| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Programm kann Webseite nicht anzeigen...TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.02.2012, 11:36
| #31 |
 |  Programm kann Webseite nicht anzeigen...Trojaner OTL Logfile: Code:
ATTFilter OTL logfile created on: 16.02.2012 11:15:52 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Familie Caliebe\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,93 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 49,99% Memory free 6,07 Gb Paging File | 4,38 Gb Available in Paging File | 72,13% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 92,21 Gb Total Space | 15,44 Gb Free Space | 16,74% Space Free | Partition Type: NTFS Drive D: | 465,76 Gb Total Space | 441,36 Gb Free Space | 94,76% Space Free | Partition Type: NTFS Drive E: | 364,76 Gb Total Space | 327,71 Gb Free Space | 89,84% Space Free | Partition Type: NTFS Computer Name: FAMCALIEBE-PC | User Name: Familie Caliebe | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.02.11 11:32:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.12.16 12:54:22 | 000,220,744 | ---- | M] (Geek Software GmbH) -- C:\Program Files\pdf24\pdf24.exe PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011.07.08 21:32:14 | 000,666,696 | ---- | M] (Juniper Networks) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2010.11.19 12:42:39 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2010.06.09 01:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE PRC - [2010.04.02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE PRC - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.07.12 20:36:26 | 002,260,992 | ---- | M] (FIC) -- C:\Program Files\Launch Pad\LaunchPad.exe PRC - [2008.06.19 13:07:44 | 002,184,464 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe PRC - [2008.06.19 13:03:46 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe PRC - [2008.06.19 13:03:22 | 000,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe PRC - [2008.06.05 23:42:14 | 000,520,192 | ---- | M] () -- C:\Program Files\Hotkey Utility\tray.exe PRC - [2008.06.01 19:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe PRC - [2008.06.01 19:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe PRC - [2008.05.22 18:10:10 | 001,675,264 | ---- | M] () -- C:\Program Files\Power Manager\PM.exe PRC - [2008.05.08 06:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008.04.25 13:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe PRC - [2008.04.20 17:30:20 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2008.04.20 17:30:16 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2008.03.14 12:09:56 | 002,938,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe PRC - [2008.01.22 19:13:08 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007.10.29 13:30:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe PRC - [2007.10.04 17:39:42 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe PRC - [2007.09.28 15:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe ========== Modules (No Company Name) ========== MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.01.27 10:13:37 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll MOD - [2009.12.21 20:09:26 | 000,016,832 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\viewerps.dll MOD - [2008.06.19 13:14:12 | 000,107,280 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\LAppRes.dll MOD - [2008.06.19 13:07:44 | 002,184,464 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe MOD - [2008.06.19 13:05:28 | 000,149,264 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll MOD - [2008.06.19 13:05:04 | 000,165,136 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless4001.dll MOD - [2008.06.19 13:04:54 | 000,138,000 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless.dll MOD - [2008.06.19 13:04:08 | 000,167,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\EFVal.dll MOD - [2008.06.19 13:03:56 | 000,344,336 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll MOD - [2008.06.19 13:03:46 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe MOD - [2008.06.05 23:42:14 | 000,520,192 | ---- | M] () -- C:\Program Files\Hotkey Utility\tray.exe MOD - [2008.06.01 19:44:20 | 000,068,120 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll MOD - [2008.05.22 18:10:10 | 001,675,264 | ---- | M] () -- C:\Program Files\Power Manager\PM.exe MOD - [2005.07.22 20:30:18 | 000,065,536 | ---- | M] () -- C:\Windows\System32\TosCommAPI.dll ========== Win32 Services (SafeList) ========== SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.07.08 21:32:14 | 000,666,696 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService) SRV - [2010.09.29 09:57:46 | 000,616,448 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC) SRV - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2009.08.21 15:24:02 | 000,070,336 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Haufe\iDesk\iDeskService\iDeskService.exe -- (HRService) SRV - [2008.06.01 19:47:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher) SRV - [2008.06.01 19:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2008.06.01 19:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer) SRV - [2008.04.25 13:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler) SRV - [2008.04.20 17:30:20 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007.09.28 15:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2007.01.24 11:21:24 | 000,375,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.01.24 11:21:14 | 000,177,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV - [2012.02.15 21:47:54 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011.12.10 15:05:49 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb) DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.12.09 14:10:40 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dsNcAdpt.sys -- (dsNcAdpt) DRV - [2009.04.11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB) DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008.07.17 17:41:00 | 007,611,616 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008.06.01 19:46:36 | 003,644,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) 1.3 MP Webcam(UVC) DRV - [2008.06.01 19:45:06 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2008.06.01 19:44:54 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv) DRV - [2008.06.01 19:43:24 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap) DRV - [2008.05.27 12:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s) DRV - [2008.05.01 07:35:54 | 003,660,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008.04.15 16:17:18 | 000,224,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel(R) DRV - [2008.04.03 13:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID) DRV - [2008.03.25 15:24:22 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd) DRV - [2008.03.25 12:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte) DRV - [2008.03.19 10:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid) DRV - [2008.01.23 10:19:44 | 000,171,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2008.01.22 19:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd) DRV - [2007.11.29 08:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp) DRV - [2007.10.18 13:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2007.10.02 10:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2007.07.27 11:46:06 | 000,251,680 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acehlp10.sys -- (acehlp10) DRV - [2007.07.27 09:13:08 | 000,330,144 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV10.sys -- (acedrv10) DRV - [2007.01.04 19:15:08 | 000,009,336 | ---- | M] (hxxp://www.internals.com) [Kernel | System | Running] -- C:\Windows\System32\WinIo.sys -- (WINIO) DRV - [2005.01.07 04:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 50 DC 43 B5 C1 CB 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Familie Caliebe\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.11.19 12:42:59 | 000,000,000 | ---D | M] [2009.11.30 21:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions [2009.11.30 21:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com [2011.01.09 11:56:48 | 000,000,000 | ---D | M] (Long Titles) -- C:\PROGRAM FILES\HAUFE\IDESK\IDESKBROWSER\EXTENSIONS\{C24AECC7-7C95-507F-D71F-155CB86656DF} O1 HOSTS File: ([2011.07.15 03:39:13 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe () O4 - HKLM..