|
Log-Analyse und Auswertung: Aus Sicherheitsgründen wurde ihr Windowssystem blockiert...Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
08.12.2011, 17:20 | #1 |
| Aus Sicherheitsgründen wurde ihr Windowssystem blockiert... Hab mir jetzt auch den Mist eingefangen... wie soll ich vorgehen? hab jetzt diese OTL und EXTRAS datei... was tun damit? |
08.12.2011, 17:24 | #2 |
| Aus Sicherheitsgründen wurde ihr Windowssystem blockiert... OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 08.12.2011 17:01:24 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\alexa & rom\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16982) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,87 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 79,05% Memory free 3,96 Gb Paging File | 3,73 Gb Available in Paging File | 94,17% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 142,21 Gb Total Space | 94,21 Gb Free Space | 66,24% Space Free | Partition Type: NTFS Computer Name: PC | User Name: alexa & rom | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.12.08 16:54:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\alexa & rom\Desktop\OTL.exe PRC - [2010.08.01 11:02:55 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService) SRV - [2011.07.10 07:01:54 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2011.07.10 07:01:53 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.05.01 20:43:52 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009.03.31 08:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Stopped] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2007.09.30 21:52:39 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007.03.26 19:43:02 | 000,864,816 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv) SRV - [2007.02.06 02:13:14 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2006.12.29 00:17:50 | 000,123,248 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr) ========== Driver Services (SafeList) ========== DRV - [2011.07.10 07:01:54 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.07.10 07:01:54 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.03.31 08:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009.03.20 09:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2009.03.20 09:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM) DRV - [2009.03.20 09:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) DRV - [2007.03.26 19:43:00 | 000,039,472 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDRm.sys -- (incdrm) DRV - [2007.03.26 19:42:56 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDPass.sys -- (InCDPass) DRV - [2007.03.26 19:42:44 | 000,108,592 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\InCDfs.sys -- (InCDfs) DRV - [2007.03.01 02:04:58 | 000,694,784 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2007.02.02 08:09:39 | 002,385,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2006.12.14 16:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2006.12.13 19:00:07 | 000,025,600 | ---- | M] (Attansic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L260x86.sys -- (Atc002) DRV - [2006.11.22 10:34:59 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2006.11.16 03:02:19 | 000,015,216 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio) DRV - [2006.11.02 10:50:17 | 000,041,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM) DRV - [2006.11.02 08:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2006.11.02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2006.10.14 04:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = ASUSTeK Computer Inc. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 3 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll (TVU networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.02.22 21:54:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.02.22 21:54:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.03 09:44:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.19 20:09:13 | 000,000,000 | ---D | M] [2010.07.29 12:51:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\alexa & rom\AppData\Roaming\mozilla\Extensions [2011.07.10 07:14:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\alexa & rom\AppData\Roaming\mozilla\Firefox\Profiles\snjm6irl.default\extensions [2010.11.23 22:51:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\alexa & rom\AppData\Roaming\mozilla\Firefox\Profiles\snjm6irl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.08.13 22:24:09 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\alexa & rom\AppData\Roaming\mozilla\Firefox\Profiles\snjm6irl.