Windows\System32\drivers\tmwfp.sys (Trend Micro Inc.) DRV - (tmlwf) -- C:\Windows\System32\drivers\tmlwf.sys (Trend Micro Inc.) DRV - (tmtdi) -- C:\Windows\System32\drivers\tmtdi.sys (Trend Micro Inc.) DRV - (timounter) -- C:\Windows\System32\drivers\timntr.sys (Acronis) DRV - (tifsfilter) -- C:\Windows\System32\drivers\tifsfilt.sys (Acronis) DRV - (snapman) -- C:\Windows\System32\drivers\snapman.sys (Acronis) DRV - (tdrpman) -- C:\Windows\System32\drivers\tdrpman.sys (Acronis) DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH) DRV - (raddrvv3) -- C:\Windows\System32\rserver30\raddrvv3.sys (Famatech Corp.) DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys () DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (e1kexpress) Intel(R) -- C:\Windows\System32\drivers\e1k6032.sys (Intel Corporation) DRV - (BDA_Capture_220A) -- C:\Windows\System32\drivers\BDA_Capture_220A.sys (WideViewer Electronics CO., LTD) DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.) DRV - (mirrorv3) -- C:\Windows\System32\drivers\rminiv3.sys (Famatech International Corp.) DRV - (BDA_Loader_220A) -- C:\Windows\System32\drivers\BDA_Loader_220A.sys (WideView Technology Inc.) DRV - (ZSMC303) VIMICRO USB PC Camera (VC0303) -- C:\Windows\System32\drivers\usbVM303.sys (Vimicro Corporation) DRV - (ECS_Loader_220) -- C:\Windows\System32\drivers\ECS_Loader_220.sys (WideView Technology Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A5 4F 3E 3C C8 78 CA 01 [binary data] IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.dpd.de;<local>;127.0.0.1:9421;*.local IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 10.17.15.39:3128 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = hxxp://proxy.depot128.dpd.de/proxy.conf ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: netviewero2m@netviewero2m:1.0 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 FF - prefs.js..extensions.enabledItems: firesheep@codebutler.com:0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@dymo.com/DymoLabelFramework: C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Users\bpreisne\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( ) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\bpreisne\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\bpreisne\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\bpreisne\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\bpreisne\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\bpreisne\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.07.01 09:12:22 | 000,000,000 | -H-D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\netviewero2m@netviewero2m: C:\Program Files\Netviewer\Meet\plugins\firefox [2011.09.07 10:07:39 | 000,000,000 | -H-D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.20 09:14:45 | 000,000,000 | -H-D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.03.12 17:49:34 | 000,000,000 | -H-D | M] [2010.02.25 11:45:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bpreisne\AppData\Roaming\mozilla\Extensions [2012.03.14 12:12:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bpreisne\AppData\Roaming\mozilla\Firefox\Profiles\4hsf4sk4.default\extensions [2012.01.24 17:21:15 | 000,000,000 | ---D | M] (Page Speed) -- C:\Users\bpreisne\AppData\Roaming\mozilla\Firefox\Profiles\4hsf4sk4.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97} [2011.11.09 10:09:12 | 000,000,000 | -H-D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.05.11 09:22:42 | 000,000,000 | -H-D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} () (No name found) -- C:\USERS\BPREISNE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4HSF4SK4.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI [2012.02.20 09:14:44 | 000,134,104 | -H-- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.02.02 21:40:24 | 000,472,808 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.10.06 08:27:37 | 000,001,392 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.06 08:27:37 | 000,002,252 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011.10.06 08:27:37 | 000,001,153 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.10.06 08:27:37 | 000,006,805 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.06 08:27:37 | 000,001,178 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.06 08:27:37 | 000,001,105 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\bpreisne\AppData\Local\Google\Chrome\Application\17.0.963.66\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\bpreisne\AppData\Local\Google\Chrome\Application\17.0.963.66\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\bpreisne\AppData\Local\Google\Chrome\Application\17.0.963.66\pdf.dll CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\bpreisne\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\bpreisne\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: DYMO Label Framework (Enabled) = C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\bpreisne\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Google Update (Enabled) = C:\Users\bpreisne\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Protect Disc License Acquisition Plugin (Enabled) = C:\Users\bpreisne\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Firebug Lite for Google Chrome\u2122 = C:\Users\bpreisne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\ CHR - Extension: Page Speed = C:\Users\bpreisne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli\1.12.0.2_0\ CHR - Extension: META SEO inspector = C:\Users\bpreisne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibkclpciafdglkjkcibmohobjkcfkaef\1.8.1_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\bpreisne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\ O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programme\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (&Netviewer Meet) - {5D6FDD2C-2FED-43B9-8A9E-3F9FFA988E5D} - C:\Programme\Netviewer\Meet\plugins\ie\NVIEPluginMeet.dll (Netviewer AG) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programme\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [OfficeScanNT Monitor] C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe (Trend Micro Inc.) O4 - HKCU..\Run: [DymoQuickPrint] C:\Program Files\DYMO\DYMO Label Software\DymoQuickPrint.exe (Sanford, L.P.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Free YouTube Download - C:\Users\bpreisne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\bpreisne\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: crmdpd.int ([dpd-de] http in Lokales Intranet) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} hxxp://10.17.15.17:8080/officescan/console/html/root/AtxEnc.cab (Encrypt Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {A050E865-64E3-431B-8079-F0DFCEA90A2D} hxxp://10.17.15.17:8080/officescan/console/html/root/AtxPie.cab (PieChart Class) O16 - DPF: {A52634AD-9341-40D6-AB02-08F300D2C8AC} hxxp://10.17.15.17:8080/officescan/console/html/root/AtxConsole.cab (Trend Micro OfficeScan Management-Konsole) O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57F43A23-7F98-4CF9-9461-A35475F6376F}: NameServer = 10.17.15.41 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F821F77-35C5-42E3-800C-F84DFC2E8C4A}: DhcpNameServer = 139.7.30.126 139.7.30.125 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6D915F3-44E2-405E-A204-3E3770FDB10D}: DhcpNameServer = 193.189.244.225 193.189.244.206 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Programme\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP, Walldorf) O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Programme\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP, Walldorf) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\System32\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.03.15 03:02:52 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012.03.15 03:02:45 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2012.03.15 03:02:38 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll [2012.03.15 03:02:38 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll [2012.03.15 03:02:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe [2012.03.15 03:02:29 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll [2012.03.14 16:40:12 | 012,644,232 | ---- | C] (Microsoft Corporation) -- C:\Users\bpreisne\Desktop\drvupdate-x86.exe [2012.03.14 16:36:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\Windows Genuine Advantage [2012.03.14 12:26:59 | 000,046,928 | R--- | C] (Adobe Systems Inc) -- C:\Windows\System32\AdobePDF.dll [2012.03.14 12:26:59 | 000,022,872 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\System32\AdobePDFUI.dll [2012.02.17 09:55:57 | 000,000,000 | ---D | C] -- C:\Users\bpreisne\Desktop\CRM Februar [2012.02.17 09:18:37 | 000,000,000 | ---D | C] -- C:\Users\bpreisne\AppData\Roaming\Malwarebytes [2012.02.17 09:17:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.02.17 09:17:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes [2012.02.17 09:17:13 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.02.17 09:17:13 | 000,000,000 | -H-D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.02.16 14:54:39 | 000,000,000 | ---D | C] -- C:\Users\bpreisne\AppData\Roaming\PCPro [2012.02.16 14:54:39 | 000,000,000 | ---D | C] -- C:\Users\bpreisne\AppData\Roaming\PC Cleaners [2012.02.16 14:54:34 | 005,276,432 | ---- | C] (PC Cleaners) -- C:\Windows\uninst.exe [2012.02.16 14:54:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\PC1Data [2012.02.16 03:02:13 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.02.16 03:02:12 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012.02.16 03:02:12 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.02.16 03:02:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.02.16 03:02:11 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.02.16 03:02:09 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.08.31 15:15:41 | 001,481,928 | ---- | C] (HTC) -- C:\Users\bpreisne\AppData\Local\ROMUpdateUtility.exe [2011.08.31 15:15:41 | 001,449,160 | ---- | C] (HTC) -- C:\Users\bpreisne\AppData\Local\RUUResource.dll [2011.08.31 15:15:41 | 000,175,304 | ---- | C] (HTC) -- C:\Users\bpreisne\AppData\Local\rapitool.exe [2011.08.31 15:15:41 | 000,008,904 | ---- | C] (HTC) -- C:\Users\bpreisne\AppData\Local\EnterBootloader.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.03.16 15:45:32 | 000,020,512 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.03.16 15:45:32 | 000,020,512 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.03.16 15:43:56 | 000,709,650 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.03.16 15:43:56 | 000,664,338 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.03.16 15:43:56 | 000,146,378 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.03.16 15:43:56 | 000,122,602 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.03.16 15:40:22 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.03.16 15:39:44 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.03.16 15:38:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.03.16 15:38:07 | 2615,365,632 | -HS- | M] () -- C:\hiberfil.sys [2012.03.16 15:32:00 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-318477192-2915143298-3550291535-1000UA.job [2012.03.16 15:22:08 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.03.16 14:54:00 | 000,001,150 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-318477192-2915143298-3550291535-1000UA.job [2012.03.16 12:46:44 | 000,000,663 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.03.16 12:13:41 | 000,441,880 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.03.16 12:11:18 | 000,338,432 | -H-- | M] () -- C:\ProgramData\vEiB290cKTp8YX.exe [2012.03.16 09:56:48 | 004,428,831 | ---- | M] () -- C:\Users\bpreisne\Desktop\DPD_renz.pdf [2012.03.16 09:53:32 | 001,390,379 | ---- | M] () -- C:\Users\bpreisne\Desktop\SCAN0084.JPG [2012.03.16 09:53:32 | 001,346,186 | ---- | M] () -- C:\Users\bpreisne\Desktop\SCAN0085.JPG [2012.03.16 09:15:55 | 000,002,052 | -H-- | M] () -- C:\Users\bpreisne\Documents\Default.rdp [2012.03.16 08:54:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-318477192-2915143298-3550291535-1000Core.job [2012.03.16 07:37:31 | 000,009,268 | ---- | M] () -- C:\Windows\cfgall.ini [2012.03.16 00:32:00 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-318477192-2915143298-3550291535-1000Core.job [2012.03.14 16:41:02 | 012,644,232 | ---- | M] (Microsoft Corporation) -- C:\Users\bpreisne\Desktop\drvupdate-x86.exe [2012.03.13 11:52:37 | 000,000,600 | ---- | M] () -- C:\Users\bpreisne\AppData\Local\PUTTY.RND [2012.03.13 09:56:30 | 012,062,011 | ---- | M] () -- C:\Users\bpreisne\Desktop\DELIComVPN.zip [2012.03.09 09:17:51 | 000,001,760 | ---- | M] () -- C:\Users\bpreisne\Desktop\foto.lnk [2012.03.08 12:32:46 | 004,566,121 | ---- | M] () -- C:\Users\bpreisne\Desktop\Elixmann_Foto.jpg [2012.03.06 18:04:45 | 000,001,456 | ---- | M] () -- C:\Users\bpreisne\AppData\Local\Adobe Für Web speichern 11.0 Prefs [2012.03.06 15:29:26 | 000,187,988 | ---- | M] () -- C:\Users\Public\Documents\DSM.pdf [2012.02.29 11:54:38 | 000,059,327 | ---- | M] () -- C:\Users\bpreisne\Desktop\lieferschein_activa.pdf [2012.02.27 11:37:52 | 000,000,771 | ---- | M] () -- C:\Windows\ODBC.INI [2012.02.23 15:33:57 | 000,037,167 | ---- | M] () -- C:\Users\bpreisne\Desktop\File Format STATUSDATA _D_E_.pdf [2012.02.17 06:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll [2012.02.16 14:54:35 | 000,000,938 | ---- | M] () -- C:\Users\bpreisne\Desktop\PC Cleaner Pro.lnk [2012.02.16 14:54:15 | 005,276,432 | ---- | M] (PC Cleaners) -- C:\Windows\uninst.exe [2012.02.16 10:28:02 | 001,002,784 | ---- | M] () -- C:\Users\bpreisne\Desktop\662.pdf [2012.02.16 10:27:56 | 002,376,012 | ---- | M] () -- C:\Users\bpreisne\Desktop\660.pdf [2012.02.16 10:27:49 | 005,742,904 | ---- | M] () -- C:\Users\bpreisne\Desktop\Katalog_low.pdf [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.03.16 12:46:44 | 000,000,663 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.03.16 12:11:18 | 000,338,432 | -H-- | C] () -- C:\ProgramData\vEiB290cKTp8YX.exe [2012.03.16 09:56:48 | 004,428,831 | ---- | C] () -- C:\Users\bpreisne\Desktop\DPD_renz.pdf [2012.03.16 09:53:32 | 001,390,379 | ---- | C] () -- C:\Users\bpreisne\Desktop\SCAN0084.JPG [2012.03.16 09:53:32 | 001,346,186 | ---- | C] () -- C:\Users\bpreisne\Desktop\SCAN0085.JPG [2012.03.13 09:53:33 | 012,062,011 | ---- | C] () -- C:\Users\bpreisne\Desktop\DELIComVPN.zip [2012.03.08 12:30:06 | 004,566,121 | ---- | C] () -- C:\Users\bpreisne\Desktop\Elixmann_Foto.jpg [2012.03.06 15:29:59 | 000,187,988 | ---- | C] () -- C:\Users\Public\Documents\DSM.pdf [2012.02.29 11:54:38 | 000,059,327 | ---- | C] () -- C:\Users\bpreisne\Desktop\lieferschein_activa.pdf [2012.02.23 15:33:57 | 000,037,167 | ---- | C] () -- C:\Users\bpreisne\Desktop\File Format STATUSDATA _D_E_.pdf [2012.02.20 16:06:42 | 039,386,823 | ---- | C] () -- C:\Users\bpreisne\Desktop\ITIL V3 Basiszertifizierung (STD).pdf [2012.02.16 14:54:35 | 000,000,938 | ---- | C] () -- C:\Users\bpreisne\Desktop\PC Cleaner Pro.lnk [2012.02.16 10:27:56 | 001,002,784 | ---- | C] () -- C:\Users\bpreisne\Desktop\662.pdf [2012.02.16 10:27:31 | 002,376,012 | ---- | C] () -- C:\Users\bpreisne\Desktop\660.pdf [2012.02.16 10:27:22 | 005,742,904 | ---- | C] () -- C:\Users\bpreisne\Desktop\Katalog_low.pdf [2012.02.14 11:16:05 | 000,922,184 | ---- | C] () -- C:\Windows\System32\pwNative.exe [2012.02.14 11:16:05 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys [2012.02.14 11:16:03 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys [2012.01.06 13:17:47 | 000,102,400 | ---- | C] () -- C:\Windows\RegBootClean.exe [2011.11.11 11:15:32 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2011.11.08 16:26:13 | 001,064,960 | ---- | C] () -- C:\Windows\System32\h5krnl32.dll [2011.11.08 16:26:13 | 000,175,616 | ---- | C] () -- C:\Windows\System32\h5menu32.dll [2011.11.08 16:26:13 | 000,095,744 | ---- | C] () -- C:\Windows\System32\h5rtf32.dll [2011.11.08 16:26:13 | 000,051,200 | ---- | C] () -- C:\Windows\System32\h5tool32.dll [2011.11.08 16:26:12 | 000,188,928 | ---- | C] () -- C:\Windows\System32\h5icon32.dll [2011.08.31 15:15:41 | 000,213,864 | ---- | C] () -- C:\Users\bpreisne\AppData\Local\ModelID.fig [2011.08.31 15:15:41 | 000,141,368 | ---- | C] () -- C:\Users\bpreisne\AppData\Local\ErrorUSB.fig [2011.08.31 15:15:41 | 000,095,552 | ---- | C] () -- C:\Users\bpreisne\AppData\Local\ErrorBattery.fig [2011.08.31 15:15:41 | 000,013,512 | ---- | C] () -- C:\Users\bpreisne\AppData\Local\RUUGetInfo.exe [2011.08.31 15:15:41 | 000,000,013 | ---- | C] () -- C:\Users\bpreisne\AppData\Local\ROMUpdateUtility.cfg [2011.08.04 09:30:47 | 000,038,447 | ---- | C] () -- C:\Users\bpreisne\AppData\Roaming\Kommagetrennte Werte (Windows).ADR [2011.07.29 09:50:03 | 000,001,662 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011.06.07 11:48:53 | 000,000,018 | ---- | C] () -- C:\Users\bpreisne\AppData\Roaming\sys386ll.dat [2011.06.07 10:40:25 | 000,000,010 | ---- | C] () -- C:\Users\bpreisne\AppData\Roaming\hhxprot5 [2011.05.24 12:47:13 | 000,119,965 | ---- | C] () -- C:\Windows\cgmxp32.ini [2011.05.11 09:24:13 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2011.05.03 10:38:59 | 000,166,944 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2011.04.21 14:51:38 | 000,000,270 | -H-- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2011.03.09 13:24:45 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.01.06 13:19:35 | 000,001,456 | ---- | C] () -- C:\Users\bpreisne\AppData\Local\Adobe Für Web speichern 11.0 Prefs [2010.11.10 02:45:32 | 000,102,744 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe [2010.11.10 02:45:30 | 010,871,128 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll [2010.11.10 02:45:20 | 000,316,248 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll [2010.11.10 02:31:42 | 000,026,286 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2010.11.01 12:22:13 | 000,004,096 | -H-- | C] () -- C:\Users\bpreisne\AppData\Local\keyfile3.drm [2010.09.06 12:18:48 | 000,000,068 | ---- | C] () -- C:\Windows\KMSTMVM.ini [2010.09.06 12:07:44 | 000,000,027 | ---- | C] () -- C:\Windows\EZSET_SP.INI [2010.09.06 10:34:22 | 000,000,681 | ---- | C] () -- C:\Windows\saplogon.ini [2010.09.06 09:59:31 | 000,015,872 | ---- | C] () -- C:\Windows\System32\vtssm32.dll [2010.07.30 12:35:24 | 000,007,671 | ---- | C] () -- C:\Users\bpreisne\AppData\Local\Resmon.ResmonCfg [2010.07.21 07:56:06 | 000,000,161 | ---- | C] () -- C:\Windows\DISPARAM.INI [2010.07.16 15:50:23 | 000,015,156 | ---- | C] () -- C:\Windows\System32\SELF32.INI [2010.06.29 12:40:51 | 000,000,088 | RHS- | C] () -- C:\ProgramData\3A84F502AF.sys [2010.06.29 12:40:50 | 000,005,018 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010.06.25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll ========== LOP Check ========== [2011.06.07 11:48:53 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\10-Sekunden-Haushaltsbuch [2011.06.06 13:15:25 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\Aquamarin Haushaltsbuch [2010.04.09 12:39:21 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\BayCalculator [2012.02.02 17:35:57 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\Downloaded Installations [2011.08.05 11:00:36 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\DVDVideoSoft [2011.08.05 11:00:23 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\DVDVideoSoftIEHelpers [2011.06.24 12:58:48 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\excellbook [2011.06.15 13:22:20 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\FileZilla [2010.11.26 09:15:52 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\hdbADS [2012.01.06 13:03:39 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\iolo [2010.03.04 10:37:50 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\Leadertech [2012.02.17 12:02:11 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\Nitro PDF [2010.03.11 15:15:52 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\Notepad++ [2010.03.29 15:09:02 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\Nvu [2010.02.26 13:27:05 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\OPHG [2012.02.16 14:54:39 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\PC Cleaners [2012.02.16 14:54:39 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\PCPro [2010.07.21 10:14:49 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\PFU [2011.06.06 16:16:54 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\ProtectDisc [2010.02.25 11:38:24 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\Radmin [2010.10.04 15:22:55 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\rockbox.org [2011.04.05 09:32:32 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\SanDisk [2012.02.23 10:34:57 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\SAP [2010.03.02 09:48:47 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\SpeedProject [2011.07.27 14:46:17 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\The Bat! [2010.06.29 14:06:37 | 000,000,000 | ---D | M] -- C:\Users\bpreisne\AppData\Roaming\Ulead Systems [2012.03.16 08:54:00 | 000,001,128 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-318477192-2915143298-3550291535-1000Core.job [2012.03.16 14:54:00 | 000,001,150 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-318477192-2915143298-3550291535-1000UA.job [2009.07.14 05:53:46 | 000,028,348 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 16.03.2012 16:08:44 - Run 1
OTL by OldTimer - Version 3.2.37.1 Folder = C:\Users\Administrator\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 57,59% Memory free
6,49 Gb Paging File | 4,38 Gb Available in Paging File | 67,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,88 Gb Total Space | 190,25 Gb Free Space | 63,87% Space Free | Partition Type: NTFS
Drive I: | 897,28 Gb Total Space | 609,17 Gb Free Space | 67,89% Space Free | Partition Type: NTFS
Drive Y: | 897,28 Gb Total Space | 609,17 Gb Free Space | 67,89% Space Free | Partition Type: NTFS
Drive Z: | 897,28 Gb Total Space | 609,17 Gb Free Space | 67,89% Space Free | Partition Type: NTFS
Computer Name: WIN7-PREISNER | User Name: bpreisne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{F072CA07-A781-45E4-9975-C033A73019CF}" = Corel VideoStudio Pro X3
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12EE0B2A-84C6-494E-A7AC-6771E898F6A0}_is1" = HD2 Toolkit Version 4.2
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F507073-75D3-4900-9200-9973517FC57A}" = PBX Unified Maintenance Console
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 24
"{29042B1C-0713-4575-B7CA-5C8E7B0899D4}" = MyODBC
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2C39F7CF-E022-4C0D-B1BA-AF6DDD931054}" = ArcSoft MediaImpression
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1" = MiniTool Partition Wizard Home Edition 7.1
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{397FF711-8BD9-4388-ADFC-2A878B83F018}" = Cisco Network Assistant
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A8C4C87-D460-488A-A0AA-8993F6D355B1}" = Radmin Server 3.4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DCF21FE-A8CB-41DE-AEA3-D5FBEF108CD5}" = Microsoft Office Outlook-Minianwendungen für Windows SideShow
