Home » Spyware & Browser Hijacker Support Forum » 100 TAN-Anforderung beim Einloggen ins Online-Banking » Themenansicht

100 TAN-Anforderung beim Einloggen ins Online-Banking
#0
02.05.2011, 12:05
schmuseking
Member

Beiträge: 36
#1 Seit Sonntag 1. Mai wird auf meinem Laptop beim Einloggen ins Online-Banking der Postbank eine Aufforderung angezeigt, die 100 TANs meine TAN-Liste einzugeben. Ich bin dieser Aufforderung natürlich nicht gefolgt, kann mich aber deshalb nicht mehr ins Online-Banking einloggen.

Es passierte zuerst mit Firefox. Ich habe dann den Internet-Explorer versucht, mit dem gleichen Ergebnis. Zwischendurch ging es dann mit Firefox wieder, mit Internet-Explorer nicht.

Auf dem Rechner ist McAfee installiert (aktuelle Fassung), ein durchgeführter Scan verlief aber erfolglos (0 Funde).

Ich habe dann nach Anleitung in diesem Forum Schritt 2 OTL.exe durchgeführt. Das Ergebnis sind folgende LOGFILES (Ich habe aber ersetzt;
meinen Namen durch NAME.VORNAME,
den Firmennamen durch F-NAME,
den Computernamen durch C-NAME):

OTL.Txt:

Code


OTL logfile created on: 02.05.2011 11:05:01 - Run 2
OTL by OldTimer - Version 3.2.22.3     Folder = D:\_Privat\Programme
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 58,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): S:\pagefile.sys 1536 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 19,53 Gb Total Space | 2,69 Gb Free Space | 13,77% Space Free | Partition Type: NTFS
Drive D: | 127,57 Gb Total Space | 118,14 Gb Free Space | 92,61% Space Free | Partition Type: NTFS
Drive S: | 1,95 Gb Total Space | 0,44 Gb Free Space | 22,58% Space Free | Partition Type: NTFS
 
Computer Name: C-NAME | User Name: NAME.VORNAME | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - D:\_Privat\Programme\OTL.exe (OldTimer Tools)
PRC - C:\Programme\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\Common Framework\Mctray.exe (McAfee, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Adobe\Acrobat Standard 8\Acrobat\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\Programme\Adobe\Acrobat Standard 8\Acrobat\Acrobat.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Cisco Systems\VPN Client\vpngui.exe (Cisco Systems, Inc.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe (TOSHIBA CORPORATION.)
PRC - c:\_INTEGRA\BIN\SHSTART.EXE (Symantec Corporation)
PRC - C:\Programme\Funk_Host\PhTray.exe (Funk Software, Inc.)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - D:\_Privat\Programme\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://intranet.F-NAME.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "www.F-NAME.de"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0
 
 
[2009.02.04 15:38:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\NAME.VORNAME\Anwendungsdaten\Mozilla\Extensions
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\NAME.VORNAME\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\K2KFHE56.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\NAME.VORNAME\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\K2KFHE56.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\NAME.VORNAME\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\K2KFHE56.DEFAULT\EXTENSIONS\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}
File not found (No name found) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
File not found (No name found) -- C:\PROGRAMME\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
 
