| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Facebook und MSN Messenger funktionieren nichtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.01.2012, 16:26
| #1 |
| |  Facebook und MSN Messenger funktionieren nicht Hallo liebe trojaner.board'ler! Ich hab jetzt schon mindestens 2 stunden mit googlen und threads durchforschen verbracht und immer noch keine hilfe gefunden. Also, zu meinem Problem: Ich versuche mich bei Facebook anzumelden ich komme auch auf die login page, aber wenn ich meine daten eingegeben habe und auf anmelden klicke kommt seiten ladefehler und in der URL Leiste wird versucht eine HTTPS:// URL aufzurufen... somit kam mir die idee, dass es nicht an facebook liegt, sondern an der HTTPS:// verschlüsslung, also habe ich das ganze mit anderen websiten versucht, und ins schwarze getroffen, mein Problem ist jetzt ich weiß nicht wie ich mache das mein Browser die HTTPS verschlüsselten seiten wieder aufruft. Weiß jemand weiter? Mit freundlichen Grüßen Bloodwork 28, Danke im Vorraus (= |
|
30.01.2012, 17:49
| #2 | |||
| /// Helfer-Team    | Facebook und MSN Messenger funktionieren nicht Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Für Vista und Win7: Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen! 1. Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
2. Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen: Lade dir das Tool CCleaner herunter → Download installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein 3. Lade dir von hier -> TrendMicro™ HijackThis™/Version 2.0.4 herunter Zitat:
Zitat:
kira
__________________ |
|
30.01.2012, 18:09
| #3 |
| | Facebook und MSN Messenger funktionieren nicht OTL.txt:
__________________Code:
ATTFilter OTL logfile created on: 30.01.2012 17:57:46 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kilian\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 56,53% Memory free 7,72 Gb Paging File | 5,73 Gb Available in Paging File | 74,24% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 60,00 Gb Total Space | 24,25 Gb Free Space | 40,42% Space Free | Partition Type: NTFS Drive D: | 465,76 Gb Total Space | 65,73 Gb Free Space | 14,11% Space Free | Partition Type: NTFS Drive E: | 403,75 Gb Total Space | 341,11 Gb Free Space | 84,49% Space Free | Partition Type: NTFS Drive H: | 14,93 Gb Total Space | 14,79 Gb Free Space | 99,08% Space Free | Partition Type: NTFS Computer Name: FTS-PC | User Name: Kilian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\Kilian\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) PRC - E:\Program Files\VMWare\vmware-authd.exe (VMware, Inc.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () PRC - C:\Programme\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe (AuthenTec, Inc.) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED) PRC - C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED) ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (FPLService) -- C:\Program Files\TrueSuite\TrueSuite.Service.exe (AuthenTec, Inc) SRV:64bit: - (VFPRadioSupportService) -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe (CSR, plc) SRV:64bit: - (LogonUserService) -- C:\Program Files\SmartCase Logon+\System\logonuser.exe (iC ComPas GmbH & Co KG) SRV:64bit: - (SmartyLogService) -- C:\Program Files\SmartCase Logon+\System\SmartyLog.exe (iC ComPas GmbH & Co KG) SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation) SRV:64bit: - (O2FLASH) -- C:\Windows\SysNative\drivers\o2flash.exe (O2Micro International) SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) SRV - (VMAuthdService) -- E:\Program Files\VMWare\vmware-authd.exe (VMware, Inc.) SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc.) SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (AVerScheduleService) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe () SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (AVerRemote) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe (AVerMedia) SRV - (Apache2.2) -- C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) SRV - (PowerSavingUtilityService) -- C:\Programme\Fujitsu\PSUtility\PSUService.exe (FUJITSU LIMITED) SRV - (WirelessSelectorService) -- C:\Programme\Fujitsu\WirelessSelector\WSUService.exe () SRV - (SmartCaseServer) -- C:\Programme\SmartCase Logon+\Password Manager\SmartCaseServer.exe () SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (vmm) -- C:\Windows\SysNative\Treiber\VMM.sys (Microsoft Corporation) DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.) DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.) DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.) DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.) DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.) DRV:64bit: - (avmaudio) -- C:\Windows\SysNative\drivers\avmaudio.sys (AVM Berlin) DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.) DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (ATSwpWDF) -- C:\Windows\SysNative\drivers\ATSwpWDF.sys (AuthenTec, Inc.) DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (fcrimg4) -- C:\Windows\SysNative\drivers\fcrimg4.sys (iC ComPas GmbH & Co KG ) DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (AVerAF15DMBTH64) -- C:\Windows\SysNative\drivers\AVerAF15DMBTH64.sys (AVerMedia TECHNOLOGIES, Inc.) DRV:64bit: - (O2MDGRDR) -- C:\Windows\SysNative\drivers\o2mdgx64.sys (O2Micro ) DRV:64bit: - (O2SDGRDR) -- C:\Windows\SysNative\drivers\o2sdgx64.sys (O2Micro ) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (Dot4Scan) -- C:\Windows\SysNative\drivers\Dot4Scan.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (FscGabi) -- C:\Windows\SysNative\drivers\FscGabi.sys (Fujitsu Technology Solutions) DRV:64bit: - (FscBapi) -- C:\Windows\SysNative\drivers\FscBapi.sys (Fujitsu Technology Solutions) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (FBIOSDRV) -- C:\Windows\SysNative\drivers\FBIOSDRV.SYS (FUJITSU LIMITED) DRV:64bit: - (VPCNetS2) -- C:\Windows\SysNative\drivers\VMNetSrv.sys (Microsoft Corporation) DRV:64bit: - (FUJ02E3) -- C:\Windows\SysNative\drivers\fuj02e3.sys (FUJITSU LIMITED) DRV:64bit: - (FUJ02B1) -- C:\Windows\SysNative\drivers\fuj02b1.sys (FUJITSU LIMITED) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.facebook.com/#!/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 76 2E FA 74 3D CE CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?AF=100581&babsrc=adbartrp&mntrId=265db2dc000000000000b282fe3e62c3&q=" FF - prefs.js..network.proxy.backup.ftp: "" FF - prefs.js..network.proxy.backup.ftp_port: 0 FF - prefs.js..network.proxy.backup.socks: "" FF - prefs.js..network.proxy.backup.socks_port: 0 FF - prefs.js..network.proxy.backup.ssl: "" FF - prefs.js..network.proxy.backup.ssl_port: 0 FF - prefs.js..network.proxy.ftp: "31.7.58.198" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.http: "31.7.58.198" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "31.7.58.198" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "31.7.58.198" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: E:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.06 15:49:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.10.17 20:55:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.09.25 21:39:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\Extensions [2012.01.06 21:50:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\rpy5wwxv.default\extensions [2011.11.04 22:19:52 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\rpy5wwxv.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.11.05 16:22:24 | 000,000,000 | ---D | M] (FDislike) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\rpy5wwxv.default\extensions\fbdislike@doweb.fr [2012.01.11 16:06:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.10.10 09:46:06 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011.10.19 17:03:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.10.21 11:55:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2012.01.11 16:06:42 | 000,000,000 | ---D | M] (TrueSuite Website Log On) -- C:\Program Files (x86)\mozilla firefox\extensions\websitelogon_toolbar@truesuite.com [2012.01.11 16:06:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\webstore@truesuite.com () (No name found) -- C:\USERS\KILIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RPY5WWXV.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.10.04 12:49:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.04 12:49:19 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.11.21 16:27:26 | 000,002,311 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2011.10.04 12:49:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.10.04 12:49:19 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.10.15 23:53:44 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml [2011.10.04 12:49:19 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.04 12:49:19 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.04 12:49:19 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.11.23 17:11:08 | 000,001,221 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 www.minecraft.net O2:64bit: - BHO: (SingleSignOn Class) - {37B109B0-E817-4072-8429-EDC6A987FCE3} - C:\Programme\SmartCase Logon+\Password Manager\SmartCaseBho.dll () O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\TrueSuite\TrueSuite.IEBHO.dll (AuthenTec Inc.) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SingleSignOn Class) - {37B109B0-E817-4072-8429-EDC6A987FCE3} - C:\Program Files (x86)\SmartCase Logon+\Password Manager\SmartCaseBho.dll () O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\TrueSuite\x86\TrueSuite.IEBHO.dll (AuthenTec Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [ClientAppLogon] C:\Programme\TrueSuite\TrueSuite.ClientAppLogonExe.exe (AuthenTec, Inc.) O4:64bit: - HKLM..\Run: [ClientAppLogon32] C:\Programme\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe (AuthenTec, Inc.) O4:64bit: - HKLM..\Run: [ConMgr] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe (CSR, plc) O4:64bit: - HKLM..\Run: [CSRSkype] C:\Programme\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe (CSR, plc) O4:64bit: - HKLM..\Run: [FDM7] C:\Programme\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [PSUTility] C:\Programme\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SclStart.exe] C:\Programme\SmartCase Logon+\System\SclStart.exe (Fujitsu Technologies Solutions) O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED) O4 - HKLM..\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: An OneNote s&enden - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - E:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: An OneNote s&enden - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - E:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0) O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{560D89A6-334F-4985-B70F-7DC8A387BEE2}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{9f542ac7-e7ab-11e0-ab21-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{9f542ac7-e7ab-11e0-ab21-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AUTORUN\AUTORUN.EXE O33 - MountPoints2\{efc446b9-eab6-11e0-b579-b482fe368424}\Shell - "" = AutoRun O33 - MountPoints2\{efc446b9-eab6-11e0-b579-b482fe368424}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.01.30 17:58:53 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Desktop\trojaner board [2012.01.30 17:55:36 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Kilian\Desktop\OTL.exe [2012.01.30 17:16:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.01.30 17:16:07 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Opera [2012.01.30 17:16:07 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\Opera [2012.01.30 17:15:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera [2012.01.30 15:11:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro [2012.01.30 15:11:47 | 000,000,000 | ---D | C] -- C:\rsit [2012.01.30 14:59:19 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{87D52DBD-FE12-4E30-831E-EE661CC293DA} [2012.01.30 14:58:58 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{0D13E97B-A07B-44FA-9B3A-C84B5ABA654D} [2012.01.29 13:24:53 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{76E126C0-D87F-40CC-9F07-222BA73B54F6} [2012.01.29 13:24:31 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{90B54753-4F49-44BE-B350-C7552E5D769E} [2012.01.29 01:23:50 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{10C4D6CD-4FDB-40B7-9E80-DF8325F62754} [2012.01.29 01:23:39 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{7626B3E3-5F86-4C6A-AAF4-54436BE9ACFF} [2012.01.28 13:23:26 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{1ACE1ED6-EEB7-4DCA-B041-E6622205096B} [2012.01.28 13:23:04 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{8A460344-9D26-4359-A5A7-B07E040CBD47} [2012.01.28 11:23:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PortForward [2012.01.28 11:23:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PortForward [2012.01.28 01:22:38 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{674632F9-FB87-4E19-B0B2-6EB2A7B7F87C} [2012.01.28 01:22:16 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{70E231E5-6A77-4557-BD38-238DD059645D} [2012.01.27 22:33:53 