Habe ich einen Virus oder Malware oder sonstiges auf dem Rechner?

Hexana · 12.08.2010, 17:13

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 12.08.2010 17:13:33 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Programme
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 59,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 37,26 Gb Total Space | 16,81 Gb Free Space | 45,12% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 224,74 Gb Free Space | 96,51% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ANDREAS-D73743F
Current User Name: Popeye2
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Programme\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
PRC - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe (Kaspersky Lab ZAO)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\Winamp\winampa.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Lenovo\Productivity Keyboard\Skdaemon.exe (LITE-ON TECHNOLOGY CORP.)
PRC - C:\Programme\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
PRC - C:\Programme\Lexmark X1100 Series\lxbkbmon.exe (Lexmark International, Inc.)
PRC - C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
PRC - C:\Programme\Hewlett-Packard\HP Software Update\hpwuSchd.exe (Hewlett-Packard)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Programme\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (kl2) -- C:\WINDOWS\system32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\WINDOWS\system32\DRIVERS\kl1.sys (Kaspersky Lab ZAO)
DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab ZAO)
DRV - (klmouflt) -- C:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (CLEDX) -- C:\WINDOWS\system32\drivers\cledx.sys (Team H2O)
DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (RVIEGVST) -- C:\Programme\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys (Roland)
DRV - (RVIEG01) -- C:\Programme\Roland\Virtual Sound Canvas DXi\RVIEg01.sys (Roland)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8C 1B 2E 2E 50 99 CA 01  [binary data]
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
 
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.08.11 06:41:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010.08.11 06:40:45 | 000,000,000 | ---D | M]
 
[2010.07.29 23:31:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\Mozilla\Extensions
[2010.07.29 23:31:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
 