O1 HOSTS File: ([2005.11.28 20:07:06 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\McAfee\VirusScan Enterprise\ScriptCl.dll (McAfee, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat Standard 8\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat Standard 8\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat Standard 8\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat Standard 8\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Programme\Adobe\Acrobat Standard 8\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AeXAgentLogon] C:\Programme\Altiris\Altiris Agent\AeXAgentActivate.exe (Altiris, Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [CCM User Profile Manager] c:\_integra\upm\bin\CCM_User.exe (Symantec Corp.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Programme\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [ProxyHostTrayIcon] C:\Programme\Funk_Host\phtray.exe (Funk Software, Inc.)
O4 - HKLM..\Run: [ShStatEXE] C:\Programme\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKCU..\Run: [{2F63D51E-C705-2B9F-1EE3-6EE3203932B4}] C:\Dokumente und Einstellungen\NAME.VORNAME\Anwendungsdaten\Qioq\nyluu.exe (Dtshhvjf Ecbhbkpo)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk = C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk = C:\WINDOWS\Installer\{D25122BC-A60E-4663-B602-B01718F12044}\Icon3E5562ED7.ico ()
O4 - Startup: C:\Dokumente und Einstellungen\NAME.VORNAME\Startmenü\Programme\Autostart\Internet Explorer.lnk =  File not found
O4 - Startup: C:\Dokumente und Einstellungen\NAME.VORNAME\Startmenü\Programme\Autostart\Kopie von Windows-Explorer.lnk = C:\WINDOWS\explorer.exe (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\NAME.VORNAME\Startmenü\Programme\Autostart\Windows-Explorer.lnk = C:\WINDOWS\explorer.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\New Windows present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\SQM present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStartupSound = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentProgForNewUserInStartMenu = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictWelcomeCenter = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoManageMyComputerVerb = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TurnOffSPIAnimations = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableThumbsDBOnNetworkFolders = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInplaceSharing = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCANetwork = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuNetworkPlaces = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: QuickLaunchEnabled = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeAnimation = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutorun = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Intellimenus = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictCpl = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 1 = Automatische Updates
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 2 = Benutzerkonten
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 3 = Drahtlosnetzwerkinstallation
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 4 = Gamecontroller
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 5 = Grplante Tasks
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 6 = Hardware
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 7 = Java (Sun Microsystems, Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 8 = Netzwerkverbindungen
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 9 = Ordneroptionen
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 10 = Scanner und Kameras
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 11 = Sicherheitscenter
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 12 = Software
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 13 = System
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 14 = Telefon- und Modemoptionen
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 15 = Verwaltung
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 16 = Windows-Firewall
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 1 = access.cpl (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 2 = bthprops.cpl (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 3 = desk.cpl (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 4 = intl.cpl (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 5 = main.cpl (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 7 = powercfg.cpl (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl: 8 = telephon.cpl (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: Wallpaper = c:\windows\C-NAME.jpg ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoColorChoice = 1
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Programme\Adobe\Acrobat Standard 8\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat Standard 8\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat Standard 8\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat Standard 8\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat Standard 8\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat Standard 8\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat Standard 8\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat Standard 8\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\bin\NPJPI150_16.dll (Sun Microsystems, Inc.)
O15 - HKLM\..Trusted Domains: F-NAME.de ([*.user] * in Local intranet)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1223969927450 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_16-windows-i586.cab (Java Plug-in 1.5.0_16)
O16 - DPF: {CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_16-windows-i586.cab (Java Plug-in 1.5.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_16-windows-i586.cab (Java Plug-in 1.5.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.173.194.68 213.168.112.60
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = user.F-NAME.de
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\_integra\bin\shstart.exe) - c:\_INTEGRA\BIN\SHSTART.EXE (Symantec Corporation)
O20 - HKLM Winlogon: GinaDLL - (c:\_integra\bin\smegina.dll) - c:\_INTEGRA\BIN\SMEGINA.DLL (Symantec Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.10.13 16:24:54 | 000,000,139 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011.05.02 01:11:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
[2011.04.30 17:25:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NAME.VORNAME\Anwendungsdaten\Qioq
[2011.04.30 17:25:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NAME.VORNAME\Anwendungsdaten\Enit