\Run: [FSCRecovery] c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe (Fujitsu Siemens Computers GmbH) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION) O4 - HKLM..\Run: [LaunchPad] C:\Program Files\Launch Pad\LaunchPad.exe (FIC) O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG) O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe () O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programmchen\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [PDFPrint] C:\Program Files\pdf24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Web-Suche - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} https://picasaweb.google.com/s/v/71.25/uploader2.cab (UploadListView Class) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab (o2c Player (ELECO Software GmbH)) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://213.146.232.238/activex/AMC.cab (AxisMediaControlEmb Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn-split.kit.edu/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74F1352B-26BE-42F8-A68D-EFC7DA290643}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.16 10:48:10 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2012.02.16 10:48:10 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.02.16 10:48:09 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2012.02.16 10:48:09 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2012.02.16 10:48:09 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2012.02.16 10:48:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.02.16 10:48:09 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2012.02.16 10:48:09 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2012.02.16 10:48:09 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2012.02.16 10:48:09 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2012.02.16 10:48:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2012.02.16 10:48:08 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2012.02.16 10:48:08 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012.02.16 10:48:08 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2012.02.16 10:48:08 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2012.02.16 10:48:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.02.16 10:48:08 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2012.02.16 10:48:08 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2012.02.16 10:48:08 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2012.02.16 10:48:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2012.02.16 10:48:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2012.02.16 10:48:08 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2012.02.16 10:48:07 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.02.16 10:48:07 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012.02.16 10:48:07 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2012.02.16 10:48:07 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2012.02.16 10:48:07 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012.02.16 10:48:07 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2012.02.16 10:48:07 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2012.02.16 10:48:06 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012.02.16 10:48:06 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2012.02.16 10:48:06 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2012.02.16 10:48:06 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2012.02.16 10:48:06 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2012.02.16 10:48:06 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2012.02.16 10:48:06 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2012.02.16 10:48:06 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2012.02.16 10:36:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.02.15 17:04:18 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012.02.11 12:06:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.02.11 12:05:27 | 003,587,688 | ---- | C] (Piriform Ltd) -- C:\Users\Familie Caliebe\Desktop\ccsetup315.exe [2012.02.11 11:32:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe [2012.02.11 02:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012.02.11 02:36:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012.02.11 02:36:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012.02.11 02:36:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012.02.10 22:11:43 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Roaming\Malwarebytes [2012.02.10 22:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.02.10 22:11:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.02.10 22:11:30 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.02.08 16:58:25 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe [2012.02.08 16:58:16 | 000,000,000 | ---D | C] -- C:\_OTL [2012.02.08 15:05:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012.02.03 18:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\InetAccelerator [2012.02.03 15:35:11 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Local\PDF24 [2012.02.01 17:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.02.01 17:40:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.02.01 17:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes ========== Files - Modified Within 30 Days ========== [2012.02.16 11:08:51 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012.02.16 11:07:58 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012.02.16 11:07:17 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.16 11:07:16 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.16 11:07:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.02.16 11:06:32 | 3150,782,464 | -HS- | M] () -- C:\hiberfil.sys [2012.02.16 11:05:16 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.02.16 10:48:23 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat [2012.02.16 10:48:23 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat [2012.02.16 10:48:10 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2012.02.16 10:48:10 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.02.16 10:48:09 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2012.02.16 10:48:09 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2012.02.16 10:48:09 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2012.02.16 10:48:09 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.02.16 10:48:09 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2012.02.16 10:48:09 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2012.02.16 10:48:09 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2012.02.16 10:48:09 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2012.02.16 10:48:09 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2012.02.16 10:48:08 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2012.02.16 10:48:08 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012.02.16 10:48:08 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2012.02.16 10:48:08 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2012.02.16 10:48:08 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.02.16 10:48:08 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2012.02.16 10:48:08 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2012.02.16 10:48:08 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2012.02.16 10:48:08 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2012.02.16 10:48:08 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2012.02.16 10:48:08 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2012.02.16 10:48:08 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2012.02.16 10:48:07 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.02.16 10:48:07 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012.02.16 10:48:07 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2012.02.16 10:48:07 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2012.02.16 10:48:07 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012.02.16 10:48:07 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2012.02.16 10:48:07 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2012.02.16 10:48:06 | 001,798,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012.02.16 10:48:06 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2012.02.16 10:48:06 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2012.02.16 10:48:06 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2012.02.16 10:48:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2012.02.16 10:48:06 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2012.02.16 