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\Outlook-Dateien [2012.01.27 22:22:25 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS [2012.01.27 22:01:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoKMS [2012.01.27 20:56:11 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\OneNote-Notizbücher [2012.01.27 20:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012.01.27 20:38:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2012.01.27 20:35:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012.01.27 20:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2012.01.27 19:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2012.01.27 19:40:49 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\Vitalwerks [2012.01.27 19:40:44 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC [2012.01.27 19:40:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\No-IP [2012.01.27 18:42:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hornet 2011 [2012.01.27 18:39:47 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2012.01.27 13:21:44 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{EB9D82B8-ABFF-4F8A-A264-F28E4241EF79} [2012.01.27 13:21:22 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{8632C940-E4D1-4F02-B8F8-E66C24226C8E} [2012.01.26 19:13:58 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{461C698C-67B4-477B-AADF-C533D0E1C27C} [2012.01.26 19:13:45 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{E0AE53DF-9143-48A7-B0A4-F59A504B6585} [2012.01.26 16:04:37 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\Virtual Machines [2012.01.26 07:12:43 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{B286260A-E721-4808-ACA2-F3C2E6BBB2FE} [2012.01.26 07:08:54 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{950066A1-0C83-4731-850A-8717CE46E041} [2012.01.25 18:59:41 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{C0E6CB77-82B9-4AB3-AF39-DF1EAE0EEEB0} [2012.01.25 18:59:18 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{01A222AF-15DA-42C1-AFCE-9450801B087D} [2012.01.25 13:03:35 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{01A816D6-29B2-4EDF-AB12-8ECA37352170} [2012.01.24 13:40:12 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{971FD276-3494-4CF7-AE9B-F3DC229266DF} [2012.01.24 13:40:01 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{ED7F9897-7969-4873-8B73-24E426BA417C} [2012.01.23 15:14:58 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{67CF3F15-79FD-4969-B91A-31552EE30C54} [2012.01.23 15:14:36 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{41519320-780C-443D-86A2-102F297442D0} [2012.01.22 20:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio [2012.01.22 09:43:56 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{337C542C-1D02-44C7-9240-E3BD12DDDCAB} [2012.01.22 09:43:34 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{49D83797-E990-4024-BFF3-BC8ACB16DAD6} [2012.01.21 21:43:01 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{F38F8142-64F8-419C-AC31-0679CF6D4CA5} [2012.01.21 21:42:38 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{08CCCE86-3410-4E37-8164-18A91B5B2027} [2012.01.21 09:41:31 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{A06EFD09-8705-4788-8FEC-370E695FC186} [2012.01.21 09:40:29 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{6891A9D3-B43E-4410-BDB9-065F21C98D75} [2012.01.20 13:33:27 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{291485E2-9022-4F5F-B80F-52BF057810FF} [2012.01.20 13:32:54 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{B941682A-3DFB-49C2-8315-1CCE469E7622} [2012.01.19 15:55:32 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{DAE8028F-C63F-4A22-9E51-4609C36A446F} [2012.01.19 15:55:21 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{4F9AC33A-F69F-427D-8DCB-71AB5982DC88} [2012.01.18 16:24:50 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{C620377D-F711-4D2B-8451-BD10C26E90A8} [2012.01.18 16:24:39 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{A39E1107-C553-4F13-82C6-91E944D5AE63} [2012.01.17 23:29:06 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.01.17 23:29:05 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012.01.17 23:29:05 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012.01.17 23:29:05 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012.01.17 23:29:05 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012.01.17 23:29:04 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012.01.17 13:52:02 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{BEFD4EF5-EC66-4CC8-9ECB-8A590BB86DD0} [2012.01.17 13:51:50 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{ECB037C9-9774-46E9-8F1C-11BD71E2C45E} [2012.01.16 22:48:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 5.1 [2012.01.16 22:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2012.01.16 22:18:24 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.01.16 22:18:24 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Adobe Mini Bridge CS5 [2012.01.16 15:17:29 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{33C82BD3-341A-460C-AC2A-EC4B8761D245} [2012.01.16 15:17:18 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{5CBC1661-55C4-4242-AA77-A4A91330E393} [2012.01.15 10:31:41 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{FE4CC1D5-FACB-4B31-A48C-273FB986379E} [2012.01.15 10:26:31 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{D54458D7-C69A-4FDE-9146-3B98FC226D4C} [2012.01.14 12:53:36 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{D551D799-2248-44FA-B3F3-2218693802AD} [2012.01.14 12:53:25 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{87353BC8-ED1B-4E98-8E17-57281C38ECEA} [2012.01.14 00:57:40 | 000,000,000 | ---D | C] -- C:\ProgramData\VS [2012.01.14 00:52:46 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{F44D4EBF-31E8-4B06-86F2-11511363631C} [2012.01.14 00:52:35 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{9A64D055-7207-4474-9E2E-5E8012F18C6D} [2012.01.12 19:11:59 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{7AB643B6-1232-4CDD-BFDD-49BB2D01CB0A} [2012.01.12 19:11:37 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{C804C4F8-12EA-4616-A211-8299E05E0714} [2012.01.12 07:10:54 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{A66F87AF-1D8E-47FD-9BB2-F646E7D40DF9} [2012.01.12 07:10:31 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{C33E3D11-564A-4D9E-827C-AE9C72BD40D2} [2012.01.11 16:15:39 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012.01.11 16:15:39 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012.01.11 16:15:38 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012.01.11 16:15:38 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012.01.11 16:15:34 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012.01.11 16:15:34 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012.01.11 16:15:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2012.01.11 16:06:44 | 000,000,000 | ---D | C] -- C:\ProgramData\TrueSuite [2012.01.11 16:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueSuite [2012.01.11 16:06:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\wocaffe [2012.01.11 16:06:28 | 000,000,000 | ---D | C] -- C:\Program Files\TrueSuite [2012.01.11 16:06:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AuthenTec [2012.01.11 16:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AuthenTec [2012.01.11 16:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2012.01.11 16:01:27 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{8DAE6783-E043-4494-A963-73D937F458DC} [2012.01.11 16:01:04 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{00EE200E-DBB2-4179-9842-EBCF79146C94} [2012.01.10 16:02:29 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2012.01.10 16:02:29 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2012.01.10 16:02:25 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2012.01.10 16:02:25 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2012.01.10 16:02:23 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2012.01.10 16:02:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2012.01.10 16:02:21 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2012.01.10 16:02:21 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2012.01.10 16:02:15 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2012.01.10 16:02:15 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2012.01.10 13:05:43 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.01.10 13:05:42 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.01.10 13:05:40 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.01.10 13:05:40 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.01.10 13:05:39 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.01.10 13:05:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.01.10 13:05:37 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.01.10 13:05:37 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.01.10 13:05:37 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.01.10 13:05:36 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.01.10 13:05:35 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.01.10 13:02:37 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{4CFDBF10-A663-42D3-903A-838790A71C23} [2012.01.10 13:01:28 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{1C80D961-D1F5-4A1F-A231-8B1452A5820C} [2012.01.09 15:49:46 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2012.01.09 15:43:41 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2012.01.09 15:43:41 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2012.01.09 15:14:56 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{51EE0AC9-1E6A-42FA-92C3-4617A377338D} [2012.01.09 15:14:21 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{150584A1-0A48-43F8-BF5E-7D8DD2E82878} [2012.01.08 19:55:50 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{A0B4F3AF-5464-4D54-B344-6836A34336C2} [2012.01.08 19:55:16 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{DD97758C-51CB-4C63-87BF-36B1B70888B4} [2012.01.08 10:14:13 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{BCF5F231-0098-4844-BE50-43C420DB513E} [2012.01.07 22:01:36 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{8F55B8AF-8CFE-49B0-B6BF-C764CB5B8945} [2012.01.07 22:01:02 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{4BD793D4-5C28-42C1-ABB8-6C4FD1D30157} [2012.01.07 20:40:36 | 000,000,000 | ---D | C] -- C:\Users\Kilian\tsrec [2012.01.07 13:13:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VST3 [2012.01.07 13:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\VST3 Presets [2012.01.07 13:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Steinberg [2012.01.07 13:00:19 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg HALionOne [2012.01.07 13:00:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steinberg [2012.01.07 12:59:18 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Steinberg [2012.01.07 12:37:01 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{6010CAF9-823B-4420-AF8E-71613BF0F88B} [2012.01.06 20:27:10 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{6D5158FA-4531-4192-A00D-A16361796BFD} [2012.01.06 20:26:35 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{2994ACD9-7A81-48DF-976C-50943964C48B} [2012.01.05 15:34:08 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{100D6DF9-37BA-40C6-946D-260B93A30048} [2012.01.05 15:33:56 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{E35FF861-53CC-41CB-B32B-846C2F5B2A14} [2012.01.05 12:46:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Public Test [2012.01.05 12:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Public Test.temp [2012.01.05 12:29:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2012.01.05 00:45:47 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{CBDAEE08-72F4-482C-80C3-ABF27A2774F3} [2012.01.05 00:45:14 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{21CE92AE-570C-413E-97E9-272CC75DBE45} [2012.01.04 12:44:32 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{EC870E3C-F9CC-4DF2-86BB-61E964171FF3} [2012.01.04 12:44:21 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{476479EF-D9F0-4D03-A8C7-8DB5C3A0CE69} [2012.01.03 22:07:12 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{D3652C45-16E4-4290-A965-DB6F5576ECB5} [2012.01.03 22:06:36 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{1F229D7F-7FD5-4492-8732-CE618300003A} [2012.01.03 21:08:20 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\TeamViewer [2012.01.03 21:05:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer [2012.01.03 10:05:44 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{786A7E3C-A5D0-430B-A86E-002E103A14A1} [2012.01.03 10:05:11 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{0BEB0EDB-70D9-438B-AE73-37E11C1F18BD} [2012.01.02 21:59:42 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse [2012.01.02 21:19:25 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{B7EFF76A-DCF1-4FCC-BEA9-6F45FDD0F810} [2012.01.02 21:18:51 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{A8A58793-CAA1-4610-B808-42A06482472C} [2012.01.02 01:58:42 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{408D80D2-D813-4E23-85FB-0C5A76ADE47F} [2012.01.02 