| |
| |||||||
Log-Analyse und Auswertung: flacor.dat - Windows fährt herunterWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
17.05.2010, 23:39
| #1 |
 |  flacor.dat - Windows fährt herunter Hallo, ich habe mir ziemlich sicher etwas eingefangen: Zuerst ist mir aufgefallen, dass der Computer (Notebook, Windows XP, SP 3) plötzlich herunterfahren wollte. Es kam ein kleines Fenster mit der Nachricht, dass Windows heruntergefahren werde und es wurde die Zeit ~ 20 - 30 Sek. heruntergezählt. Veranlasst worden sei dies von Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:24:28, on 18.05.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Programme\Bonjour\mDNSResponder.exe C:\Programme\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Programme\iPod\bin\iPodService.exe C:\Programme\avmwlanstick\FRITZWLANMini.exe C:\Programme\AntiSpy\ProcessExplorer11_20\procexp.exe C:\Programme\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\taskmgr.exe C:\Programme\AntiSpy\Spybot - Search & Destroy\SpybotSD.exe C:\Programme\AntiSpy\HijackThis 2.0.2\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Programme\IEPro\iepro.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O4 - HKLM\..\Run: [CP888M1] C:\PROGRA~1\EzButton\CP888M1.EXE O4 - HKLM\..\Run: [CeEPOWER] C:\WINDOWS\System32\CePMTray.exe O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Programme\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\AntiSpy\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\AntiSpy\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Getdo] rundll32.exe "C:\Dokumente und Einstellungen\***\Anwendungsdaten\Adobe\Update\flacor.dat"" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: OUTLOOK.lnk = C:\Programme\Microsoft Office\Office10\OUTLOOK.EXE O4 - Global Startup: Adobe Reader - Schnellstart.lnk.disabled O8 - Extra context menu item: Alles mit FlashGet laden - C:\Programme\FlashGet\jc_all.htm O8 - Extra context menu item: Mit FlashGet laden - C:\Programme\FlashGet\jc_link.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Programme\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Programme\IEPro\iepro.dll O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Programme\VideoGet\Plugins\VideoGet_IE.dll O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Programme\VideoGet\Plugins\VideoGet_IE.dll O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - h**ps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Programme\OpenVPN\bin\openvpnserv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 7020 bytes |
|
18.05.2010, 00:07
| #2 |
| | flacor.dat - Windows fährt herunter OTL Scan:
__________________Code:
ATTFilter OTL logfile created on: 18.05.2010 00:48:09 - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Dokumente und Einstellungen\***\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 511,00 Mb Total Physical Memory | 254,00 Mb Available Physical Memory | 50,00% Memory free 1,00 Gb Paging File | 1,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 40,00 Gb Total Space | 1,08 Gb Free Space | 2,71% Space Free | Partition Type: NTFS Drive D: | 20,00 Gb Total Space | 0,33 Gb Free Space | 1,66% Space Free | Partition Type: NTFS Drive E: | 51,78 Gb Total Space | 0,24 Gb Free Space | 0,47% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: NOTEBOOK_*** Current User Name: *** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\HPZipm12.exe (HP) PRC - C:\Programme\avmwlanstick\FRITZWLanMini.exe (AVM Berlin GmbH) ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\23631764.nls () MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\shfolder.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) MOD - C:\WINDOWS\system32\nvdesk32.dll (NVIDIA Corporation) ========== Win32 Services (SafeList) ========== SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (Lavasoft Ad-Aware Service) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP) SRV - (OpenVPNService) -- C:\Programme\OpenVPN\bin\openvpnserv.exe () ========== Driver Services (SafeList) ========== DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (gmer) -- C:\WINDOWS\system32\drivers\gmer.sys (GMER) DRV - (pavboot) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.) DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (tap0801) -- C:\WINDOWS\system32\drivers\tap0801.sys (The OpenVPN Project) DRV - (FWLANUSB) -- C:\WINDOWS\system32\drivers\fwlanusb.sys (AVM GmbH) DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\rtl8139.sys (Realtek Semiconductor Corporation) DRV - (wlluc48) -- C:\WINDOWS\system32\drivers\wlluc48.sys (Lucent Technologies) DRV - (FTSER2K) -- C:\WINDOWS\system32\drivers\ftser2k.sys (FTDI Ltd.) DRV - (FTLUND) -- C:\WINDOWS\system32\drivers\ftlund.sys (FTDI Ltd.) DRV - (FTDIBUS) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (EPOWER) -- C:\WINDOWS\system32\drivers\hkdrv.sys (Compal Electronic Inc.) DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (TOSHIBASoftModem) -- C:\WINDOWS\system32\drivers\LTSM.sys (LT) DRV - (SMCIRDA) -- C:\WINDOWS\system32\drivers\smcirda.sys (SMC) DRV - (nv4) -- C:\WINDOWS\system32\drivers\nv4.sys (NVIDIA Corporation) DRV - (ac97intc) Intel(r) 82801 Audiotreiber-Installationsdienst (WDM) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation) DRV - (KBFiltr) -- C:\WINDOWS\system32\drivers\KBFILTR.SYS (Dritek System Inc.) DRV - (pciSm) -- C:\WINDOWS\System32\DRIVERS\PciSmDrv.sys (Toshiba) DRV - (cs429x) -- C:\WINDOWS\system32\drivers\cwawdm.sys (Cirrus Logic, Inc.) DRV - (DPortIO) -- C:\WINDOWS\system32\drivers\DPORTIO.SYS (Dritek System Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://de.yahoo.