10:48:06 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2012.02.16 10:48:06 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2012.02.16 10:45:39 | 000,359,908 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\cc_20120216_104503.reg [2012.02.16 08:17:46 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.02.16 08:17:46 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.02.16 08:17:46 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.02.16 08:17:46 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.02.16 03:28:13 | 000,417,312 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.02.15 23:42:36 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job [2012.02.15 21:47:54 | 000,137,416 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2012.02.15 17:03:58 | 000,089,088 | ---- | M] () -- C:\Windows\System32\mbr.exe [2012.02.15 17:03:58 | 000,089,088 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\mbr.exe [2012.02.11 12:13:16 | 000,302,592 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\ujo94itv.exe [2012.02.11 12:05:37 | 003,587,688 | ---- | M] (Piriform Ltd) -- C:\Users\Familie Caliebe\Desktop\ccsetup315.exe [2012.02.11 11:32:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe [2012.02.03 19:03:49 | 000,002,032 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat [2012.02.01 10:31:07 | 000,001,000 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\Dropbox.lnk [2012.02.01 10:31:07 | 000,000,980 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.01.29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe ========== Files Created - No Company Name ========== [2012.02.16 10:48:08 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2012.02.16 10:45:24 | 000,359,908 | ---- | C] () -- C:\Users\Familie Caliebe\Desktop\cc_20120216_104503.reg [2012.02.15 17:05:20 | 000,089,088 | ---- | C] () -- C:\Windows\System32\mbr.exe [2012.02.15 17:03:18 | 000,089,088 | ---- | C] () -- C:\Users\Familie Caliebe\Desktop\mbr.exe [2012.02.11 12:13:12 | 000,302,592 | ---- | C] () -- C:\Users\Familie Caliebe\Desktop\ujo94itv.exe [2012.02.10 21:47:55 | 3150,782,464 | -HS- | C] () -- C:\hiberfil.sys [2011.11.24 16:24:14 | 000,000,086 | ---- | C] () -- C:\Windows\WIWWI.ini [2011.11.22 08:52:24 | 000,000,089 | ---- | C] () -- C:\Windows\System32\MSBII.dll [2011.11.22 08:41:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\WKAuxil.dll [2011.11.22 08:41:57 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll [2011.11.22 08:41:57 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll [2011.11.22 08:41:48 | 000,017,920 | ---- | C] () -- C:\Windows\System32\implode.dll [2011.11.22 08:41:46 | 003,782,416 | ---- | C] () -- C:\Windows\System32\mso97.dll [2011.10.14 02:08:24 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI [2011.05.16 15:58:42 | 000,012,959 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\Kommagetrennte Werte (DOS).CAL [2011.04.28 19:15:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.01.16 18:37:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2011.01.16 18:37:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010.11.21 21:08:11 | 000,017,089 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\UserTile.png [2010.05.08 18:22:41 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll [2009.09.24 00:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009.08.31 19:22:32 | 000,002,032 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat [2009.08.05 09:29:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009.07.19 14:56:48 | 000,049,152 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.07.14 13:50:31 | 000,061,455 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2009.07.14 13:46:06 | 000,000,280 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\wklnhst.dat [2009.05.29 16:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009.05.29 16:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2008.08.13 15:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008.08.13 15:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008.08.13 14:53:14 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2008.08.13 14:53:13 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2008.08.13 14:53:13 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin [2008.08.13 14:14:14 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2008.06.01 19:45:06 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys [2008.04.25 13:23:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll [2008.04.09 10:14:37 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.04.09 10:14:36 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.04.09 10:14:36 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.04.09 10:14:36 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2007.12.21 15:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll [2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 000,417,312 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.04.21 09:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\System32\HtmlHelp.dll [2005.07.22 20:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll [2001.10.10 07:57:58 | 000,073,786 | ---- | C] () -- C:\Windows\System32\dntvmc23.dll [2001.10.10 07:57:58 | 000,061,497 | ---- | C] () -- C:\Windows\System32\dntvm23.dll [2001.03.07 07:02:30 | 000,229,431 | ---- | C] () -- C:\Windows\System32\dnt23.dll ========== LOP Check ========== [2011.04.15 15:27:06 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Canon [2010.11.22 00:49:56 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\CometPlayer [2012.02.16 11:15:51 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Dropbox [2010.12.09 17:27:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\FreeVideoConverter [2009.09.20 16:23:25 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\gtk-2.0 [2009.10.19 20:44:08 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Haufe [2009.09.18 15:49:30 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\IrfanView [2011.12.14 10:46:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Jumping Bytes [2011.11.15 08:17:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Juniper Networks [2009.08.04 10:03:24 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Lexware [2011.12.10 15:25:11 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\MyPhoneExplorer [2011.04.27 20:19:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Nokia [2010.06.07 13:45:50 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Octoshape [2011.01.27 10:59:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\OpenOffice.org [2010.11.19 13:39:32 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PC Suite [2009.09.20 23:33:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PixelPlanet [2011.11.25 18:12:53 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Soerg [2011.05.12 22:08:21 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Subversion [2011.07.14 20:43:40 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TeamViewer [2009.07.14 13:46:17 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Template [2010.11.22 00:44:49 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TigerPlayer [2009.11.30 21:53:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TomTom [2009.11.09 19:10:07 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\VistaCodecs [2012.02.16 11:05:16 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.02.15 23:42:36 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job ========== Purity Check ========== < End of report > [/code] OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 16.02.2012 11:15:52 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Familie Caliebe\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,93 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 49,99% Memory free
6,07 Gb Paging File | 4,38 Gb Available in Paging File | 72,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 15,44 Gb Free Space | 16,74% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 441,36 Gb Free Space | 94,76% Space Free | Partition Type: NTFS
Drive E: | 364,76 Gb Total Space | 327,71 Gb Free Space | 89,84% Space Free | Partition Type: NTFS
Computer Name: FAMCALIEBE-PC | User Name: Familie Caliebe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028B4C32-C2D9-4394-902F-B9142219333C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{04F92F9A-138C-42BC-921A-6E929B789ACE}" = lport=139 | protocol=6 | dir=in | app=system |