01:58:08 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{869FAAEF-8DB7-4DFF-B9B3-0E67899FAC7B} [2012.01.01 13:57:36 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{A3B8DDA6-825A-4CA1-AB6C-7F2455017CD2} [2012.01.01 13:56:34 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{F0789F50-674A-4502-B9C0-6B38E96BC626} [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.01.30 17:58:06 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.01.30 17:58:06 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.01.30 17:55:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Kilian\Desktop\OTL.exe [2012.01.30 17:50:39 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2012.01.30 17:50:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.01.30 17:50:22 | 3110,764,544 | -HS- | M] () -- C:\hiberfil.sys [2012.01.30 17:44:12 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat [2012.01.30 17:15:58 | 000,001,839 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2012.01.30 15:01:54 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.01.29 20:12:19 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat [2012.01.28 22:30:09 | 000,151,552 | ---- | M] () -- C:\Windows\KMSEmulator.exe [2012.01.28 12:58:25 | 000,184,895 | ---- | M] () -- C:\Users\Kilian\Documents\EinfProgJava.pdf [2012.01.28 10:30:40 | 000,120,634 | ---- | M] () -- C:\Users\Kilian\Documents\IMG3_0010.JPG [2012.01.27 22:33:43 | 001,837,150 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.01.27 22:33:43 | 000,770,154 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.01.27 22:33:43 | 000,723,824 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.01.27 22:33:43 | 000,175,574 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.01.27 22:33:43 | 000,148,312 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.01.27 22:14:59 | 000,446,258 | ---- | M] () -- C:\Windows\AutoKMS.exe [2012.01.27 22:07:09 | 001,804,032 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.01.27 22:01:08 | 005,025,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.01.27 18:42:35 | 002,466,121 | ---- | M] () -- C:\Windows\Hornet 2011.scr [2012.01.27 16:46:25 | 000,000,707 | ---- | M] () -- C:\Users\Kilian\Desktop\World of Warcraft.lnk [2012.01.26 20:24:38 | 000,405,820 | ---- | M] () -- C:\Users\Kilian\Documents\WoWScrnShot_012612_202132.jpg [2012.01.16 22:48:57 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader 5.1.lnk [2012.01.15 22:04:13 | 000,001,288 | ---- | M] () -- C:\Users\Kilian\Desktop\Shutdown.lnk [2012.01.15 14:38:19 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk [2012.01.11 17:11:20 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.01.11 16:05:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ATSwpWDF_01009.Wdf [2012.01.08 20:41:08 | 000,001,453 | ---- | M] () -- C:\Users\Kilian\Desktop\Internet Explorer.lnk [2012.01.08 20:24:56 | 000,407,195 | ---- | M] () -- C:\Users\Kilian\p2_quad_fkt_02.pdf [2012.01.03 21:05:18 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk [2012.01.02 21:59:43 | 000,000,312 | ---- | M] () -- C:\Users\Kilian\Desktop\Curse Client.appref-ms [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.01.30 17:15:58 | 000,001,851 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012.01.30 17:15:58 | 000,001,839 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2012.01.29 20:12:19 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat [2012.01.28 13:00:40 | 000,184,895 | ---- | C] () -- C:\Users\Kilian\Documents\EinfProgJava.pdf [2012.01.28 10:30:21 | 000,120,634 | ---- | C] () -- C:\Users\Kilian\Documents\IMG3_0010.JPG [2012.01.27 22:22:31 | 000,151,552 | ---- | C] () -- C:\Windows\KMSEmulator.exe [2012.01.27 22:22:25 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job [2012.01.27 20:46:13 | 000,446,258 | ---- | C] () -- C:\Windows\AutoKMS.exe [2012.01.27 18:42:38 | 002,466,121 | ---- | C] () -- C:\Windows\Hornet 2011.scr [2012.01.26 20:23:08 | 000,405,820 | ---- | C] () -- C:\Users\Kilian\Documents\WoWScrnShot_012612_202132.jpg [2012.01.16 22:48:57 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader 5.1.lnk [2012.01.11 16:05:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ATSwpWDF_01009.Wdf [2012.01.08 20:41:08 | 000,001,453 | ---- | C] () -- C:\Users\Kilian\Desktop\Internet Explorer.lnk [2012.01.08 20:24:51 | 000,407,195 | ---- | C] () -- C:\Users\Kilian\p2_quad_fkt_02.pdf [2012.01.03 21:05:18 | 000,001,184 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk [2012.01.03 21:05:18 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk [2012.01.02 21:59:43 | 000,000,312 | ---- | C] () -- C:\Users\Kilian\Desktop\Curse Client.appref-ms [2011.12.26 18:29:55 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.dll [2011.12.26 18:29:55 | 000,003,456 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.sys [2011.12.26 18:29:48 | 000,606,208 | ---- | C] () -- C:\Windows\SysWow64\sptlib21.dll [2011.12.26 18:29:48 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\sptlib01.dll [2011.12.26 18:29:48 | 000,294,912 | ---- | C] () -- C:\Windows\SysWow64\sptlib11.dll [2011.12.26 18:29:48 | 000,290,816 | ---- | C] () -- C:\Windows\SysWow64\sptlib22.dll [2011.12.26 18:29:48 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\sptlib03.dll [2011.12.26 18:29:48 | 000,225,280 | ---- | C] () -- C:\Windows\SysWow64\sptlib02.dll [2011.12.26 18:29:48 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\sptlib12.dll [2011.10.30 11:00:35 | 000,000,600 | ---- | C] () -- C:\Users\Kilian\AppData\Local\PUTTY.RND [2011.10.29 11:14:50 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll [2011.10.18 17:17:23 | 000,202,766 | ---- | C] () -- C:\Windows\SysWow64\cygncurses-9.dll [2011.10.16 02:24:49 | 001,837,150 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.10.13 21:23:57 | 000,000,132 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011.10.04 15:17:14 | 000,007,612 | ---- | C] () -- C:\Users\Kilian\AppData\Local\resmon.resmoncfg [2011.10.02 17:55:28 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2011.10.01 13:31:28 | 000,000,000 | ---- | C] () -- C:\Users\Kilian\AppData\Local\Tempstatus.cfg [2011.10.01 07:22:26 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.10.01 07:22:19 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2009.12.30 23:45:58 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\ImageSearchDLL.dll [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.19 19:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2007.04.10 01:55:00 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\lua5.1.dll [2007.03.01 11:38:42 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\SDL_gfx.dll [2006.06.27 06:47:08 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\SDL.dll [2006.06.26 18:39:36 | 001,101,824 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll [2006.06.26 18:39:36 | 000,229,376 | ---- | C] () -- C:\Windows\SysWow64\SDL_mixer.dll [2006.06.26 18:39:36 | 000,196,608 | ---- | C] () -- C:\Windows\SysWow64\smpeg.dll [2006.06.26 18:39:36 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\vorbisfile.dll [2006.06.26 18:39:36 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll [2006.06.16 15:15:52 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\physfs.dll [2006.06.16 08:03:32 | 000,241,664 | ---- | C] () -- C:\Windows\SysWow64\freeglut.dll [2006.06.09 18:51:46 | 000,372,736 | ---- | C] () -- C:\Windows\SysWow64\ode.dll [2006.05.23 01:44:24 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\alut.dll [2006.05.17 18:19:34 | 000,331,776 | ---- | C] () -- C:\Windows\SysWow64\SDL_ttf.dll [2006.05.17 18:10:00 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\SDL_net.dll [2006.05.17 09:57:36 | 000,385,090 | ---- | C] () -- C:\Windows\SysWow64\libtiff.dll [2006.05.17 09:57:36 | 000,169,443 | ---- | C] () -- C:\Windows\SysWow64\jpeg.dll [2006.05.17 09:57:36 | 000,126,976 | ---- | C] () -- C:\Windows\SysWow64\libpng12.dll [2006.05.17 09:57:36 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll [2006.05.17 09:57:36 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\SDL_image.dll [2005.04.15 04:57:02 | 000,037,376 | ---- | C] () -- C:\Windows\SysWow64\glfw.dll [1998.07.06 00:00:00 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\MSCC2DE.DLL ========== LOP Check ========== [2011.11.28 18:44:21 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\.minecraft [2012.01.19 21:25:28 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\DAEMON Tools Lite [2011.11.04 22:28:26 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\DVDVideoSoft [2011.11.04 22:28:22 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\DVDVideoSoftIEHelpers [2012.01.19 21:25:28 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\FileZilla [2011.10.16 00:37:34 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Foxit Software [2011.12.04 20:57:00 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Hardcore [2011.11.29 21:25:15 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\HTC [2011.11.29 21:25:17 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2011.10.01 07:21:07 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Leadertech [2011.11.29 22:59:52 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\MyPhoneExplorer [2011.10.15 20:39:58 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Notepad++ [2011.10.20 18:23:05 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\OpenOffice.org [2012.01.30 17:16:07 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Opera [2011.09.26 14:26:13 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\SmartCase [2012.01.16 22:18:24 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.01.07 13:20:53 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Steinberg [2011.12.07 12:36:03 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Synthesia [2012.01.03 21:08:20 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TeamViewer [2012.01.24 16:35:29 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Teeworlds [2012.01.27 20:59:49 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TeraCopy [2011.10.17 20:55:25 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Thunderbird [2011.09.26 14:27:41 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TrustedDesk [2011.12.24 00:53:52 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ts3overlay [2011.12.03 17:32:04 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\VOS [2012.01.30 17:50:39 | 000,000,292 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job [2012.01.04 21:51:11 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 30.01.2012 17:57:46 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kilian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 56,53% Memory free
7,72 Gb Paging File | 5,73 Gb Available in Paging File | 74,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60,00 Gb Total Space | 24,25 Gb Free Space | 40,42% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 65,73 Gb Free Space | 14,11% Space Free | Partition Type: NTFS
Drive E: | 403,75 Gb Total Space | 341,11 Gb Free Space | 84,49% Space Free | Partition Type: NTFS
Drive H: | 14,93 Gb Total Space | 14,79 Gb Free Space | 99,08% Space Free | Partition Type: NTFS
Computer Name: FTS-PC | User Name: Kilian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- E:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- E:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files
"{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{1FE95A4F-4DE6-42F7-BB67-A4E318571D0E}" = AuthenTec TrueSuite
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{3D093918-3EA6-43FE-ADD5-32DE22EE9B5E}" = SmartCase Logon+
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFe}" = Python 3.2.2 (64-bit)
"{51692C66-5505-41B8-92A7-548C69FB867C}" = Wireless Selector
"{519918B9-24E9-4227-B927-9DD4F0FDBD0E}" = Microsoft SQL Server Native Client
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{53C900F7-0CB1-3EDE-B9F3-76EDE6F0C253}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7 (64-bit)
"{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}" = iTunes
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7254349B-460B-488F-B4DB-A96100C5C48B}" = Power Saving Utility
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{7A61142C-CA19-4F3C-BA66-FF8F131501FA}" = Paint.NET v3.5.9
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{8DF73A13-F54C-4CB3-B4AD-4375A2E8F4F8}" = VmciSockets
"{8E16BB50-E49A-3647-BD4D-4D150DCCBFAE}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{91BFCC52-3668-43E5-AF4E-7667B3624D01}" = O2Micro Flash Memory Card Windows Driver
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DD58519-340D-467E-9988-1E55472A3FC1}" = ScBios64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2F4C332-2359-4ADE-AF0C-C631768BBB89}" = Bluetooth Feature Pack 5.0
"{C214301F-F5D7-36D9-B3A2-1467C5586495}" = Microsoft Help Viewer 1.1 Language Pack - DEU
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F75FFCEC-4807-319D-A186-5117EDFE8115}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Help Viewer 1.1 Language Pack - DEU" = Microsoft Help Viewer 1.1 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU
"nbi-nb-base-7.0.1.0.0" = NetBeans IDE 7.0.1
"nbi-tomcat-7.0.14.0.0" = Apache Tomcat 7.0.14
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeraCopy_is1" = TeraCopy 2.2
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}" = Microsoft Visual Basic PowerPacks 10.0
"{2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x86
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{52061908-F94F-3D78-AA50-B956039C845D}" = Microsoft Visual C# 2008 Express Edition - DEU
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C668416A-9213-4058-B7F2-01A42D85559D}" = Microsoft SQL Server System CLR Types
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5B18B60-4FC3-42AD-A629-9CA10ACC06CD}" = HTC Sync
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D81641E8-ABF1-3D07-803B-60E8FC619368}" = Microsoft Visual C# 2010 Express - DEU
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{D922EF97-6657-3075-BC93-A6CF59444E84}" = MSDN Library for Microsoft Visual Studio 2008 Express Editions
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"{E32260E7-0B10-43C7-9B77-AB9F4184676D}" = Microsoft SQL Server Compact 3.5 Design Tools DEU
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}" = Microsoft SQL Server 2008 R2 Management Objects
"{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1" = PantsOff 2.0
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"5513-1208-7298-9440" = JDownloader 0.9
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"AVerMedia A850 USB DMB-TH" = AVerMedia A850 USB DMB-TH 1.0.64.28
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"DAEMON Tools Lite" = DAEMON Tools Lite
"doxygen_is1" = doxygen 1.7.5.1
"FileZilla Client" = FileZilla Client 3.5.3
"Foxit Reader_is1" = Foxit Reader 5.1
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923
"GeoGebra" = GeoGebra
"HijackThis" = HijackThis 2.0.2
"Hornet 2011" = Hornet 2011
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{51692C66-5505-41B8-92A7-548C69FB867C}" = Wireless Selector
"InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}" = Power Saving Utility
"InstallShield_{91BFCC52-3668-43E5-AF4E-7667B3624D01}" = O2Micro Flash Memory Card Windows Driver
"InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"Microsoft Visual C# 2008 Express Edition - DEU" = Microsoft Visual C# 2008 Express Edition - DEU
"Microsoft Visual C# 2010 Express - DEU" = Microsoft Visual C# 2010 Express - DEU
"Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Mozilla Firefox 7.0.1 (x86 de)" = Mozilla Firefox 7.0.1 (x86 de)
"Mozilla Thunderbird (8.0)" = Mozilla Thunderbird (8.0)
"MPE" = MyPhoneExplorer
"MSDN Library for Microsoft Visual Studio 2008 Express Editions" = MSDN Library für Microsoft Visual Studio 2008 Express Editions
"NoIPDUC" = No-IP DUC
"Notepad++" = Notepad++
"Office14.SingleImage" = Microsoft Office Professional 2010
"Opera 11.61.1250" = Opera 11.61
"PortForward_is1" = PortForward version 1.00
"Tao" = Tao 2.0.0
"TeamViewer 7" = TeamViewer 7
"VLC media player" = VLC media player 1.1.11
"VMware_Player" = VMware Player
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft Public Test" = World of Warcraft Public Test
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"f018cf21c0452c64" = AVM FRITZ!Box USB-Fernanschluss
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Code:
ATTFilter Adobe Community Help Adobe Systems Incorporated 30.09.2011 3.0.0.400
Adobe Flash Player 11 ActiveX 64-bit Adobe Systems Incorporated 10.01.2012 6,00MB 11.1.102.55
Adobe Flash Player 11 Plugin 64-bit Adobe Systems Incorporated 18.12.2011 6,00MB 11.1.102.55
Apache Tomcat 7.0.14 08.12.2011
Apple Application Support Apple Inc. 01.12.2011 61,1MB 2.1.5
Apple Mobile Device Support Apple Inc. 01.12.2011 24,9MB 4.0.0.97
Apple Software Update Apple Inc. 05.10.2011 2,38MB 2.1.3.127
Audacity 1.3.13 (Unicode) Audacity Team 11.10.2011 40,2MB
AuthenTec TrueSuite AuthenTec, Inc. 10.01.2012 58,0MB 4.0.0.258
AVerMedia A850 USB DMB-TH 1.0.64.28 AVerMedia TECHNOLOGIES, Inc. 25.12.2011 1.0.64.28
AVerTV AVerMedia Technologies, Inc. 25.12.2011 29,9MB 6.0.18
AVM FRITZ!Box USB-Fernanschluss AVM Berlin 04.10.2011 2.2.1.0
Bluetooth Feature Pack 5.0 CSR Plc. 24.09.2011 7,13MB 5.0.13
Bonjour Apple Inc. 01.12.2011 2,04MB 3.0.0.10
CCleaner Piriform 29.01.2012 3.15
Crysis® 2 Electronic Arts 18.10.2011 7.757MB 1.0.0.0
Curse Client Curse 01.01.2012 4.0.1.180
DAEMON Tools Lite DT Soft Ltd 30.09.2011 4.41.3.0173
doxygen 1.7.5.1 Dimitri van Heesch 20.10.2011 22,5MB 1.7.5.1
FileZilla Client 3.5.3 FileZilla Project 14.01.2012 16,6MB 3.5.3
Foxit Reader 5.1 Foxit Corporation 15.01.2012 30,9MB 5.1.4.104
Free YouTube Download version 3.0.16.923 DVDVideoSoft Ltd. 03.11.2011 39,0MB
Free YouTube to MP3 Converter version 3.10.11.923 DVDVideoSoft Ltd. 03.11.2011 42,4MB
Fujitsu Display Manager 24.09.2011
Fujitsu Hotkey Utility FUJITSU LIMITED 24.09.2011 1,51MB 3.60.1.0
Fujitsu MobilityCenter Extension Utility 24.09.2011
Fujitsu System Extension Utility 24.09.2011
GeoGebra International GeoGebra Institute 06.12.2011 16,2MB 4.0.13.0
HijackThis 2.0.2 TrendMicro 29.01.2012 2.0.2
Hornet 2011 26.01.2012
HTC Driver Installer HTC Corporation 28.11.2011 1,91MB 3.0.0.013
HTC Sync HTC Corporation 28.11.2011 44,5MB 3.0.5579
Intel(R) Management Engine Components Intel Corporation 25.09.2011 6.0.0.1179
Intel(R) Turbo Boost Technology Driver Intel Corporation 25.09.2011 01.00.00.1030
iTunes Apple Inc. 01.12.2011 170,5MB 10.5.1.42
Java(TM) 6 Update 29 Oracle 18.10.2011 97,1MB 6.0.290
Java(TM) 7 (64-bit) Oracle 25.09.2011 93,3MB 7.0.0
Java(TM) SE Development Kit 7 (64-bit) Oracle 17.10.2011 233MB 1.7.0.0
JDownloader 0.9 AppWork GmbH 14.10.2011 0.9
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 15.10.2011 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 15.10.2011 2,94MB 4.0.30319
Microsoft .NET Framework 4 Extended Microsoft Corporation 15.10.2011 52,0MB 4.0.30319
Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 15.10.2011 10,7MB 4.0.30319
Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Corporation 15.10.2011 83,5MB 4.0.30319
Microsoft Help Viewer 1.0 Language Pack - DEU Microsoft Corporation 15.10.2011 1,95MB 1.0.30319
Microsoft Help Viewer 1.1 Microsoft Corporation 13.01.2012 3,97MB 1.1.40219
Microsoft Help Viewer 1.1 Language Pack - DEU Microsoft Corporation 13.01.2012 1,95MB 1.1.40219
Microsoft Office Professional 2010 Microsoft Corporation 26.01.2012 14.0.4763.1000
Microsoft Silverlight Microsoft Corporation 12.10.2011 60,3MB 4.0.60831.0
Microsoft SQL Server 2008 (64-bit) Microsoft Corporation 15.10.2011
Microsoft SQL Server 2008 Browser Microsoft Corporation 15.10.2011 8,00MB 10.1.2531.0
Microsoft SQL Server 2008 Native Client Microsoft Corporation 15.10.2011 7,08MB 10.1.2531.0
Microsoft SQL Server 2008 R2 Management Objects Microsoft Corporation 13.01.2012 14,4MB 10.50.1750.9
Microsoft SQL Server Compact 3.5 Design Tools DEU Microsoft Corporation 06.11.2011 8,53MB 3.5.5386.0
Microsoft SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 15.10.2011 3,69MB 3.5.8080.0
Microsoft SQL Server Compact 3.5 SP2 x64 DEU Microsoft Corporation 15.10.2011 4,81MB 3.5.8080.0
Microsoft SQL Server Native Client Microsoft Corporation 06.11.2011 5,48MB 9.00.3042.00
Microsoft SQL Server System CLR Types Microsoft Corporation 13.01.2012 0,93MB 10.50.1750.9
Microsoft SQL Server VSS Writer Microsoft Corporation 15.10.2011 3,59MB 10.1.2531.0
Microsoft Virtual PC 2007 Microsoft Corporation 10.12.2011 36,9MB 6.0.156.0
Microsoft Visual Basic PowerPacks 10.0 Microsoft 05.10.2011 1,47MB 10.0.20911
Microsoft Visual C# 2008 Express Edition - DEU Microsoft Corporation 06.11.2011
Microsoft Visual C# 2010 Express - DEU Microsoft Corporation 13.01.2012 10.0.40219
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 10.10.2011 2,38MB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 24.09.2011 0,69MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 24.09.2011 0,77MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 18.10.2011 0,23MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 27.09.2011 0,77MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 18.10.2011 0,23MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 24.09.2011 0,58MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 18.10.2011 0,22MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 27.09.2011 0,59MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 Microsoft Corporation 13.01.2012 20,8MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 10.01.2012 4,59MB 10.0.30319
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 Microsoft Corporation 13.01.2012 16,1MB 10.0.40219
Microsoft Visual C++ 2010 Express - DEU Microsoft Corporation 13.01.2012 10.0.40219
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU Microsoft Corporation 06.11.2011
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Corporation 13.01.2012 36,1MB 10.0.40219
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU Microsoft Corporation 13.01.2012 21,7MB 10.0.40219
Microsoft Visual Studio 2010 Service Pack 1 Microsoft Corporation 13.01.2012 76,0MB 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 14.01.2012 10.0.31119
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU Microsoft Corporation 13.01.2012 10.0.31007
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework Microsoft 06.11.2011 5,62MB 3.5.21022
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 Microsoft Corporation 06.11.2011 2,62MB 6.1.5288.17011
Mozilla Firefox 7.0.1 (x86 de) Mozilla 03.10.2011 32,7MB 7.0.1
Mozilla Thunderbird (8.0) Mozilla 19.11.2011 8.0 (de)
MSDN Library für Microsoft Visual Studio 2008 Express Editions Microsoft Corporation 06.11.2011
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 02.10.2011 1,28MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 02.10.2011 1,33MB 4.20.9876.0
MSXML 4.0 SP3 Parser Microsoft Corporation 28.11.2011 1,48MB 4.30.2100.0
MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 09.01.2012 1,53MB 4.30.2107.0
MyPhoneExplorer F.J. Wechselberger 20.11.2011 1.8.2
NetBeans IDE 7.0.1 NetBeans.org 17.10.2011 7.0.1
No-IP DUC Vitalwerks Internet Solutions LLC 26.01.2012 3.0.4
Notepad++ 14.10.2011 5.9.4
NVIDIA Drivers NVIDIA Corporation 24.09.2011 1.10
NVIDIA PhysX NVIDIA Corporation 10.10.2011 120,1MB 9.09.0720
O2Micro Flash Memory Card Windows Driver O2Micro International LTD. 24.09.2011 2.0.11
OpenOffice.org 3.3 OpenOffice.org 18.10.2011 415MB 3.3.9567
Opera 11.61 Opera Software ASA 29.01.2012 11.61.1250
Paint.NET v3.5.9 dotPDN LLC 04.10.2011 10,7MB 3.59.0
PantsOff 2.0 Christoph Bünger Software 08.12.2011 2.0
PortForward version 1.00 Michael K. O'Neill 27.01.2012
Power Saving Utility 24.09.2011
Python 3.2.2 (64-bit) Python Software Foundation 19.10.2011 52,4MB 3.2.2150
QuickTime Apple Inc. 05.10.2011 73,0MB 7.70.80.34
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 24.09.2011 6.0.1.5973
ScBios64 Fujitsu Siemens Computers 24.09.2011 0,46MB 2.0.0
Skype Click to Call Skype Technologies S.A. 09.10.2011 12,7MB 5.6.8312
Skype™ 5.5 Skype Technologies S.A. 09.10.2011 17,0MB 5.5.119
SmartCase Logon+ iC Compas GmbH Co KG 24.09.2011 36,9MB 3.0.2
Synaptics Pointing Device Driver Synaptics Incorporated 24.09.2011 14.0.10.0
Tao 2.0.0 Tao 07.11.2011 2.0.0
TeamSpeak 3 Client TeamSpeak Systems GmbH 24.09.2011
TeamViewer 7 TeamViewer 02.01.2012 7.0.12313
TeraCopy 2.2 Code Sector Inc. 14.10.2011
Unterstützungsdateien für Microsoft SQL Server 2008-Setup Microsoft Corporation 15.10.2011 33,7MB 10.1.2731.0
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 10.11.2011 11,2MB 4.0.8080.0
VLC media player 1.1.11 VideoLAN 24.09.2011 1.1.11
VMware Player VMware, Inc 11.12.2011 391MB 4.0.1.27038
Windows Live Essentials Microsoft Corporation 25.09.2011 15.4.3538.0513
WinRAR 4.01 (64-Bit) win.rar GmbH 30.09.2011 4.01.0
Wireless Selector 24.09.2011
World of Warcraft Public Test Blizzard Entertainment 04.01.2012 0.0.0.0
|
|
30.01.2012, 18:10
| #4 |
| | Facebook und MSN Messenger funktionieren nicht hijackthis.log: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:05:55, on 30.01.2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\trend micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Single Sign On Helper Object - {37B109B0-E817-4072-8429-EDC6A987FCE3} - C:\Program Files (x86)\SmartCase Logon+\Password Manager\SmartCaseBho.dll O2 - BHO: TrueSuite WebStore - {5cb2b77d-c8ca-44db-af20-a7a4df462a12} - mscoree.dll (file missing) O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\TrueSuite\x86\TrueSuite.IEBHO.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe O4 - HKLM\..\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O8 - Extra context menu item: An OneNote s&enden - res://E:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://E:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: TrueSuiteService (FPLService) - AuthenTec, Inc - C:\Program Files\TrueSuite\TrueSuite.Service.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: LogonUser Service (LogonUserService) - iC ComPas GmbH & Co KG - C:\Program Files\SmartCase Logon+\System\logonuser.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\DRIVERS\o2flash.exe (file missing) O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PowerSavingUtilityService - FUJITSU LIMITED - C:\Program Files\Fujitsu\PSUtility\PSUService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SmartCaseServer - Unknown owner - C:\Program Files\SmartCase Logon+\Password Manager\SmartCaseServer.exe O23 - Service: SmartyLogService - iC ComPas GmbH & Co KG - C:\Program Files\SmartCase Logon+\System\SmartyLog.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Unterstützung für Bluetooth-Funktionen (VFPRadioSupportService) - CSR, plc - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\Program Files\VMWare\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WirelessSelectorService - Unknown owner - C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10692 bytes |