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "h**p://de.yahoo.com/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: {99B98C2C-7274-45a3-A640-D9DF1A1C8460}:1.4 FF - prefs.js..extensions.enabledItems: {9D23D0AA-D8F5-11DA-B3FC-0928ABF316DD}:3.0.5 FF - prefs.js..extensions.enabledItems: optout@google.com:1.2 FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.7 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.22 FF - prefs.js..extensions.enabledItems: {EDA7B1D7-F793-4e03-B074-E6F303317FB0}:1.2.6 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.74 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.21 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.07.04 00:09:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.04.28 13:10:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.05.12 01:44:55 | 000,000,000 | ---D | M] [2008.07.03 14:17:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions [2010.05.17 13:17:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tai8px46.default\extensions [2010.05.15 12:08:07 | 000,000,000 | ---D | M] (FlashGot) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tai8px46.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2009.11.11 03:16:47 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tai8px46.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374} [2010.05.04 15:38:50 | 000,000,000 | ---D | M] (NoScript) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tai8px46.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2009.06.05 14:29:18 | 000,000,000 | ---D | M] (IE Tab) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tai8px46.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2010.01.09 16:02:46 | 000,000,000 | ---D | M] (CookieCuller) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tai8px46.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460} [2009.12.08 00:12:22 | 000,000,000 | ---D | M] (CookieSafe) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tai8px46.default\extensions\{9D23D0AA-D8F5-11DA-B3FC-0928ABF316DD} [2009.12.08 00:14:00 | 000,000,000 | ---D | M] (FireFTP) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tai8px46.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2010.05.01 14:19:06 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tai8px46.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009.10.13 00:03:01 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tai8px46.default\extensions\{dc572301-7619-498c-a57d-39143191b318} [2010.05.17 13:15:34 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tai8px46.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2009.08.12 14:02:03 | 000,000,000 | ---D | M] (Menu Editor) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tai8px46.default\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0} [2010.02.14 14:13:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tai8px46.default\extensions\optout@google.com [2010.05.17 13:17:01 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.05.12 01:44:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2009.06.04 11:04:35 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Programme\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll [2010.02.14 14:22:48 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.02.14 14:22:48 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.02.14 14:22:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.02.14 14:22:48 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.02.14 14:22:48 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.05.16 22:53:56 | 000,395,912 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 w*w.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 w*w.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 w*w.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 w*w.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 w*w.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 w*w.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 w*w.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 w*w.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 w*w.