"{0CF2E451-41AC-4B16-B11E-81C4D558ADF0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0F94B7EE-08A7-49B0-916F-DBEBF25DF505}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{14B0B50E-0819-4BBD-84A1-F51E92743180}" = lport=138 | protocol=17 | dir=in | app=system |
"{177BBE08-15EF-4FFF-88EB-3E17CA93AFE0}" = rport=445 | protocol=6 | dir=out | app=system |
"{399FDB8C-5179-42B2-A847-F738A011EA7D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3D2C6B5F-2B58-4FF8-995D-7B8DCC4AFA97}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4BB8119E-E588-4963-B0F7-667AA204AF76}" = rport=137 | protocol=17 | dir=out | app=system |
"{4C864EF2-4DB2-4AD5-829C-BAA34CA3F038}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4F230D45-7BEE-498C-85F3-091CC6D56780}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{529CD8FE-D9D3-46B8-8E7A-B6C8BA20C872}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56E53D23-9C46-4171-B4BD-EFEFDE2DBCA6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5FC96C63-4C16-45BD-AD48-836411891633}" = lport=137 | protocol=17 | dir=in | app=system |
"{61357620-41F8-48DD-AFFD-228457F83830}" = lport=10243 | protocol=6 | dir=in | app=system |
"{692D14CA-E8EA-4C5D-B2C8-4E124BE5ABC0}" = lport=1034 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4003 |
"{74C16965-AF24-48D7-B913-7A95C4B7A475}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8248A5D1-C496-4E05-AF87-7119575749AE}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8345D527-2093-4C85-B5B9-DC13EF97E7CE}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8DF2E9DE-924C-48D9-A533-910B82DAD3F5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8F631649-75FD-476B-A8CA-F08361146E6D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{90F60FA8-7C36-4BC7-B476-A76F1CA349F8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{97A07EDA-C778-485D-8250-2B9526CD87A1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{ADC075BE-47C4-4E1C-A951-89C496952C3F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AEBCB133-9BA5-4C3A-8BC5-7408E0096418}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B157AC96-138D-42F7-9D03-1BD53F3AECEE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B16315F2-2295-4409-826B-EB0C60194D4C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B787F7C8-758E-4D0B-AF40-4D0E936A6A40}" = lport=445 | protocol=6 | dir=in | app=system |
"{B9EC8EB4-BAFD-4FC1-86E3-7E809FF82DF7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C75F07D7-7439-4878-9700-FD62FB9ECB4E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C793794A-107A-466E-B0F5-044E487FF23F}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4006 |
"{D4ECD863-4A9F-4CCC-A9DD-C95B8FE51F0C}" = rport=138 | protocol=17 | dir=out | app=system |
"{D81FE3F8-4BF9-4559-93B1-99B5F11296EF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E3A2B235-5E7E-41DE-8387-46E14FA5C8DD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E3B52225-2D40-45DD-A1C6-344AE1ADB81B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EF823FEB-C81D-41FD-B2DB-2710D38C6451}" = lport=5721 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4002 |
"{EF8868C3-56E3-431F-A11B-766A1E15DE42}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F7E23D1C-F8DD-4FC6-8C12-18A78E2EE947}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FEF35F35-6B6E-4285-89AB-15789297896F}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16CFECE3-6272-40FB-AC9F-6E6884EFD3F1}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{1CA5A966-6291-4188-86E8-C00AF13ECD63}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2C29F314-74C9-4645-A2AB-4BDAA7ACB000}" = protocol=6 | dir=out | app=system |
"{39BFA96F-2ED4-4B36-B4C8-47D40FAC1EA8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{400B3FCA-0462-4A41-A488-667BE7300515}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{53A783E9-71AA-49C6-BD46-B20324A38E94}" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"{5A6464F6-6CCB-4BB3-B009-1B73CC55E515}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5BD806D7-EE42-4989-AFE3-874512F1DA7A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5C0ACF25-5B53-4527-9C5A-3DDBD2095673}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5CE22F28-378D-401F-BBC1-259DF989CA9E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{63920450-A1B2-4B2C-9F3E-AE7202AC6EAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6915F986-0CF0-4252-8CAB-AFA6862DD3CC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7135FA55-D064-47C0-92B5-E9FCDB97D550}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{73DBF261-8B04-4232-9CC0-3A2228604DB6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{783B9F82-EBCF-4356-9721-871AF9B48EEB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{7BD13045-E407-4990-8AFB-C46B6BB72D35}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{83867EC9-0C61-4457-914A-618BA58C8DAF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{84FC65AC-3E38-4200-9616-1E907C8EEFEF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8795D016-BA9E-48B7-A82C-74BAFCF420EC}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{8D81974A-7E85-4B63-BDBE-D1C7F581150E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E09A290-C25D-47FA-9A86-A76DF1BFB6C2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{95EDE25A-A91A-4AD6-870B-45486836220C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{98B9728F-D9CC-4900-AEB7-D732AE63DE4D}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{9E6F1110-EDAC-421F-B014-E8017C3C09FA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A571B085-7546-453C-9725-9451132E1348}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A945F80E-19B0-44E5-9D84-64B55D1C9357}" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"{B785D447-A5FD-4085-8A20-E6A2A1E98237}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BB970AD3-2015-421D-908A-603B3B44452F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DC909859-9709-48C2-8BEC-A1A4D49BA1F3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DDB96144-E043-4151-BE55-68856F397BD7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E82D08A7-FE1F-47F8-95AC-6F0A7EAB25C8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{EDE2310D-B442-416F-8C6D-96C4938DC523}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{F34D272E-9668-447D-A99C-0171C0BA3F39}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F8694076-8ED2-4F50-A017-ECBFC033E2EB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{FE627DAE-22D5-467F-BF75-5F501F6FE7E5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{1E1C8E01-4AEF-4C56-899C-1F7C459F9BA9}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{5609AF03-403E-4DE3-86F7-B00CB7A481E5}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{6BF93385-690E-4499-801D-1078C3703FA1}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{98F3BF9B-15FA-4422-8583-8976FE9272A9}C:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{B078E111-3752-49D8-BE05-196EC7484287}C:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe |
"TCP Query User{BA5CA1E8-95E3-4CC8-B169-1A189813514E}C:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{CC4C04DA-F5A4-4241-BA10-350903397661}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{3F29293B-5D3C-45AD-8614-A9E483ABC3A6}C:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe |
"UDP Query User{464AC7C3-7144-49B9-B6F2-1AAC3E68BDB8}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{6FF4DEB1-1A1D-4ADD-AE18-DBC082FFEC37}C:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{DE671AA4-6E71-430D-AD1A-FE34A34417D8}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{E0922CB7-D8F9-4A3F-A2B4-1201D6D809A8}C:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{EC9D70E0-90EE-47D0-837B-258412B13D92}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{FFC939BE-D69D-4FE6-A423-41A311E2FBFF}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}" = Windows Mobile-Gerätecenter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 30
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}" = SystemDiagnostics
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32180A3A-F7F0-4BD9-924A-B3A271DD35AE}" = Caillous Vorschule
"{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java(TM) SE Development Kit 6 Update 26
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011
"{373C3C97-2FA9-4E18-85A2-255060C21031}" = Nero 8 Essentials
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42B74521-4706-412A-9A27-AED12B83E886}" = Nokia Ovi Application Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56FDB311-6511-11DE-832F-0050560400B1}" = Haufe iDesk-Browser