|
30.01.2012, 18:25
| #5 | |||
| /// Helfer-Team | Facebook und MSN Messenger funktionieren nicht 1. Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis starten→ "Do a system scan only"→ Einträge auswählen→ Häckhen setzen→ "Fix checked" klicken→ PC neu aufstarten): HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen Code:
ATTFilter O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
poste erneut - nach der vorgenommenen Reinigungsaktion: TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!! ► Rechtsklick auf HijackThis-> "Als administrator ausführen" wählen... 3. Im Firefox: wenn nicht absichtlich eingetragen, kannst entfernen Zitat:
 4. ► beantworte mir bitte folgende Frage: Im Firefox: dir bekannte Eintragung unter Proxy? Zitat:
Hast du es denn in der Hosts selbst eingetragen bzw absichtlich zugefügt? Wenn ja, warum? Code:
ATTFilter O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 www.minecraft.net
6. Zitat:
Code:
ATTFilter :OTL
O4:64bit: - HKLM..\Run: [] File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9f542ac7-e7ab-11e0-ab21-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9f542ac7-e7ab-11e0-ab21-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AUTORUN\AUTORUN.EXE
O33 - MountPoints2\{efc446b9-eab6-11e0-b579-b482fe368424}\Shell - "" = AutoRun
O33 - MountPoints2\{efc446b9-eab6-11e0-b579-b482fe368424}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
:Commands
[purity]
[emptytemp]
7. erneut einen Scan mit OTL:
8. reinige dein System mit CCleaner:
9.
10. Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen. Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung 11. -> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<< ► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! Geändert von kira (30.01.2012 um 18:31 Uhr) |
|
30.01.2012, 19:03
| #6 |
| | Facebook und MSN Messenger funktionieren nicht 2. Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:43:29, on 30.01.2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\trend micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Single Sign On Helper Object - {37B109B0-E817-4072-8429-EDC6A987FCE3} - C:\Program Files (x86)\SmartCase Logon+\Password Manager\SmartCaseBho.dll O2 - BHO: TrueSuite WebStore - {5cb2b77d-c8ca-44db-af20-a7a4df462a12} - mscoree.dll (file missing) O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\TrueSuite\x86\TrueSuite.IEBHO.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe O4 - HKLM\..\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O8 - Extra context menu item: An OneNote s&enden - res://E:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://E:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: TrueSuiteService (FPLService) - AuthenTec, Inc - C:\Program Files\TrueSuite\TrueSuite.Service.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: LogonUser Service (LogonUserService) - iC ComPas GmbH & Co KG - C:\Program Files\SmartCase Logon+\System\logonuser.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\DRIVERS\o2flash.exe (file missing) O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PowerSavingUtilityService - FUJITSU LIMITED - C:\Program Files\Fujitsu\PSUtility\PSUService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SmartCaseServer - Unknown owner - C:\Program Files\SmartCase Logon+\Password Manager\SmartCaseServer.exe O23 - Service: SmartyLogService - iC ComPas GmbH & Co KG - C:\Program Files\SmartCase Logon+\System\SmartyLog.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Unterstützung für Bluetooth-Funktionen (VFPRadioSupportService) - CSR, plc - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\Program Files\VMWare\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WirelessSelectorService - Unknown owner - C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10333 bytes Wird mir unter den Add-ons von Firefox nicht angezeigt. wie kann ich es ander entfernen? 4. ja, den proxy server habe ich eingetragen. Aber er ist nicht aktiviert. 6. Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:43:29, on 30.01.2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\trend micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Single Sign On Helper Object - {37B109B0-E817-4072-8429-EDC6A987FCE3} - C:\Program Files (x86)\SmartCase Logon+\Password Manager\SmartCaseBho.dll O2 - BHO: TrueSuite WebStore - {5cb2b77d-c8ca-44db-af20-a7a4df462a12} - mscoree.dll (file missing) O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\TrueSuite\x86\TrueSuite.IEBHO.dll O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe O4 - HKLM\..\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O8 - Extra context menu item: An OneNote s&enden - res://E:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://E:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: TrueSuiteService (FPLService) - AuthenTec, Inc - C:\Program Files\TrueSuite\TrueSuite.Service.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: LogonUser Service (LogonUserService) - iC ComPas GmbH & Co KG - C:\Program Files\SmartCase Logon+\System\logonuser.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\DRIVERS\o2flash.exe (file missing) O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PowerSavingUtilityService - FUJITSU LIMITED - C:\Program Files\Fujitsu\PSUtility\PSUService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SmartCaseServer - Unknown owner - C:\Program Files\SmartCase Logon+\Password Manager\SmartCaseServer.exe O23 - Service: SmartyLogService - iC ComPas GmbH & Co KG - C:\Program Files\SmartCase Logon+\System\SmartyLog.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: Unterstützung für Bluetooth-Funktionen (VFPRadioSupportService) - CSR, plc - C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\Program Files\VMWare\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WirelessSelectorService - Unknown owner - C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10333 bytes |
|
30.01.2012, 19:20
| #7 |
| | Facebook und MSN Messenger funktionieren nicht 7. OTL.txt: Code:
ATTFilter OTL logfile created on: 30.01.2012 18:57:03 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kilian\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 62,12% Memory free 7,72 Gb Paging File | 6,05 Gb Available in Paging File | 78,34% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 60,00 Gb Total Space | 26,58 Gb Free Space | 44,31% Space Free | Partition Type: NTFS Drive D: | 465,76 Gb Total Space | 65,74 Gb Free Space | 14,11% Space Free | Partition Type: NTFS Drive E: | 403,75 Gb Total Space | 341,93 Gb Free Space | 84,69% Space Free | Partition Type: NTFS Drive H: | 14,93 Gb Total Space | 14,79 Gb Free Space | 99,08% Space Free | Partition Type: NTFS Computer Name: FTS-PC | User Name: Kilian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found -- PRC - [2012.01.30 17:55:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Kilian\Desktop\OTL.exe PRC - [2011.12.14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2011.11.13 23:42:54 | 000,354,416 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe PRC - [2011.11.13 23:42:52 | 000,433,264 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe PRC - [2011.11.13 21:49:40 | 000,079,872 | ---- | M] (VMware, Inc.) -- E:\Program Files\VMWare\vmware-authd.exe PRC - [2011.10.04 12:49:23 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011.08.12 17:13:26 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2010.07.29 08:57:18 | 000,307,520 | ---- | M] (AuthenTec, Inc.) -- C:\Programme\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe PRC - [2009.11.01 16:04:50 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009.11.01 16:04:44 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009.10.09 20:06:50 | 000,047,976 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe PRC - [2009.06.16 19:19:32 | 000,036,712 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe ========== Modules (No Company Name) ========== MOD - [2011.10.04 12:49:22 | 001,833,944 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.07.29 08:56:48 | 000,288,064 | ---- | M] (AuthenTec, Inc) [Auto | Running] -- C:\Program Files\TrueSuite\TrueSuite.Service.exe -- (FPLService) SRV:64bit: - [2009.10.12 18:32:38 | 000,145,792 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe -- (VFPRadioSupportService) SRV:64bit: - [2009.07.24 07:08:00 | 000,280,128 | ---- | M] (iC ComPas GmbH & Co KG) [Auto | Running] -- C:\Program Files\SmartCase Logon+\System\logonuser.exe -- (LogonUserService) SRV:64bit: - [2009.03.12 12:04:14 | 000,321,600 | ---- | M] (iC ComPas GmbH & Co KG) [On_Demand | Stopped] -- C:\Program Files\SmartCase Logon+\System\SmartyLog.exe -- (SmartyLogService) SRV:64bit: - [2007.11.08 01:11:22 | 004,466,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90) SRV:64bit: - [2007.02.11 16:43:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH) SRV - [2011.12.14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2011.11.13 23:42:54 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2011.11.13 23:42:52 | 000,433,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2011.11.13 21:49:40 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- E:\Program Files\VMWare\vmware-authd.exe -- (VMAuthdService) SRV - [2011.08.29 22:11:04 | 000,846,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService) SRV - [2011.08.12 17:13:26 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009.12.07 07:13:14 | 000,397,312 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService) SRV - [2009.11.01 16:04:50 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009.11.01 16:04:44 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009.10.31 00:48:42 | 000,348,160 | ---- | M] (AVerMedia) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote) SRV - [2009.08.05 23:00:00 | 000,024,640 | ---- | M] (Apache Software Foundation) [Disabled | Stopped] -- C:\xampp\apache\bin\httpd.exe -- (Apache2.2) SRV - [2009.07.30 09:43:00 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Programme\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService) SRV - [2009.07.21 17:31:20 | 000,062,312 | ---- | M] () [Auto | Running] -- C:\Programme\Fujitsu\WirelessSelector\WSUService.exe -- (WirelessSelectorService) SRV - [2009.07.01 12:40:00 | 000,324,672 | ---- | M] () [Auto | Running] -- C:\Programme\SmartCase Logon+\Password Manager\SmartCaseServer.exe -- (SmartCaseServer) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.01.10 13:13:37 | 000,294,232 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Treiber\VMM.sys -- (vmm) DRV:64bit: - [2011.11.13 23:43:36 | 000,063,088 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:64bit: - [2011.11.13 23:42:40 | 000,032,880 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd) DRV:64bit: - [2011.11.13 23:42:12 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:64bit: - [2011.11.13 21:33:56 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge) DRV:64bit: - [2011.11.13 21:33:56 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:64bit: - [2011.10.05 11:01:23 | 000,116,096 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avmaudio.sys -- (avmaudio) DRV:64bit: - [2011.10.03 15:41:58 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2011.10.01 07:13:22 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011.08.29 22:11:04 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:64bit: - [2011.08.08 14:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:64bit: - [2011.08.02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.08.09 05:29:18 | 000,905,576 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF) DRV:64bit: - [2010.06.25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:64bit: - [2009.11.20 14:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.11.13 13:06:26 | 000,045,120 | ---- | M] (iC ComPas GmbH & Co KG ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fcrimg4.sys -- (fcrimg4) DRV:64bit: - [2009.11.02 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:64bit: - [2009.11.01 16:06:08 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009.11.01 16:04:44 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:64bit: - [2009.10.16 02:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:64bit: - [2009.10.09 18:16:28 | 000,293,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.10.05 23:33:58 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.07.27 07:45:10 | 000,592,256 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVerAF15DMBTH64.sys -- (AVerAF15DMBTH64) DRV:64bit: - [2009.07.20 10:43:00 | 000,072,352 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdgx64.sys -- (O2MDGRDR) DRV:64bit: - [2009.07.15 16:21:00 | 000,049,696 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdgx64.sys -- (O2SDGRDR) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:00:13 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dot4Scan.sys -- (Dot4Scan) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009.05.05 20:09:42 | 000,019,968 | ---- | M] (Fujitsu Technology Solutions) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FscGabi.sys -- (FscGabi) DRV:64bit: - [2009.05.05 20:08:48 | 000,018,944 | ---- | M] (Fujitsu Technology Solutions) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FscBapi.sys -- (FscBapi) DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2008.08.14 13:32:34 | 000,021,032 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\FBIOSDRV.SYS -- (FBIOSDRV) DRV:64bit: - [2007.01.29 06:20:34 | 000,079,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2) DRV:64bit: - [2006.11.01 18:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3) DRV:64bit: - [2006.11.01 18:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.facebook.com/#!