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 w*w.136136.net O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 127.0.0.1 w*w.163ns.com O1 - Hosts: 127.0.0.1 163ns.com O1 - Hosts: 13669 more lines... O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Programme\IEPro\IEPro.dll (IE7Pro.com) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (IeCatch5 Class) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Programme\FlashGet\Jccatch.dll (FlashGet) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (gFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programme\FlashGet\getflash.dll () O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Programme\FlashGet\fgiebar.dll (Amaze Soft) O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CeEPOWER] C:\WINDOWS\system32\CePMTray.exe (Compal) O4 - HKLM..\Run: [CP888M1] C:\Programme\EzButton\CP888M1.EXE (Dritek System Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\AntiSpy\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\AntiSpy\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk.disabled () O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\OUTLOOK.lnk = C:\Programme\Microsoft Office\Office10\OUTLOOK.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Alles mit FlashGet laden - C:\Programme\FlashGet\jc_all.htm () O8 - Extra context menu item: Mit FlashGet laden - C:\Programme\FlashGet\jc_link.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Programme\IEPro\IEPro.dll (IE7Pro.com) O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Programme\IEPro\IEPro.dll (IE7Pro.com) O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Programme\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software) O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\Programme\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software) O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\flashget.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\flashget.exe (FlashGet.com) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} h**ps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (NVDESK32.DLL) - C:\WINDOWS\System32\nvdesk32.dll (NVIDIA Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2001.11.27 14:39:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{930e0ba1-4883-11dd-870e-00023f7441c8}\Shell - "" = AutoRun O33 - MountPoints2\{930e0ba1-4883-11dd-870e-00023f7441c8}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{930e0ba1-4883-11dd-870e-00023f7441c8}\Shell\AutoRun\command - "" = L:\pushinst.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.05.18 00:46:19 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe [2010.05.17 22:40:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes [2010.05.17 22:40:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.05.17 22:40:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2010.05.17 22:40:25 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.05.17 22:34:35 | 006,153,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\***\Desktop\mbam-setup-1.46.exe [2010.05.17 13:17:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\QuickScan [2010.05.16 16:50:14 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***\Recent [2010.05.15 22:48:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\Musterbewerbungen [2010.05.12 01:44:55 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010.05.12 01:44:55 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010.05.12 01:44:55 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010.05.12 01:44:55 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010.05.05 03:01:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX [2010.05.01 02:03:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\Bewerbungsfotos [2010.04.30 01:46:04 | 000,000,000 | ---D | C] -- C:\xcv [2010.04.30 01:16:21 | 000,000,000 | ---D | C] -- C:\Programme\PDF Editor 3 [2010.04.30 00:54:10 | 000,000,000 | ---D | C] -- C:\Programme\PDF Editor 2 [2010.04.30 00:20:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Thinstall [2010.04.28 13:19:11 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2010.04.28 13:18:02 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2010.04.28 13:18:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010.04.28 12:55:25 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour [2010.04.27 00:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl [2010.04.26 02:31:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Kalender-Excel [2010.04.22 01:57:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\JULIA ========== Files - Modified Within 30 Days ========== [2010.05.18 00:46:30 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe [2010.05.17 23:03:55 | 010,485,760 | ---- | M] () -- C:\Dokumente und Einstellungen\***\NTUSER.DAT [2010.05.17 22:38:09 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\***\Desktop\mbam-setup-1.46.exe [2010.05.17 08:37:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010.05.17 08:36:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.05.17 08:36:55 | 535,871,488 | -HS- | M] () -- C:\hiberfil.sys [2010.05.17 08:35:18 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.ini [2010.05.17 00:28:01 | 001,381,547 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Regionaler%20_berblick%20S_den%20Ranking.pdf [2010.05.16 22:53:56 | 000,395,912 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010.05.16 16:36:26 | 000,194,560 