O1 HOSTS File: ([2004.08.04 12:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [H2O] C:\Programme\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
O4 - HKLM..\Run: [HP Software Update] C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
O4 - HKLM..\Run: [Lexmark X1100 Series] C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [SKDaemon.exe] C:\Programme\Lenovo\Productivity Keyboard\Skdaemon.exe (LITE-ON TECHNOLOGY CORP.)
O4 - HKLM..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Popeye2\Startmenü\Programme\Autostart\OpenOffice.org 3.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O15 - HKCU\..Trusted Domains: icq.com ([]http in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: karaoke-version.com ([]http in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: wer-kennt-wen.de ([www] http in Vertrauenswürdige Sites)
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} hxxp://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab (Citrix ICA Client)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1241723282258 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1241726072343 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab (EPUImageControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Popeye2\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Popeye2\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.05.10 18:30:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAK -- [ NTFS ]
O32 - AutoRun File - [2010.05.10 18:30:10 | 000,000,040 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.31 06:21:47 | 000,000,000 | ---D | C] -- C:\pt
[2010.08.30 18:34:05 | 000,000,000 | ---D | C] -- C:\Programme\Roland
[2010.08.30 18:33:26 | 000,000,000 | ---D | C] -- C:\Programme\PowerTracks DirectX Plugins
[2010.08.30 18:31:47 | 000,000,000 | ---D | C] -- C:\bb
[2010.08.30 18:30:38 | 000,000,000 | ---D | C] -- C:\Programme\Band in
[2010.08.12 17:05:42 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Programme\OTL.exe
[2010.08.12 10:04:19 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Programme\HiJackThis204.exe
[2010.08.11 13:18:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\Malwarebytes
[2010.08.11 13:18:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.08.11 13:18:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.08.11 13:18:02 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.08.11 13:18:02 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.11 13:17:12 | 006,153,352 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Programme\mbam-setup-1.46.exe
[2010.08.11 13:11:24 | 000,000,000 | ---D | C] -- C:\Programme\trend micro
[2010.08.11 13:11:19 | 000,000,000 | ---D | C] -- C:\rsit
[2010.08.11 06:39:54 | 000,000,000 | ---D | C] -- C:\Programme\Kaspersky Lab
[2010.08.11 06:39:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab
[2010.08.11 06:39:30 | 000,482,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010.08.11 06:24:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files
[2010.08.11 06:22:07 | 109,342,472 | ---- | C] (Kaspersky Lab) -- C:\Programme\kis11.0.1.400de.exe
[2010.07.30 21:13:01 | 000,000,000 | ---D | C] -- C:\Programme\NTFS Undelete
[2010.07.30 21:11:59 | 001,964,556 | ---- | C] (Atola Technology                                            ) -- C:\Programme\ntfsundelete.exe
[2010.07.29 23:31:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\Mozilla
[2010.07.29 23:31:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Popeye2\Lokale Einstellungen\Anwendungsdaten\Thunderbird
[2010.07.29 23:31:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\Thunderbird
[2010.07.29 23:30:54 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Thunderbird
[2010.07.29 23:29:59 | 009,297,080 | ---- | C] (Mozilla) -- C:\Programme\Thunderbird Setup 3.1.1.exe
[2010.07.25 15:06:21 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoftTB
[2010.07.25 15:06:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Popeye2\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB
[2010.07.22 06:59:25 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft
[2010.07.14 09:17:03 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.31 10:55:03 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\PGTEXTJE.FOT
[2010.08.31 06:23:38 | 000,000,443 | ---- | M] () -- C:\Dokumente und Einstellungen\Popeye2\Desktop\PowerTracks Pro Audio.lnk
[2010.08.30 19:14:06 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\PGTEXTJ_.FOT
[2010.08.30 19:14:06 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\PGTEXT.FOT
[2010.08.30 19:14:06 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\PGCHORDS.FOT
[2010.08.30 18:35:00 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\PGMUS.FOT
[2010.08.30 18:35:00 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\pgjazz__.FOT
[2010.08.30 18:33:25 | 000,000,647 | ---- | M] () -- C:\Dokumente und Einstellungen\Popeye2\Desktop\RealBand.lnk
[2010.08.30 18:33:25 | 000,000,443 | ---- | M] () -- C:\Dokumente und Einstellungen\Popeye2\Desktop\Band-in-a-Box.lnk
[2010.08.12 17:48:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3D906343-AD9F-4AD5-BE4D-3187AAB5FF9D}.job
[2010.08.12 17:05:58 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Programme\OTL.exe
[2010.08.12 13:13:51 | 000,013,684 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.08.12 13:12:24 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.12 13:12:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.08.12 13:12:10 | 1609,617,408 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.12 12:07:35 | 003,670,016 | -H-- | M] () -- C:\Dokumente und Einstellungen\Popeye2\ntuser.dat