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}" = Nokia Ovi Content Copier
"{64F974D4-135B-4BB9-9791-CD94AEBDAE5C}" = WGW Deutsch 1
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B56E0F8-762D-46F8-846D-D9609116997E}" = WGW Deutsch 3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D9B4C6B-7879-477A-B5EE-7DF068B91F34}" = PdfGrabber 5.0
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.1.2
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93FFBCB3-9DC8-4807-8E2B-D36E9C18A289}" = WGW Deutsch 4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFC454ED-A26F-4816-826B-C35129D82E1F}" = Fujitsu Siemens Computers Recovery
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B4848E3A-A9B8-4091-A3A2-3941B9AABC5E}" = Logitech QuickCam
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB8CA439-DA83-419C-A4CF-5A0A50025144}" = Windows Mobile-Gerätecenter: Treiberupdate
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D07C4EDD-1E82-4D66-A2E9-2A819A9E8A0D}" = Kids entdecken den menschlichen Körper
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E024F0D3-63D6-4C2A-BB94-7667FB125822}" = WGW Deutsch 2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3DBED25-09EE-45FE-BE53-4B07B0CBA0FC}" = PC Connectivity Solution
"{EB5AE940-8E5D-11DE-992A-005056B12123}" = Haufe iDesk-Service
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F55CA27A-8C3C-4E7D-891B-D29FD3259A94}" = TAXMAN 2008
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}" = Nokia Ovi System Utilities
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Canon MG5100 series Benutzerregistrierung" = Canon MG5100 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Video Converter_is1" = Free Video Converter V 2.9
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"GSview 4.9" = GSview 4.9
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotkey Utility_is1" = Hotkey Utility
"IrfanView" = IrfanView (remove only)
"Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0
"Juniper Network Connect 7.0.0" = Juniper Networks Network Connect 7.0.0
"Launch Pad_is1" = Launch Pad 1.0.3
"lvdrivers_11.51" = Logitech QuickCam-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mathe Klasse 1 - 4" = Mathe Klasse 1 - 4
"meinHausplaner" = meinHausplaner
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MpcStar" = MpcStar 5.1
"MPE" = MyPhoneExplorer
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3011
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3011
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3018
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Power Manager_is1" = Power Manager 2.8.3
"PROSet" = Intel(R) Network Connections Drivers
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"RealPlayer 12.0" = RealPlayer
"Rgb2Cmyk_is1" = Rgb2Cmyk 1.3
"Scribus 1.3.3.13" = Scribus 1.3.3.13
"TomTom HOME" = TomTom HOME 2.7.3.1894
"VLC media player" = VLC media player 1.0.5
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
"Zahlenbuch 2" = Zahlenbuch 2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Jeliot 3.7.2 (powered by AIFB)" = Jeliot 3.7.2 (powered by AIFB)
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Octoshape Streaming Services" = Octoshape Streaming Services
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 08.02.2011 08:14:01 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
Error - 08.02.2011 08:14:01 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
Error - 08.02.2011 08:14:01 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
Error - 08.02.2011 08:14:03 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
Error - 08.02.2011 08:14:07 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
Error - 08.02.2011 08:14:07 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
Error - 08.02.2011 16:03:58 | Computer Name = FamCaliebe-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.6001.18999 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 1d74 Anfangszeit: 01cbc78b727522d0 Zeitpunkt
der Beendigung: 20
Error - 09.02.2011 15:07:48 | Computer Name = FamCaliebe-PC | Source = WinMgmt | ID = 10
Description =
Error - 09.02.2011 15:08:04 | Computer Name = FamCaliebe-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Real\RealPlayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 09.02.2011 15:09:17 | Computer Name = FamCaliebe-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NokiaOviSuite.exe, Version 2.2.0.245, Zeitstempel
0x4c2da5db, fehlerhaftes Modul QtCore4.dll, Version 4.6.1.0, Zeitstempel 0x4b701363,
Ausnahmecode 0xc0000005, Fehleroffset 0x0001a698, Prozess-ID 0x1014, Anwendungsstartzeit
01cbc88ca52afdd7.
[ OSession Events ]
Error - 05.05.2010 10:55:45 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 948
seconds with 900 seconds of active time. This session ended with a crash.
Error - 27.01.2011 06:03:18 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 10522 seconds with 120 seconds of active time. This session ended with a
crash.
Error - 18.02.2011 04:04:41 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 64754
seconds with 6660 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 11.02.2012 07:18:20 | Computer Name = FamCaliebe-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie chkdsk auf Volume "SYSTEM" aus.
Error - 15.02.2012 22:25:07 | Computer Name = FamCaliebe-PC | Source = DCOM | ID = 10010
Description =
Error - 15.02.2012 22:33:57 | Computer Name = FamCaliebe-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 16.02.2012 04:46:36 | Computer Name = FamCaliebe-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.35 für die Netzwerkkarte mit der Netzwerkadresse
00140B6445F7 wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 16.02.2012 05:59:16 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 16.02.2012 05:59:17 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 16.02.2012 06:00:29 | Computer Name = FamCaliebe-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 16.02.2012 06:04:24 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 16.02.2012 06:04:25 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 16.02.2012 06:11:30 | Computer Name = FamCaliebe-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
< End of report >
[/code] |
|
16.02.2012, 13:37
| #32 |
| | Programm kann Webseite nicht anzeigen...TrojanerCode:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 02/16/2012 at 01:17 PM
Application Version : 5.0.1144
Core Rules Database Version : 8249
Trace Rules Database Version: 6061
Scan type : Complete Scan
Total Scan Time : 01:25:24
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)
Memory items scanned : 919
Memory threats detected : 0
Registry items scanned : 38657
Registry threats detected : 0
File items scanned : 156019
File threats detected : 15
Adware.Tracking Cookie
C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Cookies\DBYW7PQ4.txt [ /2o7.net ]
C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Cookies\IHK9LH8W.txt [ /atdmt.com ]
C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Cookies\F37FOZQ0.txt [ /adfarm1.adition.com ]
C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Cookies\2QU31VTP.txt [ /apmebf.com ]
C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Cookies\B13QUEAR.txt [ /ad.yieldmanager.com ]
C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Cookies\ZSMPFFZS.txt [ /fl01.ct2.comclick.com ]
C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Cookies\M3HSF171.txt [ /ads.creative-serving.com ]
C:\USERS\FAMILIE CALIEBE\AppData\Roaming\Microsoft\Windows\Cookies\familie_caliebe@www.google[2].txt [ Cookie:familie caliebe@www.google.com/accounts ]
C:\USERS\FAMILIE CALIEBE\AppData\Roaming\Microsoft\Windows\Cookies\0QAAFLC4.txt [ Cookie:familie caliebe@google.com/accounts/ ]
C:\USERS\FAMILIE CALIEBE\Cookies\DBYW7PQ4.txt [ Cookie:familie caliebe@2o7.net/ ]
C:\USERS\FAMILIE CALIEBE\Cookies\familie_caliebe@www.google[2].txt [ Cookie:familie caliebe@www.google.com/accounts ]
C:\USERS\FAMILIE CALIEBE\Cookies\F37FOZQ0.txt [ Cookie:familie caliebe@adfarm1.adition.com/ ]
C:\USERS\FAMILIE CALIEBE\Cookies\2QU31VTP.txt [ Cookie:familie caliebe@apmebf.com/ ]
C:\USERS\FAMILIE CALIEBE\Cookies\B13QUEAR.txt [ Cookie:familie caliebe@ad.yieldmanager.com/ ]
C:\USERS\FAMILIE CALIEBE\Cookies\0QAAFLC4.txt [ Cookie:familie caliebe@google.com/accounts/ ]
|
|
16.02.2012, 18:02
| #33 |
| | Programm kann Webseite nicht anzeigen...Trojaner Also dieser online scan hat auch was gefunden ....