[2004.11.24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011.05.02 08:07:22 | 000,521,112 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.05.02 08:07:22 | 000,496,580 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.05.02 08:07:22 | 000,103,328 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.05.02 08:07:22 | 000,086,158 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.05.02 08:06:01 | 000,002,423 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk
[2011.05.02 08:04:27 | 000,001,523 | ---- | M] () -- C:\Dokumente und Einstellungen\NAME.VORNAME\Desktop\Mozilla Firefox.lnk
[2011.05.02 08:01:26 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\AddProdokPrinter.job
[2011.05.02 08:00:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.05.02 08:00:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.05.02 08:00:19 | 2137,440,256 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.27 00:16:15 | 000,001,550 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Arbeitsplatz sperren.lnk
[2011.04.27 00:16:15 | 000,001,391 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Windows-Explorer - Laufwerk O.lnk
[2011.04.27 00:16:15 | 000,001,371 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Windows-Explorer.lnk
[2011.04.24 08:50:36 | 000,280,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.04.23 03:07:04 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.04.20 09:23:49 | 000,043,956 | RHS- | M] () -- C:\Dokumente und Einstellungen\All Users\ntuser.pol
[2011.04.09 12:15:39 | 000,044,052 | RHS- | M] () -- C:\Dokumente und Einstellungen\NAME.VORNAME\ntuser.pol
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011.04.04 09:24:31 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\AddProdokPrinter.job
[2009.06.04 15:34:30 | 000,075,264 | ---- | C] () -- C:\Dokumente und Einstellungen\NAME.VORNAME\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.20 20:18:51 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.12.19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008.12.17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008.12.17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008.12.17 19:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008.12.17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008.10.16 09:03:42 | 000,000,253 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2008.10.16 09:03:14 | 000,001,312 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2008.10.16 09:02:49 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.DLL
[2008.10.16 09:02:49 | 000,000,526 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.DAT
[2008.10.14 09:22:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2008.10.13 17:05:24 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008.10.13 16:45:31 | 000,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2008.10.13 16:42:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.10.13 16:41:40 | 000,280,536 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.10.13 16:40:04 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\TXTUSER.EXE
[2008.10.13 16:39:18 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008.10.13 16:39:18 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008.10.13 16:39:18 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008.10.13 16:39:18 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008.10.13 16:39:18 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008.10.13 16:39:18 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008.10.13 16:23:00 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.10.13 15:54:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008.10.13 15:50:38 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.06.26 15:37:12 | 000,701,840 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008.06.26 15:37:12 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4785.dll
[2008.06.26 15:37:02 | 000,050,127 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006.11.02 18:10:16 | 000,080,912 | ---- | C] () -- C:\WINDOWS\System32\sherlock2.exe
[2006.06.02 08:28:14 | 000,254,464 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT2X.DLL
[2006.04.20 08:34:38 | 000,197,680 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2006.04.20 08:34:24 | 000,193,584 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2005.09.26 13:24:56 | 000,058,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\ph32isys.sys
[2005.09.02 14:44:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005.07.22 21:30:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004.10.03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004.07.20 17:04:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004.01.15 14:43:00 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1980.01.01 01:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[1980.01.01 01:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[1980.01.01 01:00:00 | 000,521,112 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[1980.01.01 01:00:00 | 000,496,580 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[1980.01.01 01:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[1980.01.01 01:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[1980.01.01 01:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[1980.01.01 01:00:00 | 000,103,328 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[1980.01.01 01:00:00 | 000,086,158 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[1980.01.01 01:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[1980.01.01 01:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[1980.01.01 01:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[1980.01.01 01:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[1980.01.01 01:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1980.01.01 01:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[1980.01.01 01:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1980.01.01 01:00:00 | 000,000,274 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009.07.14 12:41:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GroupPolicy
[2011.05.02 01:11:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
[2011.05.02 09:02:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NAME.VORNAME\Anwendungsdaten\Enit
[2008.11.24 09:36:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NAME.VORNAME\Anwendungsdaten\InterVideo
[2008.10.16 09:05:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NAME.VORNAME\Anwendungsdaten\On Technology
[2011.04.30 17:25:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NAME.VORNAME\Anwendungsdaten\Qioq
[2011.04.11 08:57:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NAME.VORNAME\Anwendungsdaten\Thinstall
[2011.05.02 08:01:26 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\AddProdokPrinter.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2009.04.29 08:15:46 | 000,000,000 | ---D | M](C:\WINDOWS\System32\?G) -- C:\WINDOWS\System32\ҠĜ
[2009.04.29 08:15:46 | 000,000,000 | ---D | C](C:\WINDOWS\System32\?G) -- C:\WINDOWS\System32\ҠĜ