/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 76 2E FA 74 3D CE CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?AF=100581&babsrc=adbartrp&mntrId=265db2dc000000000000b282fe3e62c3&q=" FF - prefs.js..network.proxy.backup.ftp: "" FF - prefs.js..network.proxy.backup.ftp_port: 0 FF - prefs.js..network.proxy.backup.socks: "" FF - prefs.js..network.proxy.backup.socks_port: 0 FF - prefs.js..network.proxy.backup.ssl: "" FF - prefs.js..network.proxy.backup.ssl_port: 0 FF - prefs.js..network.proxy.ftp: "31.7.58.198" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.http: "31.7.58.198" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "31.7.58.198" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "31.7.58.198" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: E:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.06 15:49:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.10.17 20:55:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.09.25 21:39:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\Extensions [2012.01.06 21:50:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\rpy5wwxv.default\extensions [2011.11.04 22:19:52 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\rpy5wwxv.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.11.05 16:22:24 | 000,000,000 | ---D | M] (FDislike) -- C:\Users\Kilian\AppData\Roaming\mozilla\Firefox\Profiles\rpy5wwxv.default\extensions\fbdislike@doweb.fr [2012.01.11 16:06:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.10.10 09:46:06 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011.10.19 17:03:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.10.21 11:55:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2012.01.11 16:06:42 | 000,000,000 | ---D | M] (TrueSuite Website Log On) -- C:\Program Files (x86)\mozilla firefox\extensions\websitelogon_toolbar@truesuite.com [2012.01.11 16:06:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\webstore@truesuite.com () (No name found) -- C:\USERS\KILIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RPY5WWXV.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.10.04 12:49:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.04 12:49:19 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.11.21 16:27:26 | 000,002,311 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2011.10.04 12:49:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.10.04 12:49:19 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.10.15 23:53:44 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml [2011.10.04 12:49:19 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.04 12:49:19 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.04 12:49:19 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.11.23 17:11:08 | 000,001,221 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 www.minecraft.net O2:64bit: - BHO: (SingleSignOn Class) - {37B109B0-E817-4072-8429-EDC6A987FCE3} - C:\Programme\SmartCase Logon+\Password Manager\SmartCaseBho.dll () O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\TrueSuite\TrueSuite.IEBHO.dll (AuthenTec Inc.) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SingleSignOn Class) - {37B109B0-E817-4072-8429-EDC6A987FCE3} - C:\Program Files (x86)\SmartCase Logon+\Password Manager\SmartCaseBho.dll () O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\TrueSuite\x86\TrueSuite.IEBHO.dll (AuthenTec Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O4:64bit: - HKLM..\Run: [ClientAppLogon] C:\Programme\TrueSuite\TrueSuite.ClientAppLogonExe.exe (AuthenTec, Inc.) O4:64bit: - HKLM..\Run: [ClientAppLogon32] C:\Programme\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe (AuthenTec, Inc.) O4:64bit: - HKLM..\Run: [ConMgr] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe (CSR, plc) O4:64bit: - HKLM..\Run: [CSRSkype] C:\Programme\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe (CSR, plc) O4:64bit: - HKLM..\Run: [FDM7] C:\Programme\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [PSUTility] C:\Programme\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SclStart.exe] C:\Programme\SmartCase Logon+\System\SclStart.exe (Fujitsu Technologies Solutions) O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED) O4 - HKLM..\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: An OneNote s&enden - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - E:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: An OneNote s&enden - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - E:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0) O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{560D89A6-334F-4985-B70F-7DC8A387BEE2}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.01.30 18:47:51 | 000,000,000 | ---D | C] -- C:\_OTL [2012.01.30 18:04:39 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2012.01.30 17:58:53 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Desktop\trojaner board [2012.01.30 17:55:36 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Kilian\Desktop\OTL.exe [2012.01.30 17:16:07 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Opera [2012.01.30 17:16:07 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\Opera [2012.01.30 17:15:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera [2012.01.30 15:11:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro [2012.01.30 15:11:47 | 000,000,000 | ---D | C] -- C:\rsit [2012.01.30 14:59:19 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{87D52DBD-FE12-4E30-831E-EE661CC293DA} [2012.01.30 14:58:58 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{0D13E97B-A07B-44FA-9B3A-C84B5ABA654D} [2012.01.29 13:24:53 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{76E126C0-D87F-40CC-9F07-222BA73B54F6} [2012.01.29 13:24:31 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{90B54753-4F49-44BE-B350-C7552E5D769E} [2012.01.29 01:23:50 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{10C4D6CD-4FDB-40B7-9E80-DF8325F62754} [2012.01.29 01:23:39 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{7626B3E3-5F86-4C6A-AAF4-54436BE9ACFF} [2012.01.28 13:23:26 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{1ACE1ED6-EEB7-4DCA-B041-E6622205096B} [2012.01.28 13:23:04 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{8A460344-9D26-4359-A5A7-B07E040CBD47} [2012.01.28 11:23:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PortForward [2012.01.28 11:23:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PortForward [2012.01.28 01:22:38 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{674632F9-FB87-4E19-B0B2-6EB2A7B7F87C} [2012.01.28 01:22:16 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{70E231E5-6A77-4557-BD38-238DD059645D} [2012.01.27 22:33:53 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\Outlook-Dateien [2012.01.27 22:22:25 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS [2012.01.27 22:01:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoKMS [2012.01.27 20:56:11 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\OneNote-Notizbücher [2012.01.27 20:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012.01.27 20:38:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2012.01.27 20:35:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012.01.27 20:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2012.01.27 19:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2012.01.27 19:40:49 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\Vitalwerks [2012.01.27 19:40:44 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC [2012.01.27 19:40:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\No-IP [2012.01.27 18:42:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hornet 2011 [2012.01.27 18:39:47 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2012.01.27 13:21:44 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{EB9D82B8-ABFF-4F8A-A264-F28E4241EF79} [2012.01.27 13:21:22 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{8632C940-E4D1-4F02-B8F8-E66C24226C8E} [2012.01.26 19:13:58 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{461C698C-67B4-477B-AADF-C533D0E1C27C} [2012.01.26 19:13:45 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{E0AE53DF-9143-48A7-B0A4-F59A504B6585} [2012.01.26 16:04:37 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\Virtual Machines [2012.01.26 07:12:43 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{B286260A-E721-4808-ACA2-F3C2E6BBB2FE} [2012.01.26 07:08:54 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{950066A1-0C83-4731-850A-8717CE46E041} [2012.01.25 18:59:41 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{C0E6CB77-82B9-4AB3-AF39-DF1EAE0EEEB0} [2012.01.25 18:59:18 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{01A222AF-15DA-42C1-AFCE-9450801B087D} [2012.01.25 13:03:35 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{01A816D6-29B2-4EDF-AB12-8ECA37352170} [2012.01.24 13:40:12 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{971FD276-3494-4CF7-AE9B-F3DC229266DF} [2012.01.24 13:40:01 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{ED7F9897-7969-4873-8B73-24E426BA417C} [2012.01.23 15:14:58 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{67CF3F15-79FD-4969-B91A-31552EE30C54} [2012.01.23 15:14:36 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{41519320-780C-443D-86A2-102F297442D0} [2012.01.22 20:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio [2012.01.22 09:43:56 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{337C542C-1D02-44C7-9240-E3BD12DDDCAB} [2012.01.22 09:43:34 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{49D83797-E990-4024-BFF3-BC8ACB16DAD6} [2012.01.21 21:43:01 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{F38F8142-64F8-419C-AC31-0679CF6D4CA5} [2012.01.21 21:42:38 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{08CCCE86-3410-4E37-8164-18A91B5B2027} [2012.01.21 09:41:31 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{A06EFD09-8705-4788-8FEC-370E695FC186} [2012.01.21 09:40:29 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{6891A9D3-B43E-4410-BDB9-065F21C98D75} [2012.01.20 13:33:27 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{291485E2-9022-4F5F-B80F-52BF057810FF} [2012.01.20 13:32:54 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{B941682A-3DFB-49C2-8315-1CCE469E7622} [2012.01.19 15:55:32 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{DAE8028F-C63F-4A22-9E51-4609C36A446F} [2012.01.19 15:55:21 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{4F9AC33A-F69F-427D-8DCB-71AB5982DC88} [2012.01.18 16:24:50 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{C620377D-F711-4D2B-8451-BD10C26E90A8} [2012.01.18 16:24:39 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{A39E1107-C553-4F13-82C6-91E944D5AE63} [2012.01.17 23:29:06 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.01.17 23:29:05 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012.01.17 23:29:05 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012.01.17 23:29:05 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012.01.17 23:29:05 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012.01.17 23:29:04 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012.01.17 13:52:02 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{BEFD4EF5-EC66-4CC8-9ECB-8A590BB86DD0} [2012.01.17 13:51:50 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{ECB037C9-9774-46E9-8F1C-11BD71E2C45E} [2012.01.16 22:48:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 5.1 [2012.01.16 22:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2012.01.16 22:18:24 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.01.16 22:18:24 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Adobe Mini Bridge CS5 [2012.01.16 15:17:29 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{33C82BD3-341A-460C-AC2A-EC4B8761D245} [2012.01.16 15:17:18 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{5CBC1661-55C4-4242-AA77-A4A91330E393} [2012.01.15 10:31:41 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{FE4CC1D5-FACB-4B31-A48C-273FB986379E} [2012.01.15 