"{40BF1520-BAB7-4B38-A2FB-C474A888FACA}" = The Bat! Professional v3.99.3
"{44D66AD9-AE19-4AFD-BE7E-A1B44C856697}" = MSXML4.0 redistributable
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1" = System Checkup 3.0
"{4D371573-2CDC-33E5-AA15-1CB3FDD6EABF}" = Google Talk Plugin
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59B13FD3-AD00-4E2C-AE30-0556451EC0DE}" = ScanSnap Organizer
"{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}" = Snagit 9.1.3
"{5E994A95-9388-4D10-8E68-54B8CBF894D3}" = Microsoft Application Error Reporting
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{633A06C3-B709-479A-AAB3-5EE94AD9EE4B}" = Acronis*True*Image*Home
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B04486B-3B9E-4F08-9BC1-F94EA1E83108}_is1" = DELISprint 6
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7E4CB404-F1E4-4E81-A1CB-2CBB310481D1}" = MLE
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E770F99-CF23-4BF9-BF4E-E3A2924FEB27}" = Microsoft redistributable runtime DLLs VS2005 SP1(x86)
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{9480CCD5-BB18-4DF3-AB18-04198B30DD62}" = DELISprint
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B8A821E-1FCE-45D1-8BEC-738F5AAB20D8}" = Radmin Viewer 3.4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A47A9101-6EB5-4314-BDA1-297880FBB908}" = Microsoft redistributable runtime DLLs VS2008 SP1(x86)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{AC76BA86-1033-F400-BA7E-000000000004}_920" = Adobe Acrobat 9.2.0 - CPSID_50026
"{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B28EA0EF-885D-76AC-5047-6728915786AD}" = ExcellBook
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C38D079C-950D-4F18-BF7B-CE58DE86D3BD}" = Image Resizer Powertoy Clone for Windows
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}" = vcredist_x86
"{D015E568-54C8-471F-8C1C-C1A944EF56BF}" = ACD Report Server
"{D122C44C-0CE8-4E7C-8D18-06F81CA27567}" = Netviewer Meet
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBCDB997-EEEB-4BE9-BAFF-26B4094DBDE6}" = ScanSnap Manager
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E58F3B88-3B3E-4F85-9323-04789D979C15}" = ScanSnap Organizer
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F069C491-69E6-4D9B-9A0C-B7894A1FA97C}" = Setup
"{F072CA07-A781-45E4-9975-C033A73019CF}" = ICA
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F116CCCA-2761-41C7-A15E-1171E6B42D8B}" = ESTOS ProCall Enterprise / TapiServer
"{F206FEC3-F5DD-43FD-A8CF-9C46B8A6A92C}" = VSPro
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F4E9851F-765E-40B7-9859-237C2724E62C}" = DeviceIO
"{F6A76E9C-C299-4CFA-AD2A-57FE9DD68B70}" = Contents
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8423392-2296-4748-9B66-344432459632}" = PureHD
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F909BD3C-8684-4ACF-B7C3-33F4F9F901B7}" = Share
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95C8C1F-25BB-44EC-A7E6-5C17ABC6BC71}" = VIO
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB0B6DDD-DF3E-4CD6-927C-724AB854E322}" = VSClassic
"{FD67D9F3-FED6-4A2E-9D6C-8C8C44DEF8FF}" = IPM_VS_Pro
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"10-Sekunden-Haushaltsbuch 5" = 10-Sekunden-Haushaltsbuch 5 5.10
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"ASTVAPP" = Yakumo TV Viewer - Uninstall
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Setup.divx.com" = DivX-Setup
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"DYMO Label v.8" = DYMO Label v.8
"excellbook" = ExcellBook
"FileZilla Client" = FileZilla Client 3.5.0
"Firebird Server" = Firebird SQL-Datenbankserver V2.0.5 für Amicron-Faktura und Mailoffice
"Foxit PDF Editor" = Foxit PDF Editor
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.8
"Free Studio_is1" = Free Studio version 4.9
"Free Video Dub_is1" = Free Video Dub version 1.7
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.8
"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.11.727
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.37.426
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{D015E568-54C8-471F-8C1C-C1A944EF56BF}" = ACD Report Server
"JXplorer 3.2.1" = JXplorer
"Kyocera Product Library" = Kyocera Product Library
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"NAVIGON Fresh" = NAVIGON Fresh 3.3.1
"nLite_is1" = nLite 1.4.9.1
"Notepad++" = Notepad++
"Nvu_is1" = Nvu 1.0
"OfficeScanNT" = Trend Micro OfficeScan Client
"PC Cleaners" = PC Cleaners
"PROPLUS" = Microsoft Office Professional Plus 2007
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"RAIDar 4.1.3" = RAIDar 4.1.3
"SAP_ECL" = ECL Viewer