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.09.25 13:37:00 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\alexa & rom\AppData\Roaming\mozilla\Firefox\Profiles\snjm6irl.default\extensions\firefox@tvunetworks.com [2011.11.30 11:56:42 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Users\alexa & rom\AppData\Roaming\mozilla\Firefox\Profiles\snjm6irl.default\extensions\toolbar@ask.com [2011.12.06 08:11:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2011.12.06 08:11:34 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011.12.03 09:44:00 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.10.25 18:05:30 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.25 18:05:30 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011.10.25 18:05:30 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.10.25 18:05:30 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.25 18:05:30 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.25 18:05:30 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL (Microsoft Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName}) O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe () O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe () O4 - HKLM..\Run: [ASUSTPE] C:\Windows\System32\ASUSTPE.exe (ASUS) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE (ASUSTeK Computer INC.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe () O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [{CD74A6EF-6F91-11DC-95BD-806E6F6E6963}] C:\Users\alexa & rom\AppData\Roaming\Microsoft\hostrun.exe (Auslogics) O4 - HKCU..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{05BC0F06-48F0-432E-A7FF-09057B72976E}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\alexa & rom\Pictures\Malle 2010\DSCF2215.JPG O24 - Desktop BackupWallPaper: C:\Users\alexa & rom\Pictures\Malle 2010\DSCF2215.JPG O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.12.08 16:57:22 | 000,000,000 | ---D | C] -- C:\_OTL [2011.12.08 16:55:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\alexa & rom\Desktop\OTL.exe [2011.12.06 08:11:50 | 000,000,000 | ---D | C] -- C:\Users\alexa & rom\AppData\Roaming\Skype [2011.12.06 08:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.12.06 08:10:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2011.12.06 08:10:26 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2011.12.06 08:10:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2011.12.06 08:07:15 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\amcap.exe [2011.12.06 08:07:12 | 010,526,464 | ---- | C] (Sonix Co. Ltd.) -- C:\Windows\System32\drivers\snpstd3.sys [2011.12.06 08:07:10 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd3.dll [2011.12.06 08:07:10 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll [2011.12.06 08:07:09 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll [2011.12.06 08:07:09 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll [2011.12.06 08:07:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trust [2011.12.06 08:07:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\snpstd3 [2011.12.06 08:06:20 | 000,000,000 | ---D | C] -- C:\Users\alexa & rom\AppData\Roaming\InstallShield [2011.11.15 17:49:12 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2011.11.13 21:29:25 | 000,000,000 | ---D | C] -- C:\Users\alexa & rom\AppData\Roaming\gtk-2.0 ========== Files - Modified Within 30 Days ========== [2011.12.08 17:00:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.12.08 16:56:07 | 000,640,358 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.12.08 16:56:07 | 000,609,532 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.12.08 16:56:07 | 000,116,122 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.12.08 16:56:07 | 000,103,314 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.12.08 16:54:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\alexa & rom\Desktop\OTL.exe [2011.12.08 16:41:56 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2011.12.08 16:41:54 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.12.08 16:41:54 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.12.08 10:04:03 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.12.06 08:10:48 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2011.12.04 15:24:14 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011.11.22 19:13:10 | 016,132,525 | ---- | M] () -- C:\Users\alexa & rom\Desktop\MatheStudiumsanfang.rar [2011.11.15 17:49:12 | 161,456,137 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011.11.13 21:31:01 | 000,001,492 | ---- | M] () -- C:\Users\alexa & rom\.recently-used.xbel [2011.11.10 13:00:30 | 000,027,539 | ---- | M] () -- C:\Users\alexa & rom\Desktop\alex bewerbung.jpg ========== Files Created - No Company Name ========== [2011.12.06 08:10:48 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2011.12.06 08:07:14 | 000,835,584 | ---- | C] () -- C:\Windows\vsnpstd3.exe [2011.12.06 08:07:14 | 000,339,968 | ---- | C] () -- C:\Windows\tsnpstd3.exe [2011.12.06 08:07:13 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini [2011.12.06 08:07:13 | 000,013,023 | ---- | C] () -- C:\Windows\snpstd3.src [2011.11.22 19:12:46 | 016,132,525 | ---- | C] () -- C:\Users\alexa & rom\Desktop\MatheStudiumsanfang.rar [2011.11.15 17:48:49 | 161,456,137 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011.11.13 21:31:01 | 000,001,492 | ---- | C] () -- C:\Users\alexa & rom\.recently-used.xbel [2011.11.10 13:00:30 | 000,027,539 | ---- | C] () -- C:\Users\alexa & rom\Desktop\alex bewerbung.jpg [2011.11.08 06:31:21 | 000,000,063 | ---- | C] () -- C:\Windows\WINHELP.INI [2011.11.08 06:30:05 | 000,006,753 | ---- | C] () -- C:\Windows\Mmp700.ini [2011.11.08 06:30:05 | 000,001,458 | ---- | C] () -- C:\Windows\Mmp700Prof.ini [2011.11.08 06:29:35 | 000,009,833 | ---- | C] () -- C:\Windows\mmp250a.ini [2011.11.08 06:29:35 | 000,005,376 | ---- | C] () -- C:\Windows\System32\vtssmgr.dll [2011.05.23 22:42:28 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2011.04.04 18:21:30 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011.04.04 18:21:30 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2010.07.29 18:14:34 | 000,000,680 | ---- | C] () -- C:\Users\alexa & rom\AppData\Local\d3d9caps.dat [2010.07.29 18:08:38 | 000,025,088 | ---- | C] () -- C:\Users\alexa & rom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.07.29 18:05:46 | 000,000,546 | ---- | C] () -- C:\Windows\System32\ABF5R.DAT [2007.10.25 16:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2007.09.30 22:42:48 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe [2007.09.30 22:26:47 | 000,033,136 | ---- | C] () -- C:\Windows\ASScrPro.exe [2007.09.30 22:26:36 | 000,037,232 | ---- | C] () -- C:\Windows\ASScrProlog.exe [2007.09.30 22:26:34 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll [2007.04.18 10:14:04 | 000,640,358 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2007.04.18 10:14:04 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2007.04.18 10:14:04 | 000,116,122 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2007.04.18 10:14:04 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2007.04.18 10:06:01 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini [2007.04.18 09:33:08 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2007.02.02 07:38:31 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2007.01.30 04:21:33 | 000,128,813 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 000,398,056 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,609,532 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,103,314 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.11.02 08:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2006.11.02 08:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2006.03.10 03:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll ========== LOP Check ========== [2010.08.13 22:24:07 | 000,000,000 | ---D | M] -- C:\Users\alexa & rom\AppData\Roaming\DVDVideoSoftIEHelpers [2011.11.13 21:31:01 | 000,000,000 | ---D | M] -- C:\Users\alexa & rom\AppData\Roaming\gtk-2.0 [2011.10.25 18:05:18 | 000,000,000 | ---D | M] -- C:\Users\alexa & rom\AppData\Roaming\ICQ [2010.08.24 10:33:48 | 000,000,000 | ---D | M] -- C:\Users\alexa & rom\AppData\Roaming\OpenOffice.org [2011.04.04 18:27:26 | 000,000,000 | ---D | M] -- C:\Users\alexa & rom\AppData\Roaming\PC Suite [2011.04.04 18:21:11 | 000,000,000 | ---D | M] -- C:\Users\alexa & rom\AppData\Roaming\Samsung [2011.12.08 10:04:04 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > |
08.12.2011, 17:24 | #3 |
| Aus Sicherheitsgründen wurde ihr Windowssystem blockiert... OTL EXTRAS Logfile:
__________________Code:
ATTFilter OTL Extras logfile created on: 08.12.2011 17:01:24 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\alexa & rom\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16982) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,87 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 79,05% Memory free 3,96 Gb Paging File | 3,73 Gb Available in Paging File | 94,17% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 142,21 Gb Total Space | 94,21 Gb Free Space | 66,24% Space Free | Partition Type: NTFS Computer Name: PC | User Name: alexa & rom | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{764A451D-CF3A-4B2D-9231-4D59624C5ABF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{10847FA6-68E1-4A19-AB37-29450F3CA761}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{19EC083E-83C2-4083-AED2-A2F2B055F38F}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{1F8D6CA0-4131-40C2-A70A-65DFC855C3EE}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{26FFC7FD-9B97-48DF-8632-592B4F4E7FB5}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "{29DA30ED-3E78-4F3E-9D4D-42B8AA9C17C8}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{30D76A94-5747-43A7-BA7A-2486DD417525}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{3187CA55-9551-4896-91B4-7ACE4A83645F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