__________________hier der log Code:
ATTFilter C:\Program Files\VistaCodecPack\Tools\renderer32.exe Win32/Packed.Autoit.E.Gen application deleted - quarantined
C:\ProgramData\VistaCodecs\{CE8A1292-3EE0-42E0-9C78-DB078E7165F2}\Vista Codec Package.msi Win32/Packed.Autoit.E.Gen application deleted - quarantined
|
|
17.02.2012, 21:19
| #34 |
| /// Helfer-Team    | Programm kann Webseite nicht anzeigen...Trojaner ► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
19.02.2012, 23:01
| #35 |
| | Programm kann Webseite nicht anzeigen...Trojaner Hey, ich bin dabei sämtliche Programme durchzutesten. Internet geht einwandfrei. Hochfahren des Rechners geht auch ohne Probleme. Bis jetzt: Mein Excel ist zerschossen. Ich habe aber nicht alle Programme durch. Ansonsten sind die Gründe für das Dilemma im Griff. Jetzt stellt sich nur die Frage wie kann ich meinen Rechner schützen vor künftigen Angriffen? LG piranya |
|
20.02.2012, 15:06
| #36 | ||
| /// Helfer-Team | Programm kann Webseite nicht anzeigen...TrojanerZitat:
Privatsphäre, und mehr Sicherheit: Man darf nicht denken oder glauben, das ein Antivirus und eine Firewall installiert sind und gut ist! Zitat:
zur Nachkontrolle: erneut einen Scan mit OTL:
__________________ --> Programm kann Webseite nicht anzeigen...Trojaner |
|
23.02.2012, 16:06
| #37 |
| | Programm kann Webseite nicht anzeigen...Trojaner Hi Kira, nachdem ich versucht hab mein excel zu deinstallieren endete alles in einer Neuinstallation des ganzen Office Pakets und ich bin mir nicht so sicher, ob das so gut war. Ich werde meine Daten auf eine Partition ziehen, von dort ein backup machen und meinen Rechner Platt machen, sicher ist sicher. Hier nochmal die OTL files: OTL Logfile: Code:
ATTFilter OTL logfile created on: 23.02.2012 15:51:20 - Run 3 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Familie Caliebe\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,93 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 50,46% Memory free 6,07 Gb Paging File | 3,53 Gb Available in Paging File | 58,16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 92,21 Gb Total Space | 19,11 Gb Free Space | 20,72% Space Free | Partition Type: NTFS Drive D: | 465,76 Gb Total Space | 439,20 Gb Free Space | 94,30% Space Free | Partition Type: NTFS Drive E: | 364,76 Gb Total Space | 326,85 Gb Free Space | 89,61% Space Free | Partition Type: NTFS Computer Name: FAMCALIEBE-PC | User Name: Familie Caliebe | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.02.15 00:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2012.02.11 11:32:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe PRC - [2012.01.20 19:16:56 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.12.16 12:54:22 | 000,220,744 | ---- | M] (Geek Software GmbH) -- C:\Program Files\pdf24\pdf24.exe PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE PRC - [2011.07.27 04:06:16 | 013,002,608 | ---- | M] (Microsoft Corporation) -- C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE PRC - [2011.07.08 21:32:14 | 000,666,696 | ---- | M] (Juniper Networks) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2010.11.19 12:42:39 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe PRC - [2010.06.09 01:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE PRC - [2010.04.02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE PRC - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.07.12 20:36:26 | 002,260,992 | ---- | M] (FIC) -- C:\Program Files\Launch Pad\LaunchPad.exe PRC - [2008.06.19 13:07:44 | 002,184,464 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe PRC - [2008.06.19 13:03:46 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe PRC - [2008.06.19 13:03:22 | 000,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe PRC - [2008.06.05 23:42:14 | 000,520,192 | ---- | M] () -- C:\Program Files\Hotkey Utility\tray.exe PRC - [2008.06.01 19:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe PRC - [2008.06.01 19:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe PRC - [2008.05.22 18:10:10 | 001,675,264 | ---- | M] () -- C:\Program Files\Power Manager\PM.exe PRC - [2008.05.08 06:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008.04.25 13:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe PRC - [2008.04.20 17:30:20 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2008.04.20 17:30:16 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2008.03.14 12:09:56 | 002,938,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe PRC - [2008.01.22 19:13:08 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007.10.29 13:30:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe PRC - [2007.10.04 17:39:42 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe PRC - [2007.09.28 15:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe PRC - [2006.11.02 13:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe ========== Modules (No Company Name) ========== MOD - [2012.02.17 10:47:15 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll MOD - [2012.02.17 10:47:12 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll MOD - [2012.02.16 11:49:45 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL MOD - [2012.02.16 11:49:45 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll MOD - [2011.10.05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.01.27 10:13:37 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll MOD - [2009.08.17 22:54:46 | 000,136,520 | ---- | M] () -- C:\PROGRA~1\MICROS~2\Office12\OUTLCTL.DLL MOD - [2008.10.26 04:42:14 | 000,065,376 | ---- | M] () -- C:\PROGRA~1\MICROS~2\Office12\ADDINS\COLLEA~1.DLL MOD - [2008.06.19 13:14:12 | 000,107,280 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\LAppRes.dll MOD - [2008.06.19 13:07:44 | 002,184,464 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe MOD - [2008.06.19 13:05:28 | 000,149,264 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll MOD - [2008.06.19 13:05:04 | 000,165,136 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless4001.dll MOD - [2008.06.19 13:04:54 | 000,138,000 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless.dll MOD - [2008.06.19 13:04:08 | 000,167,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\EFVal.dll MOD - [2008.06.19 13:03:56 | 000,344,336 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll MOD - [2008.06.19 13:03:46 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe MOD - [2008.06.05 23:42:14 | 000,520,192 | ---- | M] () -- C:\Program Files\Hotkey Utility\tray.exe MOD - [2008.06.01 19:44:20 | 000,068,120 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll MOD - [2008.05.22 18:10:10 | 001,675,264 | ---- | M] () -- C:\Program Files\Power Manager\PM.exe MOD - [2006.10.27 14:35:18 | 000,436,512 | ---- | M] () -- C:\PROGRA~1\MICROS~2\Office12\ADDINS\UMOUTL~1.DLL MOD - [2005.07.22 20:30:18 | 000,065,536 | ---- | M] () -- C:\Windows\System32\TosCommAPI.dll ========== Win32 Services (SafeList) ========== SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE) SRV - [2011.07.08 21:32:14 | 000,666,696 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService) SRV - [2010.09.29 09:57:46 | 000,616,448 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC) SRV - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2009.08.21 15:24:02 | 000,070,336 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Haufe\iDesk\iDeskService\iDeskService.exe -- (HRService) SRV - [2008.06.01 19:47:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher) SRV - [2008.06.01 19:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2008.06.01 19:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer) SRV - [2008.04.25 13:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler) SRV - [2008.04.20 17:30:20 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007.09.28 15:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2007.01.24 11:21:24 | 000,375,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.01.24 11:21:14 | 000,177,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV - [2012.02.15 21:47:54 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011.12.10 15:05:49 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb) DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV) DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.12.09 14:10:40 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dsNcAdpt.sys -- (dsNcAdpt) DRV - [2009.04.11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB) DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008.07.17 17:41:00 | 007,611,616 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008.06.01 19:46:36 | 003,644,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) 1.3 MP Webcam(UVC) DRV - [2008.06.01 19:45:06 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2008.06.01 19:44:54 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv) DRV - [2008.06.01 19:43:24 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap) DRV - [2008.05.27 12:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s) DRV - [2008.05.01 07:35:54 | 003,660,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008.04.15 16:17:18 | 000,224,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel(R) DRV - [2008.04.03 13:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID) DRV - [2008.03.25 15:24:22 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd) DRV - [2008.03.25 12:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte) DRV - [2008.03.19 10:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid) DRV - [2008.01.23 10:19:44 | 000,171,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2008.01.22 19:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd) DRV - [2007.11.29 08:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp) DRV - [2007.10.18 13:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2007.10.02 10:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2007.07.27 11:46:06 | 000,251,680 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acehlp10.sys -- (acehlp10) DRV - [2007.07.27 09:13:08 | 000,330,144 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV10.sys -- (acedrv10) DRV - [2007.01.04 19:15:08 | 000,009,336 | ---- | M] (hxxp://www.internals.com) [Kernel | System | Running] -- C:\Windows\System32\WinIo.sys -- (WINIO) DRV - [2005.01.07 04:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 50 DC 43 B5 C1 CB 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Familie Caliebe\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.11.19 12:42:59 | 000,000,000 | ---D | M] [2009.11.30 21:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions [2009.11.30 21:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com [2011.01.09 11:56:48 | 000,000,000 | ---D | M] (Long Titles) -- C:\PROGRAM FILES\HAUFE\IDESK\IDESKBROWSER\EXTENSIONS\{C24AECC7-7C95-507F-D71F-155CB86656DF} O1 HOSTS File: ([2011.07.15 03:39:13 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe () O4 - HKLM..\Run: [FSCRecovery] c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe (Fujitsu Siemens Computers GmbH) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION) O4 - HKLM..\Run: [LaunchPad] C:\Program Files\Launch Pad\LaunchPad.exe (FIC) O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG) O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe () O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programmchen\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [PDFPrint] C:\Program Files\pdf24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Web-Suche - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} https://picasaweb.google.com/s/v/71.25/uploader2.cab (UploadListView Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab (o2c Player (ELECO Software GmbH)) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://213.146.232.238/activex/AMC.cab (AxisMediaControlEmb Class) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn-split.kit.edu/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74F1352B-26BE-42F8-A68D-EFC7DA290643}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB303501-7B79-4119-B373-F5AF1B598B00}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.21 15:21:35 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012.02.21 14:55:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.02.16 14:17:37 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012.02.16 11:49:29 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Roaming\SUPERAntiSpyware.com [2012.02.16 11:48:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2012.02.16 11:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2012.02.16 11:48:29 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2012.02.16 10:48:10 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2012.02.16 10:48:10 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.02.16 10:48:09 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2012.02.16 10:48:09 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2012.02.16 10:48:09 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2012.02.16 10:48:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.02.16 10:48:09 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2012.02.16 10:48:09 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2012.02.16 10:48:09 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2012.02.16 10:48:09 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2012.02.16 10:48:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2012.02.16 10:48:08 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2012.02.16 10:48:08 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012.02.16 10:48:08 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2012.02.16 10:48:08 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2012.02.16 10:48:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.02.16 10:48:08 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2012.02.16 10:48:08 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2012.02.16 10:48:08 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2012.02.16 10:48:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2012.02.16 10:48:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2012.02.16 10:48:08 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2012.02.16 10:48:07 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.02.16 10:48:07 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012.02.16 10:48:07 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2012.02.16 10:48:07 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2012.02.16 10:48:07 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012.02.16 10:48:07 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2012.02.16 10:48:07 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2012.02.16 10:48:06 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012.02.16 10:48:06 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2012.02.16 10:48:06 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2012.02.16 10:48:06 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2012.02.16 10:48:06 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2012.02.16 10:48:06 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2012.02.16 10:48:06 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2012.02.16 10:48:06 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2012.02.16 10:36:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.02.15 17:04:18 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012.02.11 12:06:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.02.11 12:05:27 | 003,587,688 | ---- | C] (Piriform Ltd) -- C:\Users\Familie Caliebe\Desktop\ccsetup315.exe [2012.02.11 11:32:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe [2012.02.11 02:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012.02.11 02:36:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012.02.11 02:36:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012.02.11 02:36:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012.02.10 22:11:43 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Roaming\Malwarebytes [2012.02.10 22:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.02.10 22:11:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.02.10 22:11:30 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.02.08 16:58:25 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe [2012.02.08 16:58:16 | 000,000,000 | ---D | C] -- C:\_OTL [2012.02.08 15:05:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012.02.03 18:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\InetAccelerator [2012.02.03 15:35:11 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Local\PDF24 [2012.02.01 17:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.02.01 17:40:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.02.01 17:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes ========== Files - Modified Within 30 Days ========== [2012.02.23 15:46:01 | 000,050,688 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.02.23 15:16:49 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.23 15:16:49 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.23 10:31:15 | 000,001,000 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\Dropbox.lnk [2012.02.23 10:31:15 | 000,000,980 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.02.22 11:10:06 | 000,000,680 | RHS- | M] () -- C:\Users\Familie Caliebe\ntuser.pol [2012.02.20 13:16:56 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012.02.20 13:16:55 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012.02.20 13:16:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.02.17 11:02:29 | 000,632,252 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.02.17 11:02:29 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.02.17 11:02:29 | 000,127,464 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.02.17 