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.05.12 11:26:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010.05.12 02:34:33 | 000,024,064 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Stellenangebote.doc [2010.05.10 18:22:59 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.05.07 03:22:08 | 000,000,731 | ---- | M] () -- C:\WINDOWS\win.ini [2010.05.06 17:05:11 | 000,024,064 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Ausgabenabrechnung mit Anna.xls [2010.05.05 00:53:47 | 000,023,040 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Aushang Nebentätigkeit.doc [2010.05.03 20:37:16 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe [2010.05.03 20:37:08 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE [2010.05.03 20:36:54 | 000,000,315 | ---- | M] () -- C:\WINDOWS\ST6UNST.000 [2010.05.01 16:03:00 | 017,295,360 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Bewerbungsfotos (Übersicht).doc [2010.05.01 03:57:34 | 000,000,120 | ---- | M] () -- C:\drmHeader.bin [2010.04.30 01:16:21 | 000,080,896 | ---- | M] () -- C:\WINDOWS\cadkasdeinst01.exe [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.04.27 00:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl ========== Files Created - No Company Name ========== [2010.05.17 00:28:00 | 001,381,547 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Regionaler%20_berblick%20S_den%20Ranking.pdf [2010.05.12 02:34:32 | 000,024,064 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Stellenangebote.doc [2010.05.06 16:55:16 | 000,024,064 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Ausgabenabrechnung mit Anna.xls [2010.05.05 00:46:09 | 000,023,040 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Aushang Nebentätigkeit.doc [2010.05.03 20:36:54 | 000,000,315 | ---- | C] () -- C:\WINDOWS\ST6UNST.000 [2010.05.01 02:01:05 | 017,295,360 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Bewerbungsfotos (Übersicht).doc [2010.04.29 23:51:08 | 000,080,896 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01.exe [2010.01.02 16:42:38 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll [2009.07.11 18:12:01 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI [2009.07.10 23:32:54 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini [2009.03.29 00:38:33 | 000,000,092 | ---- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini [2008.11.26 23:08:59 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini [2008.11.26 23:08:57 | 000,819,200 | ---- | C] () -- C:\WINDOWS\gmer.dll [2008.08.07 04:12:14 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2008.07.03 14:44:54 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2008.07.03 14:44:40 | 000,000,161 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini [2008.07.03 14:43:13 | 000,000,811 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini [2008.07.03 00:10:27 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2001.11.27 15:43:56 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2001.11.27 15:36:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI [2001.11.27 15:32:59 | 000,004,577 | ---- | C] () -- C:\WINDOWS\Tcds.ini [2001.11.27 15:28:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CePMTray.INI [2001.11.27 15:26:41 | 000,000,063 | ---- | C] () -- C:\WINDOWS\wininit.ini [2001.11.27 15:17:36 | 000,106,908 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini [2001.11.27 15:17:36 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll [2001.11.27 15:17:36 | 000,008,893 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini [2001.11.27 15:17:36 | 000,006,793 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini [2001.11.27 14:46:51 | 000,000,116 | ---- | C] () -- C:\WINDOWS\orun32.ini [2001.07.07 03:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI [1980.01.01 00:00:00 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI ========== Alternate Data Streams ========== @Alternate Data Stream - 229 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:8FF81EB0 < End of report > Code:
ATTFilter OTL Extras logfile created on: 18.05.2010 00:48:09 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Dokumente und Einstellungen\***\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
511,00 Mb Total Physical Memory | 254,00 Mb Available Physical Memory | 50,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 40,00 Gb Total Space | 1,08 Gb Free Space | 2,71% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 0,33 Gb Free Space | 1,66% Space Free | Partition Type: NTFS
Drive E: | 51,78 Gb Total Space | 0,24 Gb Free Space | 0,47% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: NOTEBOOK_***
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [open_x2] -- "C:\Programme\xplorer2_lite\xplorer2.exe" /1 /M /T "%1" (ZabKat)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"F:\setup\HPZnet01.exe" = F:\setup\HPZnet01.exe:*:Enabled:hpznet01.exe -- File not found
"F:\setup\hponicifs01.exe" = F:\setup\hponicifs01.exe:*:Enabled:hponicifs01.exe -- File not found