{464A55A7-A1EB-4367-BEAD-4F12EB9FC98B}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "{46DA1F5A-D187-464B-90BD-58FABED0540B}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{578CD5C9-DA2D-4D9A-9092-4FF076C1A4F6}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{5E4E526C-DA7B-4548-B2A0-25238D5DCB87}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{7D7C1AA9-DD14-4992-9012-5712385C847F}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{833E0711-AC17-4E7D-BE22-273E7DB9F554}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "{87795D5C-8239-46A7-AC86-4E17C6CC7D43}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{B281D5E5-9F15-4127-9EFA-84F6EDFF5193}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{C21EA1E2-9136-4370-8BEE-39232C47654D}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{CE61A259-1FEF-442B-B9FA-32E98EEC9A72}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "{D94E3FAF-5EEF-422F-AA56-0553738E98F6}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "{DB5BA01C-BC52-4A80-A423-08245CBA7955}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{EB511178-98F5-4C35-9770-C3F18C3A38E0}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "{F8765DF7-A414-4EB2-AEFB-832141644F88}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "TCP Query User{011962DD-D25B-4808-A68B-9610D1F9617E}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe | "TCP Query User{452E6D58-A51E-4537-BA8A-C05F220305F7}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{50093652-74D3-4676-9E45-96D847DA4041}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | "TCP Query User{E50D1E48-1CEA-4592-AF83-140DC5EA4FDD}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{1A5CEB34-4DB9-42D3-B1CB-2FBBB8C206FB}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{6ACEEA5D-BCBD-4F16-B6D9-8051D8384EF9}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{BE2CCF63-3FE4-4C17-B9DF-CD0608C73074}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe | "UDP Query User{D4E98433-80EA-4B36-8DBE-0661FDA1DBCA}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{05D67915-50EC-56C9-7148-552F8D205383}" = CCC Help German "{08C69626-1E29-7EE2-E122-D475D7BAAF0B}" = Catalyst Control Center Localization Hungarian "{09E9F3B1-2965-3D8B-F624-2F44D99B53B0}" = Catalyst Control Center Graphics Light "{0E4E7AB0-6FFB-4C76-FD74-810DE985D518}" = Catalyst Control Center Localization Greek "{10D3701B-1463-0C2F-748E-3E03FADEB711}" = Catalyst Control Center Localization Norwegian "{117FBA8C-9325-4BCD-B19A-0BF21EA9A374}" = Catalyst Control Center Localization Spanish "{122321B4-A450-0052-CAD8-B419C0EAD392}" = CCC Help Spanish "{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media "{1606E90F-5327-EE07-9137-C518BF3DFFCE}" = Catalyst Control Center Localization Swedish "{196BC239-53AB-615F-9B0D-FD2D61D31A58}" = Catalyst Control Center Localization Czech "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Giga Ethernet Utility "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26 "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22 "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2D06A54D-6FA7-62F1-E824-E0109C069D8E}" = CCC Help Russian "{2EBC713F-3022-A21B-6266-376ED7C43C07}" = CCC Help French "{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey "{3969961F-4B9A-DEB9-BC69-F0348E527DEA}" = Catalyst Control Center Localization Chinese Standard "{39EAC702-D866-AA54-97C6-13E8AAAC2219}" = CCC Help Hungarian "{3CE73C5D-D8F0-D6D0-E5AB-39A798BF4571}" = Skins "{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager "{46663439-F39E-BF21-673C-19A035F9C708}" = Catalyst Control Center Localization Thai "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C4A9592-2854-E201-F7A9-2AE77AB35E37}" = CCC Help Portuguese "{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun "{5A74F5DD-CD86-FE24-C8D3-9850F43FD42D}" = CCC Help Czech "{5BD877FE-9E11-D996-DEDB-ABAF4A251C39}" = CCC Help Chinese Standard "{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2 "{5C39AF9B-9567-4CFC-BABE-EAA6A0629178}" = GX IEC Developer 7.00 "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{6153EBDC-A52B-6B24-4A3C-5CC8F85BE0DF}" = Catalyst Control Center Graphics Full New "{6173A4FC-D42D-69A6-52CA-A30496389760}" = ccc-core-static "{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{661EA4BC-FF51-FE25-7E59-D8BA41170189}" = Catalyst Control Center Localization Chinese Traditional "{67645155-2149-7ED9-003E-92BFB7EA262A}" = Catalyst Control Center Localization Portuguese "{68AB9F5B-85BA-1A49-F5B9-103C172A90F6}" = Catalyst Control Center Localization Korean "{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2 "{740323AF-4EFD-EB99-8632-6B5AA9D53411}" = Catalyst Control Center Localization Dutch "{7D5F5F2C-B978-2AD9-B54D-BC9006C35333}" = CCC Help Japanese "{7D6E6E66-8B3D-42C2-DE13-E3F0C6A178D9}" = CCC Help Korean "{7DFBD5A5-F88B-ED78-E5FD-FB994138BB25}" = ccc-utility "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2 "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{893EFD7C-B705-892C-E6E0-49BFB6C621BC}" = Catalyst Control Center Localization Russian "{8B8FC6A3-3467-5786-657E-6893DDA7F52D}" = CCC Help Swedish "{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007 "{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007 "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007 "{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007 "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007 "{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007 "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007 "{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007 "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007 "{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007 "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007 "{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007 "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007 "{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007 "{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{97F32DF8-D66E-446A-A425-C1D7B45C1033}" = Nero 7 Essentials "{9A70075D-6071-4704-EAF6-6DEB51CB777B}" = Catalyst Control Center Localization Finnish "{9D513AEB-187D-C020-317A-5804F781CC95}" = CCC Help Chinese Traditional "{9D88CAFF-7CB3-916A-0A1F-5E0DB4ECD073}" = Catalyst Control Center Localization Danish "{9EE7095B-F74E-4DC9-FAF7-75C940A1C3E9}" = Catalyst Control Center Localization French "{A315B77A-24C5-95D9-9325-61C98FBB7C53}" = Catalyst Control Center Localization German "{A480B428-5A5E-8D8F-6D8E-2CCBFF6029FA}" = CCC Help Norwegian "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A7AF2BC7-FCFB-03CB-DA36-5E9D44A53091}" = CCC Help Turkish "{A8FD0C55-0D21-89F3-57E9-1E22235765B3}" = CCC Help Finnish "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6 "{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.6 - Deutsch "{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer "{B5DCE5D7-6FDD-D5C2-C6B7-14E264E695C9}" = Catalyst Control Center Core Implementation "{B5FE6702-0B5F-6866-7FD2-A7B28BCAB15B}" = Catalyst Control Center Localization Japanese "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B89BD504-63FF-03DC-5B8B-CEBCEBF2B08D}" = CCC Help English "{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology "{C263E891-CA9F-7CE4-B31D-6A100D5D2F3C}" = CCC Help Polish "{C4693D41-87C5-A2E0-00AB-5E0A0A205E9E}" = CCC Help Italian "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1 "{DB891739-2EB3-45A8-9CBD-941C255CECD4}" = ASUS Touch Pad Extra "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{DCC7315A-F551-0778-AFC1-C19D853E0AFA}" = Catalyst Control Center Localization Turkish "{DCE907E3-4D72-4CD3-A08A-BEFC8C7A5869}" = Branding "{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash "{DF6D07CB-BA1B-60D3-8D51-69A5775AC7D9}" = CCC Help Thai "{E26DD81D-91CF-7348-65E2-5AC16E14612B}" = Catalyst Control Center Localization Polish "{E33E9943-2679-C829-5E9E-4D981A1C264C}" = CCC Help Danish "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{E7F0262E-84B8-9EBE-D6FD-E3865FCDB0EB}" = Catalyst Control Center Localization Italian "{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = Trust Webcam "{ED8C5498-6C39-92E6-B17F-414BF1722E42}" = Catalyst Control Center Graphics Previews Vista "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F173C327-FAA5-D463-2CBD-A4818C7EDC8C}" = Catalyst Control Center Graphics Full Existing "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F49109F4-EA87-B982-8A66-CCD32C6FC8AF}" = CCC Help Greek "{F5AB638D-91F6-6517-9872-BE6996E06AF6}" = CCC Help Dutch "{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = PowerForPhone "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver "ATI Uninstaller" = ATI Uninstaller "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "DivX Setup.divx.com" = DivX-Setup "ENTERPRISE" = Microsoft Office Enterprise 2007 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4 "InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 8.0.1 (x86 de)" = Mozilla Firefox 8.0.1 (x86 de) "PokerStars" = PokerStars "PROHYBRIDR" = 2007 Microsoft Office system "SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software "SMSERIAL" = Motorola SM56 Speakerphone Modem "SWnD5-LLT" = GX Simulator "SynTPDeinstKey" = Synaptics Pointing Device Driver "TVUPlayer" = TVUPlayer 2.5.3.1 "Uninstall_is1" = Uninstall 1.0.0.1 "Veetle TV" = Veetle TV 0.9.18 "VLC media player" = VLC media player 1.1.2 "WinGimp-2.0_is1" = GIMP 2.6.11 "WinRAR archiver" = WinRAR ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > |
Themen zu Aus Sicherheitsgründen wurde ihr Windowssystem blockiert... |
aus sicherheitsgründen, extras, sicherheitsgründe, sicherheitsgründen, vorgehen, was tun, windowssystem, wurde ihr |