10:26:31 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{D54458D7-C69A-4FDE-9146-3B98FC226D4C} [2012.01.14 12:53:36 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{D551D799-2248-44FA-B3F3-2218693802AD} [2012.01.14 12:53:25 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{87353BC8-ED1B-4E98-8E17-57281C38ECEA} [2012.01.14 00:57:40 | 000,000,000 | ---D | C] -- C:\ProgramData\VS [2012.01.14 00:52:46 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{F44D4EBF-31E8-4B06-86F2-11511363631C} [2012.01.14 00:52:35 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{9A64D055-7207-4474-9E2E-5E8012F18C6D} [2012.01.12 19:11:59 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{7AB643B6-1232-4CDD-BFDD-49BB2D01CB0A} [2012.01.12 19:11:37 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{C804C4F8-12EA-4616-A211-8299E05E0714} [2012.01.12 07:10:54 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{A66F87AF-1D8E-47FD-9BB2-F646E7D40DF9} [2012.01.12 07:10:31 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{C33E3D11-564A-4D9E-827C-AE9C72BD40D2} [2012.01.11 16:15:39 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012.01.11 16:15:39 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012.01.11 16:15:38 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012.01.11 16:15:38 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012.01.11 16:15:34 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012.01.11 16:15:34 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012.01.11 16:15:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2012.01.11 16:06:44 | 000,000,000 | ---D | C] -- C:\ProgramData\TrueSuite [2012.01.11 16:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueSuite [2012.01.11 16:06:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\wocaffe [2012.01.11 16:06:28 | 000,000,000 | ---D | C] -- C:\Program Files\TrueSuite [2012.01.11 16:06:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AuthenTec [2012.01.11 16:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AuthenTec [2012.01.11 16:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2012.01.11 16:01:27 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{8DAE6783-E043-4494-A963-73D937F458DC} [2012.01.11 16:01:04 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{00EE200E-DBB2-4179-9842-EBCF79146C94} [2012.01.10 16:02:29 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2012.01.10 16:02:29 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2012.01.10 16:02:25 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2012.01.10 16:02:25 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2012.01.10 16:02:23 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2012.01.10 16:02:23 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2012.01.10 16:02:21 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2012.01.10 16:02:21 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2012.01.10 16:02:15 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2012.01.10 16:02:15 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2012.01.10 13:05:43 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.01.10 13:05:42 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.01.10 13:05:40 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.01.10 13:05:40 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.01.10 13:05:39 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.01.10 13:05:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.01.10 13:05:37 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.01.10 13:05:37 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.01.10 13:05:37 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.01.10 13:05:36 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.01.10 13:05:35 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.01.10 13:02:37 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{4CFDBF10-A663-42D3-903A-838790A71C23} [2012.01.10 13:01:28 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{1C80D961-D1F5-4A1F-A231-8B1452A5820C} [2012.01.09 15:49:46 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2012.01.09 15:43:41 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2012.01.09 15:43:41 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2012.01.09 15:14:56 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{51EE0AC9-1E6A-42FA-92C3-4617A377338D} [2012.01.09 15:14:21 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{150584A1-0A48-43F8-BF5E-7D8DD2E82878} [2012.01.08 19:55:50 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{A0B4F3AF-5464-4D54-B344-6836A34336C2} [2012.01.08 19:55:16 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{DD97758C-51CB-4C63-87BF-36B1B70888B4} [2012.01.08 10:14:13 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{BCF5F231-0098-4844-BE50-43C420DB513E} [2012.01.07 22:01:36 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{8F55B8AF-8CFE-49B0-B6BF-C764CB5B8945} [2012.01.07 22:01:02 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{4BD793D4-5C28-42C1-ABB8-6C4FD1D30157} [2012.01.07 20:40:36 | 000,000,000 | ---D | C] -- C:\Users\Kilian\tsrec [2012.01.07 13:13:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VST3 [2012.01.07 13:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\VST3 Presets [2012.01.07 13:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Steinberg [2012.01.07 13:00:19 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg HALionOne [2012.01.07 13:00:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steinberg [2012.01.07 12:59:18 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Steinberg [2012.01.07 12:37:01 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{6010CAF9-823B-4420-AF8E-71613BF0F88B} [2012.01.06 20:27:10 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{6D5158FA-4531-4192-A00D-A16361796BFD} [2012.01.06 20:26:35 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{2994ACD9-7A81-48DF-976C-50943964C48B} [2012.01.05 15:34:08 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{100D6DF9-37BA-40C6-946D-260B93A30048} [2012.01.05 15:33:56 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{E35FF861-53CC-41CB-B32B-846C2F5B2A14} [2012.01.05 12:46:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Public Test [2012.01.05 12:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Public Test.temp [2012.01.05 12:29:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2012.01.05 00:45:47 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{CBDAEE08-72F4-482C-80C3-ABF27A2774F3} [2012.01.05 00:45:14 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{21CE92AE-570C-413E-97E9-272CC75DBE45} [2012.01.04 12:44:32 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{EC870E3C-F9CC-4DF2-86BB-61E964171FF3} [2012.01.04 12:44:21 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{476479EF-D9F0-4D03-A8C7-8DB5C3A0CE69} [2012.01.03 22:07:12 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{D3652C45-16E4-4290-A965-DB6F5576ECB5} [2012.01.03 22:06:36 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{1F229D7F-7FD5-4492-8732-CE618300003A} [2012.01.03 21:08:20 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\TeamViewer [2012.01.03 21:05:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer [2012.01.03 10:05:44 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{786A7E3C-A5D0-430B-A86E-002E103A14A1} [2012.01.03 10:05:11 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{0BEB0EDB-70D9-438B-AE73-37E11C1F18BD} [2012.01.02 21:59:42 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse [2012.01.02 21:19:25 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{B7EFF76A-DCF1-4FCC-BEA9-6F45FDD0F810} [2012.01.02 21:18:51 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{A8A58793-CAA1-4610-B808-42A06482472C} [2012.01.02 01:58:42 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{408D80D2-D813-4E23-85FB-0C5A76ADE47F} [2012.01.02 01:58:08 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{869FAAEF-8DB7-4DFF-B9B3-0E67899FAC7B} [2012.01.01 13:57:36 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{A3B8DDA6-825A-4CA1-AB6C-7F2455017CD2} [2012.01.01 13:56:34 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\{F0789F50-674A-4502-B9C0-6B38E96BC626} ========== Files - Modified Within 30 Days ========== [2012.01.30 18:58:33 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.01.30 18:58:33 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.01.30 18:55:35 | 001,812,792 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.01.30 18:55:35 | 000,770,154 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.01.30 18:55:35 | 000,723,824 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.01.30 18:55:35 | 000,175,574 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.01.30 18:55:35 | 000,148,312 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.01.30 18:51:14 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2012.01.30 18:51:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.01.30 18:51:02 | 3110,764,544 | -HS- | M] () -- C:\hiberfil.sys [2012.01.30 18:04:39 | 000,002,981 | ---- | M] () -- C:\Users\Kilian\Desktop\HiJackThis.lnk [2012.01.30 17:55:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Kilian\Desktop\OTL.exe [2012.01.30 17:44:12 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat [2012.01.30 17:15:58 | 000,001,839 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2012.01.30 15:01:54 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.01.29 20:12:19 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat [2012.01.28 22:30:09 | 000,151,552 | ---- | M] () -- C:\Windows\KMSEmulator.exe [2012.01.28 12:58:25 | 000,184,895 | ---- | M] () -- C:\Users\Kilian\Documents\EinfProgJava.pdf [2012.01.28 10:30:40 | 000,120,634 | ---- | M] () -- C:\Users\Kilian\Documents\IMG3_0010.JPG [2012.01.27 22:33:43 | 001,837,150 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.01.27 22:14:59 | 000,446,258 | ---- | M] () -- C:\Windows\AutoKMS.exe [2012.01.27 22:01:08 | 005,025,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.01.27 18:42:35 | 002,466,121 | ---- | M] () -- C:\Windows\Hornet 2011.scr [2012.01.27 16:46:25 | 000,000,707 | ---- | M] () -- C:\Users\Kilian\Desktop\World of Warcraft.lnk [2012.01.26 20:24:38 | 000,405,820 | ---- | M] () -- C:\Users\Kilian\Documents\WoWScrnShot_012612_202132.jpg [2012.01.16 22:48:57 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader 5.1.lnk [2012.01.15 22:04:13 | 000,001,288 | ---- | M] () -- C:\Users\Kilian\Desktop\Shutdown.lnk [2012.01.15 14:38:19 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk [2012.01.11 17:11:20 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.01.11 16:05:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ATSwpWDF_01009.Wdf [2012.01.08 20:41:08 | 000,001,453 | ---- | M] () -- C:\Users\Kilian\Desktop\Internet Explorer.lnk [2012.01.08 20:24:56 | 000,407,195 | ---- | M] () -- C:\Users\Kilian\p2_quad_fkt_02.pdf [2012.01.03 21:05:18 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk [2012.01.02 21:59:43 | 000,000,312 | ---- | M] () -- C:\Users\Kilian\Desktop\Curse Client.appref-ms ========== Files Created - No Company Name ========== [2012.01.30 18:04:39 | 000,002,981 | ---- | C] () -- C:\Users\Kilian\Desktop\HiJackThis.lnk [2012.01.30 17:15:58 | 000,001,851 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2012.01.30 17:15:58 | 000,001,839 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2012.01.29 20:12:19 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat [2012.01.28 13:00:40 | 000,184,895 | ---- | C] () -- C:\Users\Kilian\Documents\EinfProgJava.pdf [2012.01.28 10:30:21 | 000,120,634 | ---- | C] () -- C:\Users\Kilian\Documents\IMG3_0010.JPG [2012.01.27 22:22:31 | 000,151,552 | ---- | C] () -- C:\Windows\KMSEmulator.exe [2012.01.27 22:22:25 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job [2012.01.27 20:46:13 | 000,446,258 | ---- | C] () -- C:\Windows\AutoKMS.exe [2012.01.27 18:42:38 | 002,466,121 | ---- | C] () -- C:\Windows\Hornet 2011.scr [2012.01.26 20:23:08 | 000,405,820 | ---- | C] () -- C:\Users\Kilian\Documents\WoWScrnShot_012612_202132.jpg [2012.01.16 22:48:57 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader 5.1.lnk [2012.01.11 16:05:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ATSwpWDF_01009.Wdf [2012.01.08 20:41:08 | 000,001,453 | ---- | C] () -- C:\Users\Kilian\Desktop\Internet Explorer.lnk [2012.01.08 20:24:51 | 000,407,195 | ---- | C] () -- C:\Users\Kilian\p2_quad_fkt_02.pdf [2012.01.03 21:05:18 | 000,001,184 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk [2012.01.03 21:05:18 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk [2012.01.02 21:59:43 | 000,000,312 | ---- | C] () -- C:\Users\Kilian\Desktop\Curse Client.appref-ms [2011.12.26 18:29:55 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.dll [2011.12.26 18:29:55 | 000,003,456 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.sys [2011.12.26 18:29:48 | 000,606,208 | ---- | C] () -- C:\Windows\SysWow64\sptlib21.dll [2011.12.26 18:29:48 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\sptlib01.dll [2011.12.26 18:29:48 | 000,294,912 | ---- | C] () -- C:\Windows\SysWow64\sptlib11.dll [2011.12.26 