"SAP_WUS" = SAPSetup Automatic Workstation Update Service
"SAPBI" = SAP Business Explorer
"SAPGUI710" = SAP GUI for Windows 7.20
"Schwimmen" = Schwimmen 3.0
"SpeedCommander 13" = SpeedCommander 13
"tn5250_is1" = tn5250 0.17.3
"Uninstall_is1" = Uninstall 1.0.0.1
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"Zero Assumption Recovery_is1" = Zero Assumption Recovery Version 9
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"f031ef6ac137efc5" = Dell Driver Download Manager
"Google Chrome" = Google Chrome
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24.02.2012 06:41:36 | Computer Name = win7-preisner | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: odbcad32.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bcd4c Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514,
Zeitstempel: 0x4ce7b96f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003bd3e ID des fehlerhaften
Prozesses: 0xd0c Startzeit der fehlerhaften Anwendung: 0x01ccf2e0d6f457a9 Pfad der
fehlerhaften Anwendung: C:\Windows\system32\odbcad32.exe Pfad des fehlerhaften Moduls:
C:\Windows\system32\ole32.dll Berichtskennung: 1f62b464-5ed4-11e1-929c-002564a189b4
Error - 24.02.2012 07:17:02 | Computer Name = win7-preisner | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: odbcad32.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bcd4c Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514,
Zeitstempel: 0x4ce7b96f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003bd3e ID des fehlerhaften
Prozesses: 0x7f8 Startzeit der fehlerhaften Anwendung: 0x01ccf2e5ccc086bd Pfad der
fehlerhaften Anwendung: C:\Windows\system32\odbcad32.exe Pfad des fehlerhaften Moduls:
C:\Windows\system32\ole32.dll Berichtskennung: 12f788ca-5ed9-11e1-929c-002564a189b4
Error - 27.02.2012 06:37:54 | Computer Name = win7-preisner | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: odbcad32.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bcd4c Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514,
Zeitstempel: 0x4ce7b96f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003bd3e ID des fehlerhaften
Prozesses: 0x1bf4 Startzeit der fehlerhaften Anwendung: 0x01ccf53bb6725941 Pfad der
fehlerhaften Anwendung: C:\Windows\system32\odbcad32.exe Pfad des fehlerhaften Moduls:
C:\Windows\system32\ole32.dll Berichtskennung: 1ab5c090-612f-11e1-929c-002564a189b4
Error - 27.02.2012 09:48:00 | Computer Name = win7-preisner | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TDAL.exe, Version: 0.0.0.0, Zeitstempel:
0x4cd00997 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x60bde8ce ID des fehlerhaften Prozesses:
0x414 Startzeit der fehlerhaften Anwendung: 0x01ccf543d7aad0e8 Pfad der fehlerhaften
Anwendung: C:\Program Files\Panasonic\KX-TDA600 Maintenance Console\V500\TDAL.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: a94fb4ff-6149-11e1-929c-002564a189b4
Error - 27.02.2012 12:31:33 | Computer Name = win7-preisner | Source = Application Hang | ID = 1002
Description = Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: d54 Startzeit: 01ccf168d29dfc79 Endzeit: 526 Anwendungspfad:
C:\Windows\explorer.exe Berichts-ID: 7fac6934-6160-11e1-929c-002564a189b4
Error - 28.02.2012 05:12:26 | Computer Name = win7-preisner | Source = Application Hang | ID = 1002
Description = Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1f08 Startzeit: 01ccf56d44a99be5 Endzeit: 24 Anwendungspfad:
C:\Windows\explorer.exe Berichts-ID: 52f41df0-61ec-11e1-929c-002564a189b4
Error - 29.02.2012 08:14:57 | Computer Name = win7-preisner | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: odbcad32.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bcd4c Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514,
Zeitstempel: 0x4ce7b96f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003bd3e ID des fehlerhaften
Prozesses: 0x5f4 Startzeit der fehlerhaften Anwendung: 0x01ccf6da9433ef05 Pfad der
fehlerhaften Anwendung: C:\Windows\system32\odbcad32.exe Pfad des fehlerhaften Moduls:
C:\Windows\system32\ole32.dll Berichtskennung: fe73d70f-62ce-11e1-929c-002564a189b4
Error - 14.03.2012 07:12:22 | Computer Name = win7-preisner | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 10.0.2.4428 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1fac Startzeit:
01ccfb728fd22eb9 Endzeit: 349 Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Berichts-ID:
8e4f89ff-6dc6-11e1-9348-002564a189b4
Error - 16.03.2012 07:30:58 | Computer Name = win7-preisner | Source = Wininit | ID = 1015
Description = Ein kritischer Systemprozess C:\Windows\system32\lsm.exe ist fehlgeschlagen
mit den Statuscode 1. Der Computer muss neu gestartet werden.