[2010.08.12 12:07:35 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Popeye2\ntuser.ini
[2010.08.12 10:04:26 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Programme\HiJackThis204.exe
[2010.08.12 09:22:32 | 000,152,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.08.11 23:47:05 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.08.11 23:44:52 | 000,996,362 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.08.11 23:44:52 | 000,448,396 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.08.11 23:44:52 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.08.11 23:44:52 | 000,080,092 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.08.11 23:44:52 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.08.11 13:18:09 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.11 13:17:16 | 006,153,352 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Programme\mbam-setup-1.46.exe
[2010.08.11 13:10:15 | 000,339,991 | ---- | M] () -- C:\Programme\RSIT.exe
[2010.08.11 07:13:22 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010.08.11 07:13:22 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010.08.11 06:39:30 | 000,482,392 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010.08.11 06:24:19 | 109,342,472 | ---- | M] (Kaspersky Lab) -- C:\Programme\kis11.0.1.400de.exe
[2010.07.30 21:13:02 | 000,000,655 | ---- | M] () -- C:\Dokumente und Einstellungen\Popeye2\Desktop\NTFS Undelete.lnk
[2010.07.30 21:12:50 | 001,964,556 | ---- | M] (Atola Technology                                            ) -- C:\Programme\ntfsundelete.exe
[2010.07.29 23:31:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010.07.29 23:30:58 | 000,001,632 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Thunderbird.lnk
[2010.07.29 23:30:21 | 009,297,080 | ---- | M] (Mozilla) -- C:\Programme\Thunderbird Setup 3.1.1.exe
[2010.07.27 08:29:42 | 008,503,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2010.07.25 14:43:37 | 000,000,906 | ---- | M] () -- C:\Dokumente und Einstellungen\Popeye2\Desktop\DVDVideoSoft Free Studio.lnk
[2010.07.16 20:43:42 | 000,000,066 | ---- | M] () -- C:\WINDOWS\BBW_INFO.INI
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.08.31 10:55:03 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\PGTEXTJE.FOT
[2010.08.31 06:23:38 | 000,000,443 | ---- | C] () -- C:\Dokumente und Einstellungen\Popeye2\Desktop\PowerTracks Pro Audio.lnk
[2010.08.30 19:14:06 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\PGTEXTJ_.FOT
[2010.08.30 19:14:06 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\PGTEXT.FOT
[2010.08.30 19:14:06 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\PGCHORDS.FOT
[2010.08.30 18:35:00 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\PGMUS.FOT
[2010.08.30 18:35:00 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\pgjazz__.FOT
[2010.08.30 18:35:00 | 000,000,066 | ---- | C] () -- C:\WINDOWS\BBW_INFO.INI
[2010.08.30 18:33:25 | 000,059,004 | ---- | C] () -- C:\WINDOWS\System32\Pgtextj_.ttf
[2010.08.30 18:33:25 | 000,051,864 | ---- | C] () -- C:\WINDOWS\System32\Pgtextje.ttf
[2010.08.30 18:33:25 | 000,048,072 | ---- | C] () -- C:\WINDOWS\System32\Pgjazz__.ttf
[2010.08.30 18:33:25 | 000,000,647 | ---- | C] () -- C:\Dokumente und Einstellungen\Popeye2\Desktop\RealBand.lnk
[2010.08.30 18:33:25 | 000,000,443 | ---- | C] () -- C:\Dokumente und Einstellungen\Popeye2\Desktop\Band-in-a-Box.lnk
[2010.08.30 18:33:24 | 000,153,064 | ---- | C] () -- C:\WINDOWS\System32\Pgchords.ttf
[2010.08.30 18:33:24 | 000,153,064 | ---- | C] () -- C:\WINDOWS\System\Pgchords.ttf
[2010.08.30 18:33:24 | 000,059,004 | ---- | C] () -- C:\WINDOWS\System\Pgtextj_.ttf
[2010.08.30 18:33:24 | 000,051,864 | ---- | C] () -- C:\WINDOWS\System\Pgtextje.ttf
[2010.08.30 18:33:24 | 000,049,896 | ---- | C] () -- C:\WINDOWS\System32\Pgtext.ttf
[2010.08.30 18:33:24 | 000,049,896 | ---- | C] () -- C:\WINDOWS\System\Pgtext.ttf
[2010.08.30 18:33:24 | 000,048,072 | ---- | C] () -- C:\WINDOWS\System\Pgjazz__.ttf
[2010.08.30 18:33:24 | 000,047,252 | ---- | C] () -- C:\WINDOWS\System32\pgmus.ttf
[2010.08.30 18:33:24 | 000,047,252 | ---- | C] () -- C:\WINDOWS\System\pgmus.ttf
[2010.08.12 10:04:41 | 000,008,162 | ---- | C] () -- C:\Programme\hijackthis.log
[2010.08.11 13:18:09 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.11 13:10:11 | 000,339,991 | ---- | C] () -- C:\Programme\RSIT.exe
[2010.08.11 06:41:40 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010.08.11 06:41:40 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010.07.30 21:13:02 | 000,000,655 | ---- | C] () -- C:\Dokumente und Einstellungen\Popeye2\Desktop\NTFS Undelete.lnk
[2010.07.29 23:31:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.07.29 23:30:58 | 000,001,632 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Thunderbird.lnk
[2010.07.22 07:00:08 | 000,000,906 | ---- | C] () -- C:\Dokumente und Einstellungen\Popeye2\Desktop\DVDVideoSoft Free Studio.lnk
[2010.05.05 19:42:26 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI
[2010.05.05 13:12:30 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009.06.09 09:09:57 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2009.06.09 08:27:45 | 000,000,101 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2009.06.09 08:27:17 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2009.06.09 08:27:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2009.06.09 08:26:50 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2009.05.08 09:40:18 | 000,011,878 | ---- | C] () -- C:\WINDOWS\hpdj5800.ini
 