18:29:48 | 000,290,816 | ---- | C] () -- C:\Windows\SysWow64\sptlib22.dll [2011.12.26 18:29:48 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\sptlib03.dll [2011.12.26 18:29:48 | 000,225,280 | ---- | C] () -- C:\Windows\SysWow64\sptlib02.dll [2011.12.26 18:29:48 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\sptlib12.dll [2011.10.30 11:00:35 | 000,000,600 | ---- | C] () -- C:\Users\Kilian\AppData\Local\PUTTY.RND [2011.10.29 11:14:50 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll [2011.10.18 17:17:23 | 000,202,766 | ---- | C] () -- C:\Windows\SysWow64\cygncurses-9.dll [2011.10.16 02:24:49 | 001,837,150 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.10.13 21:23:57 | 000,000,132 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011.10.04 15:17:14 | 000,007,612 | ---- | C] () -- C:\Users\Kilian\AppData\Local\resmon.resmoncfg [2011.10.02 17:55:28 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2011.10.01 13:31:28 | 000,000,000 | ---- | C] () -- C:\Users\Kilian\AppData\Local\Tempstatus.cfg [2011.10.01 07:22:26 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.10.01 07:22:19 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2009.12.30 23:45:58 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\ImageSearchDLL.dll [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.19 19:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2007.04.10 01:55:00 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\lua5.1.dll [2007.03.01 11:38:42 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\SDL_gfx.dll [2006.06.27 06:47:08 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\SDL.dll [2006.06.26 18:39:36 | 001,101,824 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll [2006.06.26 18:39:36 | 000,229,376 | ---- | C] () -- C:\Windows\SysWow64\SDL_mixer.dll [2006.06.26 18:39:36 | 000,196,608 | ---- | C] () -- C:\Windows\SysWow64\smpeg.dll [2006.06.26 18:39:36 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\vorbisfile.dll [2006.06.26 18:39:36 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll [2006.06.16 15:15:52 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\physfs.dll [2006.06.16 08:03:32 | 000,241,664 | ---- | C] () -- C:\Windows\SysWow64\freeglut.dll [2006.06.09 18:51:46 | 000,372,736 | ---- | C] () -- C:\Windows\SysWow64\ode.dll [2006.05.23 01:44:24 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\alut.dll [2006.05.17 18:19:34 | 000,331,776 | ---- | C] () -- C:\Windows\SysWow64\SDL_ttf.dll [2006.05.17 18:10:00 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\SDL_net.dll [2006.05.17 09:57:36 | 000,385,090 | ---- | C] () -- C:\Windows\SysWow64\libtiff.dll [2006.05.17 09:57:36 | 000,169,443 | ---- | C] () -- C:\Windows\SysWow64\jpeg.dll [2006.05.17 09:57:36 | 000,126,976 | ---- | C] () -- C:\Windows\SysWow64\libpng12.dll [2006.05.17 09:57:36 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll [2006.05.17 09:57:36 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\SDL_image.dll [2005.04.15 04:57:02 | 000,037,376 | ---- | C] () -- C:\Windows\SysWow64\glfw.dll [1998.07.06 00:00:00 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\MSCC2DE.DLL ========== LOP Check ========== [2011.11.28 18:44:21 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\.minecraft [2012.01.19 21:25:28 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\DAEMON Tools Lite [2011.11.04 22:28:26 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\DVDVideoSoft [2011.11.04 22:28:22 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\DVDVideoSoftIEHelpers [2012.01.19 21:25:28 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\FileZilla [2011.10.16 00:37:34 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Foxit Software [2011.12.04 20:57:00 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Hardcore [2011.11.29 21:25:15 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\HTC [2011.11.29 21:25:17 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2011.10.01 07:21:07 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Leadertech [2011.11.29 22:59:52 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\MyPhoneExplorer [2011.10.15 20:39:58 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Notepad++ [2011.10.20 18:23:05 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\OpenOffice.org [2012.01.30 17:16:07 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Opera [2011.09.26 14:26:13 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\SmartCase [2012.01.16 22:18:24 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.01.07 13:20:53 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Steinberg [2011.12.07 12:36:03 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Synthesia [2012.01.03 21:08:20 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TeamViewer [2012.01.24 16:35:29 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Teeworlds [2012.01.27 20:59:49 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TeraCopy [2011.10.17 20:55:25 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Thunderbird [2011.09.26 14:27:41 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\TrustedDesk [2011.12.24 00:53:52 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ts3overlay [2011.12.03 17:32:04 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\VOS [2012.01.30 18:51:14 | 000,000,292 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job [2012.01.04 21:51:11 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 30.01.2012 18:57:03 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Kilian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 62,12% Memory free
7,72 Gb Paging File | 6,05 Gb Available in Paging File | 78,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60,00 Gb Total Space | 26,58 Gb Free Space | 44,31% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 65,74 Gb Free Space | 14,11% Space Free | Partition Type: NTFS
Drive E: | 403,75 Gb Total Space | 341,93 Gb Free Space | 84,69% Space Free | Partition Type: NTFS
Drive H: | 14,93 Gb Total Space | 14,79 Gb Free Space | 99,08% Space Free | Partition Type: NTFS
Computer Name: FTS-PC | User Name: Kilian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- E:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- E:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files
"{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{1FE95A4F-4DE6-42F7-BB67-A4E318571D0E}" = AuthenTec TrueSuite
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{3D093918-3EA6-43FE-ADD5-32DE22EE9B5E}" = SmartCase Logon+
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFe}" = Python 3.2.2 (64-bit)
"{51692C66-5505-41B8-92A7-548C69FB867C}" = Wireless Selector
"{519918B9-24E9-4227-B927-9DD4F0FDBD0E}" = Microsoft SQL Server Native Client
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{53C900F7-0CB1-3EDE-B9F3-76EDE6F0C253}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java(TM) SE Development Kit 7 (64-bit)
"{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}" = iTunes
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7254349B-460B-488F-B4DB-A96100C5C48B}" = Power Saving Utility
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{7A61142C-CA19-4F3C-BA66-FF8F131501FA}" = Paint.NET v3.5.9
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{8DF73A13-F54C-4CB3-B4AD-4375A2E8F4F8}" = VmciSockets
"{8E16BB50-E49A-3647-BD4D-4D150DCCBFAE}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{91BFCC52-3668-43E5-AF4E-7667B3624D01}" = O2Micro Flash Memory Card Windows Driver
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DD58519-340D-467E-9988-1E55472A3FC1}" = ScBios64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2F4C332-2359-4ADE-AF0C-C631768BBB89}" = Bluetooth Feature Pack 5.0
"{C214301F-F5D7-36D9-B3A2-1467C5586495}" = Microsoft Help Viewer 1.1 Language Pack - DEU
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F75FFCEC-4807-319D-A186-5117EDFE8115}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Help Viewer 1.1 Language Pack - DEU" = Microsoft Help Viewer 1.1 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU
"nbi-nb-base-7.0.1.0.0" = NetBeans IDE 7.0.1
"nbi-tomcat-7.0.14.0.0" = Apache Tomcat 7.0.14
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeraCopy_is1" = TeraCopy 2.2
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}" = Microsoft Visual Basic PowerPacks 10.0
"{2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x86
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content
"{52061908-F94F-3D78-AA50-B956039C845D}" = Microsoft Visual C# 2008 Express Edition - DEU
"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C668416A-9213-4058-B7F2-01A42D85559D}" = Microsoft SQL Server System CLR Types
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5B18B60-4FC3-42AD-A629-9CA10ACC06CD}" = HTC Sync
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D81641E8-ABF1-3D07-803B-60E8FC619368}" = Microsoft Visual C# 2010 Express - DEU
"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set
"{D922EF97-6657-3075-BC93-A6CF59444E84}" = MSDN Library for Microsoft Visual Studio 2008 Express Editions
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set
"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"{E32260E7-0B10-43C7-9B77-AB9F4184676D}" = Microsoft SQL Server Compact 3.5 Design Tools DEU
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne
"{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}" = Microsoft SQL Server 2008 R2 Management Objects
"{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1" = PantsOff 2.0
"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"5513-1208-7298-9440" = JDownloader 0.9
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"AVerMedia A850 USB DMB-TH" = AVerMedia A850 USB DMB-TH 1.0.64.28
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"DAEMON Tools Lite" = DAEMON Tools Lite
"doxygen_is1" = doxygen 1.7.5.1
"FileZilla Client" = FileZilla Client 3.5.3
"Foxit Reader_is1" = Foxit Reader 5.1
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923
"GeoGebra" = GeoGebra
"HijackThis" = HijackThis 2.0.2
"Hornet 2011" = Hornet 2011
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{51692C66-5505-41B8-92A7-548C69FB867C}" = Wireless Selector
"InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}" = Power Saving Utility
"InstallShield_{91BFCC52-3668-43E5-AF4E-7667B3624D01}" = O2Micro Flash Memory Card Windows Driver
"InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"Microsoft Visual C# 2008 Express Edition - DEU" = Microsoft Visual C# 2008 Express Edition - DEU
"Microsoft Visual C# 2010 Express - DEU" = Microsoft Visual C# 2010 Express - DEU
"Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Mozilla Firefox 7.0.1 (x86 de)" = Mozilla Firefox 7.0.1 (x86 de)
"Mozilla Thunderbird (8.0)" = Mozilla Thunderbird (8.0)
"MPE" = MyPhoneExplorer
"MSDN Library for Microsoft Visual Studio 2008 Express Editions" = MSDN Library für Microsoft Visual Studio 2008 Express Editions
"NoIPDUC" = No-IP DUC
"Notepad++" = Notepad++
"Office14.SingleImage" = Microsoft Office Professional 2010
"Opera 11.61.1250" = Opera 11.61
"PortForward_is1" = PortForward version 1.00
"Tao" = Tao 2.0.0
"TeamViewer 7" = TeamViewer 7
"VLC media player" = VLC media player 1.1.11
"VMware_Player" = VMware Player
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft Public Test" = World of Warcraft Public Test
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"f018cf21c0452c64" = AVM FRITZ!Box USB-Fernanschluss
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
|
30.01.2012, 19:33
| #8 |
| | Facebook und MSN Messenger funktionieren nicht 9.+11. keine Funde Ich kann immer noch keine SSL Verschlüsselten Website's aufrufen. |
|
31.01.2012, 15:52
| #9 | |
| /// Helfer-Team | Facebook und MSN Messenger funktionieren nicht 1. Zitat:
Code:
ATTFilter :OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.facebook.com/#!/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..keyword.URL: "http://search.babylon.com/?AF=100581&babsrc=adbartrp&mntrId=265db2dc000000000000b282fe3e62c3&q="
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.ftp: "31.7.58.198"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.http: "31.7.58.198"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "31.7.58.198"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "31.7.58.198"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0
[2011.11.21 16:27:26 | 000,002,311 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011.10.04 12:49:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.15 23:53:44 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2011.10.04 12:49:19 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
:Commands
[purity]
[emptytemp]
2. erneut einen Scan mit OTL:
► Hast du die Probleme immer noch?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
| Themen zu Facebook und MSN Messenger funktionieren nicht |
| andere, anderen, anmelden, aufruf, browser, daten, facebook, funktionieren, google, googlen, https, klicke, login, messenger, msn, msn messenger, problem, schwarze, seite, seiten, seitenladefehler, stunden, threads, troja, verschlüsslung, versuche, versucht, website, windows live messenger |
.
Linear-Darstellung