< End of report >



Extras.Txt:

Code


OTL Extras logfile created on: 02.05.2011 11:05:11 - Run 2
OTL by OldTimer - Version 3.2.22.3     Folder = D:\_Privat\Programme
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 58,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): S:\pagefile.sys 1536 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 19,53 Gb Total Space | 2,69 Gb Free Space | 13,77% Space Free | Partition Type: NTFS
Drive D: | 127,57 Gb Total Space | 118,14 Gb Free Space | 92,61% Space Free | Partition Type: NTFS
Drive S: | 1,95 Gb Total Space | 0,44 Gb Free Space | 22,58% Space Free | Partition Type: NTFS
 
Computer Name: C-NAME | User Name: NAME.VORNAME | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 1
"DisableConfig" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
"PolicyVersion" = 513
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\PrivateProfile]
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\PublicProfile]
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\McAfee\Common Framework\FrameworkService.exe" = C:\Programme\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service -- (McAfee, Inc.)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03EB965C-4141-4ED5-ACAB-8A87CB09797A}" = EAS Client
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{15D5B6F0-E49D-46C3-9275-70F4E4122C5C}" = Zins2006
"{3248F0A8-6813-11D6-A77B-00B0D0150160}" = J2SE Runtime Environment 5.0 Update 16
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35C03C04-3F1F-42C2-A989-A757EE691F65}" = McAfee VirusScan Enterprise
"{36795A4D-7DC7-448A-BBF3-7F587E0331A8}" = Fujitsu WebCam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{54971F17-9D16-4D43-95D6-3A86E3D20EDB}" = Office-Bibliothek 4.1
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{756C2FB8-D20E-4096-A2F9-051B6ADE3491}" = ProdokLink
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786547F9-59BB-4FA3-B2D8-327FF1F14870}" = Adobe Flash Player 9 ActiveX
"{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{903B0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003
"{90510407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{90885A82-9673-49EA-AB39-AF776639C67C}" = InterVideo WinDVD 7
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-1033-F400-BA7E-000000000003}" = Adobe Acrobat  8 Standard - English, Français, Deutsch
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D25122BC-A60E-4663-B602-B01718F12044}" = Cisco Systems VPN Client 4.8.01.0300
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EE89F5E3-D21E-413A-87FB-7E31BEDE429A}" = Proxy Host
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Adobe Acrobat  8 Standard - English, Français, Deutsch" = Adobe Acrobat 8.1.2 Standard
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AltirisAgent" = Altiris Agent
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{756C2FB8-D20E-4096-A2F9-051B6ADE3491}" = ProdokLink
"IrfanView" = IrfanView (remove only)
"McAfee Anti-Spyware Enterprise Module" = McAfee AntiSpyware Enterprise Module
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6
"Nero BurnRights!UninstallKey" = Nero BurnRights (Ahead Software)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.0.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XP Codec Pack" = XP Codec Pack
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
Error: Unable to start EventLog service!
 
< End of report >




Schritt 3 mit Gmer kann ich nicht durchführen:
1). Ich habe als Nutzer eines Firmen-Laptops keine Administrator-Rechte und kann deshalb McAfee nicht abschalten (ich bekomme die VirusScan Konsole gar nicht angezeigt).
2) Wenn ich Gmer trotzdem laufen lasse, bricht das Programm zwischendurch ab.

Ich hoffe trotzdem auf Vorschläge aus dem Forum. Ich nutze den Laptop am Telearbeitsplatz, die Zentrale der Firma ist ca. 100 km weit weg, und ich komme in nächster Zeit nicht dorthin, um einen Kollegen mit Administrator-Rechten aufzusuchen.

Vielen Dank,

schmuseking
Seitenanfang Seitenende
02.05.2011, 15:32
Swisstreasure
Moderator

Beiträge: 5694
#2 In diesem Forum werden ausschließlich Computersysteme von privaten Endbenutzern betreut. Wir können keine Hilfestellung leisten, wenn es sich bei Ihrem System um einen geschäftlich genutzten Computer handelt.
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1