========== LOP Check ==========
 
[2010.05.04 21:19:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ChessBase
[2010.05.09 03:57:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2009.12.18 05:17:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.06.17 07:09:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\Amazon
[2010.05.04 14:32:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\ChessBase
[2010.06.15 17:12:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\DVDVideoSoftIEHelpers
[2009.06.09 10:05:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\ICAClient
[2010.08.12 12:07:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\ICQ
[2010.05.05 13:16:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\MAGIX
[2009.06.09 11:30:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\OpenOffice.org
[2010.05.04 22:51:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\Steinberg
[2010.07.29 23:31:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Popeye2\Anwendungsdaten\Thunderbird
[2010.08.12 17:48:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{3D906343-AD9F-4AD5-BE4D-3187AAB5FF9D}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 154 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:C22674B6
< End of report >

--- --- ---

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 12.08.2010 17:13:33 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Programme
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 59,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 37,26 Gb Total Space | 16,81 Gb Free Space | 45,12% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 224,74 Gb Free Space | 96,51% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ANDREAS-D73743F
Current User Name: Popeye2
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\DVDVideoSoft\Free Studio\Free YouTube to Mp3 Converter\FreeYouTubeToMP3Converter.exe" = C:\Programme\DVDVideoSoft\Free Studio\Free YouTube to Mp3 Converter\FreeYouTubeToMP3Converter.exe:*:Enabled:Free YouTube to MP3 Converter -- (DVDVideoSoft Limited.)
"C:\Programme\DVDVideoSoft\Free Studio\Free Audio CD to MP3 Converter\FreeAudioCDToMP3Converter.exe" = C:\Programme\DVDVideoSoft\Free Studio\Free Audio CD to MP3 Converter\FreeAudioCDToMP3Converter.exe:*:Disabled:Free Audio CD to MP3 Converter -- (DVDVideoSoft Limited.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{745877DC-8FFE-4E4C-ABBC-589B887A47D1}" = Virtual Sound Canvas DXi
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8FD66F0B-38FF-4834-88FF-56DC214A62ED}" = hp deskjet 5800
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{989DC5D9-A776-430D-9E16-D36E5B81CD86}" = USB Enhanced Performance Keyboard Software
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1
"{DA22A6BB-10B5-4595-BD59-1AD4023C8536}" = Virtual Sound Canvas VST
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"ASIO4ALL" = ASIO4ALL
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"AviSynth" = AviSynth 2.5
"BB_is1" = Band-in-a-Box Pro RealTracks
"Citrix ICA Web Client" = MetaFrame Presentation Server Web Client for Win32
"CutePDF Writer Installation" = CutePDF Writer 2.7
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Studio_is1" = Free Studio version 4.8
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.7
"ie8" = Windows Internet Explorer 8
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"IrfanView" = IrfanView (remove only)
"Lexmark X1100 Series" = Lexmark X1100 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Thunderbird (3.1.2)" = Mozilla Thunderbird (3.1.2)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NTFS Undelete_is1" = NTFS Undelete v0.94
"PG_DX_Plugins_is1" = PG Music DirectX Plugins 2.0.0.0
"Picasa 3" = Picasa 3
"PTW80_is1" = PowerTracks Pro Audio 6
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosofts Lizenz Kontrolle
"Uninstall_is1" = Uninstall 1.0.0.1
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 13.07.2010 07:40:51 | Computer Name = ANDREAS-D73743F | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich 
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 13.07.2010 07:40:51 | Computer Name = ANDREAS-D73743F | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich 
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 18.07.2010 02:15:38 | Computer Name = ANDREAS-D73743F | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 28.07.2010 11:23:35 | Computer Name = ANDREAS-D73743F | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung ICQ.exe, Version 6.5.0.2024, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 01.08.2010 07:06:28 | Computer Name = ANDREAS-D73743F | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 01.08.2010 07:06:30 | Computer Name = ANDREAS-D73743F | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 05.08.2010 02:29:23 | Computer Name = ANDREAS-D73743F | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 11.08.2010 00:32:51 | Computer Name = ANDREAS-D73743F | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung setup.exe, Version 10.0.0.29, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 12.08.2010 11:11:06 | Computer Name = ANDREAS-D73743F | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.9.1, Stillstandmodul 
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 12.08.2010 11:11:10 | Computer Name = ANDREAS-D73743F | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.9.1, Stillstandmodul 
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
[ System Events ]
Error - 30.08.2010 12:25:20 | Computer Name = ANDREAS-D73743F | Source = Windows Update Agent | ID = 16
Description = Verbindung nicht möglich: Es konnte keine Verbindung mit dem Dienst
 "Automatische Updates" hergestellt werden, daher können Updates nicht nach dem 
angegebenen Zeitplan heruntergeladen und installiert werden. Es wird weiterhin versucht,
 eine Verbindung herzustellen.
 