Error - 16.03.2012 10:40:32 | Computer Name = win7-preisner | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
Zeitstempel: 0x4d6727a7 Name des fehlerhaften Moduls: MSONSEXT.DLL, Version: 11.0.6715.60,
Zeitstempel: 0x43306199 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00053555 ID des fehlerhaften
Prozesses: 0x11a0 Startzeit der fehlerhaften Anwendung: 0x01cd0382a203eabd Pfad der
fehlerhaften Anwendung: C:\Windows\Explorer.EXE Pfad des fehlerhaften Moduls: C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
Berichtskennung:
fb45ef3d-6f75-11e1-9130-002564a189b4
[ OSession Events ]
Error - 14.07.2010 10:11:17 | Computer Name = win7-preisner | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 26695
seconds with 4260 seconds of active time. This session ended with a crash.
Error - 20.09.2010 02:49:45 | Computer Name = win7-preisner | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 344170
seconds with 5040 seconds of active time. This session ended with a crash.
Error - 22.09.2010 05:34:16 | Computer Name = win7-preisner | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 182664
seconds with 7140 seconds of active time. This session ended with a crash.
Error - 19.10.2010 03:57:17 | Computer Name = win7-preisner | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 434687
seconds with 10860 seconds of active time. This session ended with a crash.
Error - 22.06.2011 04:56:09 | Computer Name = win7-preisner | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 90002
seconds with 2820 seconds of active time. This session ended with a crash.
Error - 04.07.2011 07:27:09 | Computer Name = win7-preisner | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 5609
seconds with 660 seconds of active time. This session ended with a crash.
Error - 31.08.2011 08:47:02 | Computer Name = win7-preisner | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 15112
seconds with 1020 seconds of active time. This session ended with a crash.
Error - 23.12.2011 03:30:21 | Computer Name = win7-preisner | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 578691
seconds with 180 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 16.03.2012 10:31:33 | Computer Name = win7-preisner | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 16.03.2012 10:34:53 | Computer Name = win7-preisner | Source = DCOM | ID = 10010
Description =
Error - 16.03.2012 10:34:56 | Computer Name = win7-preisner | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 16.03.2012 10:34:57 | Computer Name = win7-preisner | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 16.03.2012 10:38:12 | Computer Name = win7-preisner | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 16.03.2012 10:38:12 | Computer Name = win7-preisner | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 16.03.2012 10:38:12 | Computer Name = win7-preisner | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 16.03.2012 10:38:12 | Computer Name = win7-preisner | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 16.03.2012 10:39:36 | Computer Name = win7-preisner | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 16.03.2012 10:39:36 | Computer Name = win7-preisner | Source = atikmdag | ID = 43029
Description = Display is not active
< End of report >
|
|
16.03.2012, 19:35
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows detected a hard disk problemZitat:
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
19.03.2012, 09:45
| #3 |
| | Windows detected a hard disk problem Die Logdateien kann ich leider nicht mehr einsehen, aber folgendes wurde gefunden:
__________________PUM.HijackStartMenu Rogue.FakeHDD PUM.Hijack.TaskManager Ich hoffe du hast eine Lösung, vielen Dank |
|
19.03.2012, 11:53
| #4 |
| | Windows detected a hard disk problem So ich habe nochmals einen vollständigen Suchlauf mit Malwarebytes gemacht, anbei der Code Code:
ATTFilter Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.03.19.01 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Administrator :: WIN7-123 [Administrator] 19.03.2012 09:54:33 mbam-log-2012-03-19 (09-54-33).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 437794 Laufzeit: 1 Stunde(n), 55 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\ProgramData\vEiB290cKTp8YX.exe (Backdoor.Agent.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
19.03.2012, 16:52
| #5 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows detected a hard disk problemZitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu Windows detected a hard disk problem |
| 0x00000001, 7-zip, akamai, bho, bonjour, conduit, converter, disabletaskmgr, encrypt, error, excel, firefox, flash player, format, ftp, google, google chrome, google earth, helper, host.exe, hängen, iexplore.exe, install.exe, intranet, langs, limited.com/facebook, microsoft office 2003, microsoft office word, mozilla, mp3, office 2007, plug-in, problem, programm, registry, rundll, scan, searchscopes, security, security update, software, systemprozess, taskhost.exe, vcredist, version=1.0, windows |