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\FlashGet\flashget.exe" = C:\Programme\FlashGet\flashget.exe:*:Enabled:Flashget -- (FlashGet.com)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\IEPro\MiniDM.exe" = C:\Programme\IEPro\MiniDM.exe:*:Enabled:MiniDM -- (IE7Pro.com)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0C7D85B0-8569-11D4-91EA-00003914300F}" = Network Device Switch
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A9DEF19-760C-4e01-958F-D9B8E6C61B90}" = c5100_Help
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3CF0858D-1AC5-4308-9DE7-AD15288A8BDC}" = TOSHIBA Console
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{4448ABF6-786D-4C3D-A49D-7BB237E6DD17}" = Foxit PDF IFilter
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{4FB120F8-622C-4260-AB49-0F43A59CCF2A}" = iTunes
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6EECB283-E65F-40EF-86D3-D51BF02A8D43}" = Microsoft Office Converter Pack
"{700C359B-A0A6-4851-8D66-23375EA7647A}" = Toshiba Benutzerhandbücher
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A71000000002}" = Adobe Reader 7.1.0 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B3276CB1-20B6-4AF9-AAEC-E72C83816495}" = IKEA Home Planner
"{B3B9BC18-2A09-4728-9B46-12E85FF3F628}" = C5100
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{BA165460-FCF7-4D6C-A7A2-F2321700720F}" = MobileMe Control Panel
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E01DAC8B-2B00-4E8A-873B-9D26455AE5AE}" = mst IsUsedBy
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F850707C-B6A0-4B56-8709-F89CF8F9AC6D}" = Eraser
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Apoint" = Alps Touch Pad
"Audacity_is1" = Audacity 1.2.6
"Audiograbber" = Audiograbber 1.83 SE
"Avidemux 2.5" = Avidemux 2.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner (remove only)
"ClearProg" = ClearProg 1.6.0 Final
"CP888M1" = Easy Button
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Eraser" = Eraser
"FlashGet(JetCar)" = FlashGet(JetCar)
"Foxit PDF Editor" = Foxit PDF Editor
"FoxyTunesForFirefox" = FoxyTunes for Firefox
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"FTDICOMM" = SEMC DSS SyncStation Driver
"HijackThis" = HijackThis 2.0.2
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"IE7Pro" = IE7Pro
"ie8" = Windows Internet Explorer 8
"InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"IrfanView" = IrfanView (remove only)
"Kalender-Excel_is1" = Kalender-Excel 8.6.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mp3tag" = Mp3tag v2.44
"MPE" = MyPhoneExplorer
"Nero - Burning Rom!UninstallKey" = Ahead Nero - Burning Rom
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NTREGOPT_is1" = NTREGOPT 1.1j
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"OpenAL" = OpenAL
"OpenVPN" = OpenVPN 2.0.9-gui-1.0.3
"RealPlayer 6.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.80
"ST6UNST #1" = PKH-fix 3.2
"TOSHIBA Power Management" = TOSHIBA Power Management
"Tracks Eraser Pro_is1" = Tracks Eraser Pro v7.2
"VideoGet_is1" = VideoGet
"VLC media player" = VLC media player 1.0.1
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 4 Free 4.2
"xp-AntiSpy" = xp-AntiSpy 3.96-8
"xplorer2l" = xplorer² lite
========== Last 10 Event Log Errors ==========
[ System Events ]
Error - 30.04.2010 22:52:36 | Computer Name = NOTEBOOK_*** | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 30.04.2010 22:52:37 | Computer Name = NOTEBOOK_*** | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 30.04.2010 22:52:38 | Computer Name = NOTEBOOK_*** | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 30.04.2010 22:52:39 | Computer Name = NOTEBOOK_*** | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 30.04.2010 22:52:41 | Computer Name = NOTEBOOK_*** | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 04.05.2010 08:58:38 | Computer Name = NOTEBOOK_*** | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst WMI-Leistungsadapter.
Error - 04.05.2010 08:58:38 | Computer Name = NOTEBOOK_*** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WMI-Leistungsadapter" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 13.05.2010 19:51:38 | Computer Name = NOTEBOOK_*** | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst Dnscache.
Error - 14.05.2010 07:01:38 | Computer Name = NOTEBOOK_*** | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst WMI-Leistungsadapter.
Error - 14.05.2010 07:01:38 | Computer Name = NOTEBOOK_*** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WMI-Leistungsadapter" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
< End of report >
|
|
19.05.2010, 12:10
| #3 | |
| | flacor.dat - Windows fährt herunter Kann mir niemand meine Fragen beantworten?
__________________Zitat:
|
|
| Themen zu flacor.dat - Windows fährt herunter |
| 0 bytes, ad-aware, antivir, antivir guard, avgnt, avira, bho, bonjour, computer, desktop, down, ebay, excel, flacor.dat, google, help, hijack, hijackthis, hkus\s-1-5-18, jusched.exe, logfile, malwarebytes' anti-malware, object, plug-in, preferences, programm, scan, software, system, taskmanager, updates, windows, windows xp |