Error - 02.09.2010 02:13:07 | Computer Name = ANDREAS-D73743F | Source = Windows Update Agent | ID = 16
Description = Verbindung nicht möglich: Es konnte keine Verbindung mit dem Dienst
 "Automatische Updates" hergestellt werden, daher können Updates nicht nach dem 
angegebenen Zeitplan heruntergeladen und installiert werden. Es wird weiterhin versucht,
 eine Verbindung herzustellen.
 
Error - 16.06.2010 05:44:44 | Computer Name = ANDREAS-D73743F | Source = Print | ID = 6161
Description = Das Dokument Songliste Stephanie Blake Neue Liste, im Besitz von Popeye2,
 konnte nicht auf dem Drucker CutePDF Writer gedruckt werden. Datentyp: NT EMF 1.008.
 Größe der Warteschlangendatei in Bytes: 83284. Anzahl der gedruckten Bytes: 0. 
Gesamtanzahl der Seiten des Dokuments: 3. Anzahl der gedruckten Seiten: 0. Clientcomputer:
 \\ANDREAS-D73743F. Vom Druckprozessor zurückgelieferter Win32-Fehlercode: 6 (0x6).
 
 
Error - 18.06.2010 04:28:08 | Computer Name = ANDREAS-D73743F | Source = ati2mtag | ID = 262252
Description = Treiber ati2dvag für display-Gerät \Device\Video0 befindet sich in
 einer unendlichen  Schleife. Wahrscheinlich funktioniert das Gerät fehlerhaft, oder
 die  Hardware wurde vom Gerätetreiber nicht ordnungsgemäß programmiert.  Wenden Sie
 sich an den Hardwarehersteller, um Treiberupdates zu beziehen.
 
Error - 18.06.2010 04:30:40 | Computer Name = ANDREAS-D73743F | Source = System Error | ID = 1003
Description = Fehlercode 000000ea, 1. Parameter 89698da8, 2. Parameter 896f4dc8,
 3. Parameter 89732c88, 4. Parameter 00000001.
 
 
< End of report >

--- --- ---

Habe ich einen Virus oder Malware oder sonstiges auf dem Rechner?

Log-Analyse und Auswertung: Habe ich einen Virus oder Malware oder sonstiges auf dem Rechner?

Habe ich einen Virus oder Malware oder sonstiges auf dem Rechner?

Ähnliche Themen: Habe ich einen Virus oder Malware oder sonstiges auf dem Rechner?