11:02:29 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.02.17 10:45:19 | 3150,782,464 | -HS- | M] () -- C:\hiberfil.sys [2012.02.17 00:47:14 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.02.17 00:22:36 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2012.02.16 14:30:13 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2012.02.16 10:48:23 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat [2012.02.16 10:48:23 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat [2012.02.16 10:48:10 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2012.02.16 10:48:10 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.02.16 10:48:09 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2012.02.16 10:48:09 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2012.02.16 10:48:09 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2012.02.16 10:48:09 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.02.16 10:48:09 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2012.02.16 10:48:09 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2012.02.16 10:48:09 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2012.02.16 10:48:09 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2012.02.16 10:48:09 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2012.02.16 10:48:08 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2012.02.16 10:48:08 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012.02.16 10:48:08 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2012.02.16 10:48:08 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2012.02.16 10:48:08 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.02.16 10:48:08 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2012.02.16 10:48:08 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2012.02.16 10:48:08 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2012.02.16 10:48:08 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2012.02.16 10:48:08 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2012.02.16 10:48:08 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2012.02.16 10:48:08 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2012.02.16 10:48:07 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.02.16 10:48:07 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012.02.16 10:48:07 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2012.02.16 10:48:07 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2012.02.16 10:48:07 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012.02.16 10:48:07 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2012.02.16 10:48:07 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2012.02.16 10:48:06 | 001,798,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012.02.16 10:48:06 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2012.02.16 10:48:06 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2012.02.16 10:48:06 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2012.02.16 10:48:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2012.02.16 10:48:06 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2012.02.16 10:48:06 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2012.02.16 10:48:06 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2012.02.16 10:45:39 | 000,359,908 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\cc_20120216_104503.reg [2012.02.16 03:28:13 | 000,417,312 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.02.15 21:47:54 | 000,137,416 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2012.02.15 17:03:58 | 000,089,088 | ---- | M] () -- C:\Windows\System32\mbr.exe [2012.02.15 17:03:58 | 000,089,088 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\mbr.exe [2012.02.11 12:13:16 | 000,302,592 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\ujo94itv.exe [2012.02.11 12:05:37 | 003,587,688 | ---- | M] (Piriform Ltd) -- C:\Users\Familie Caliebe\Desktop\ccsetup315.exe [2012.02.11 11:32:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe [2012.02.03 19:03:49 | 000,002,032 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat [2012.01.29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe ========== Files Created - No Company Name ========== [2012.02.22 11:04:51 | 000,000,680 | RHS- | C] () -- C:\Users\Familie Caliebe\ntuser.pol [2012.02.17 00:22:36 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012.02.16 14:30:01 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2012.02.16 13:31:36 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2012.02.16 10:48:08 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2012.02.16 10:45:24 | 000,359,908 | ---- | C] () -- C:\Users\Familie Caliebe\Desktop\cc_20120216_104503.reg [2012.02.15 17:05:20 | 000,089,088 | ---- | C] () -- C:\Windows\System32\mbr.exe [2012.02.15 17:03:18 | 000,089,088 | ---- | C] () -- C:\Users\Familie Caliebe\Desktop\mbr.exe [2012.02.11 12:13:12 | 000,302,592 | ---- | C] () -- C:\Users\Familie Caliebe\Desktop\ujo94itv.exe [2012.02.10 21:47:55 | 3150,782,464 | -HS- | C] () -- C:\hiberfil.sys [2011.11.24 16:24:14 | 000,000,086 | ---- | C] () -- C:\Windows\WIWWI.ini [2011.11.22 08:52:24 | 000,000,089 | ---- | C] () -- C:\Windows\System32\MSBII.dll [2011.11.22 08:41:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\WKAuxil.dll [2011.11.22 08:41:57 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll [2011.11.22 08:41:57 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll [2011.11.22 08:41:48 | 000,017,920 | ---- | C] () -- C:\Windows\System32\implode.dll [2011.11.22 08:41:46 | 003,782,416 | ---- | C] () -- C:\Windows\System32\mso97.dll [2011.10.14 02:08:24 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI [2011.05.16 15:58:42 | 000,012,959 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\Kommagetrennte Werte (DOS).CAL [2011.04.28 19:15:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.01.16 18:37:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2011.01.16 18:37:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010.11.21 21:08:11 | 000,017,089 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\UserTile.png [2010.05.08 18:22:41 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll [2009.09.24 00:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009.08.31 19:22:32 | 000,002,032 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat [2009.08.05 09:29:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009.07.19 14:56:48 | 000,050,688 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.07.14 13:50:31 | 000,061,455 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2009.07.14 13:46:06 | 000,000,280 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\wklnhst.dat [2009.05.29 16:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009.05.29 16:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2008.08.13 15:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008.08.13 15:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008.08.13 14:53:14 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2008.08.13 14:53:13 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2008.08.13 14:53:13 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin [2008.08.13 14:14:14 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2008.06.01 19:45:06 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys [2008.04.25 13:23:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll [2008.04.09 10:14:37 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.04.09 10:14:36 | 000,632,252 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.04.09 10:14:36 | 000,127,464 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.04.09 10:14:36 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2007.12.21 15:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll [2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 000,417,312 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,598,900 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,104,914 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.04.21 09:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\System32\HtmlHelp.dll [2005.07.22 20:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll [2001.10.10 07:57:58 | 000,073,786 | ---- | C] () -- C:\Windows\System32\dntvmc23.dll [2001.10.10 07:57:58 | 000,061,497 | ---- | C] () -- C:\Windows\System32\dntvm23.dll [2001.03.07 07:02:30 | 000,229,431 | ---- | C] () -- C:\Windows\System32\dnt23.dll ========== LOP Check ========== [2011.04.15 15:27:06 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Canon [2010.11.22 00:49:56 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\CometPlayer [2012.02.23 15:55:58 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Dropbox [2010.12.09 17:27:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\FreeVideoConverter [2009.09.20 16:23:25 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\gtk-2.0 [2009.10.19 20:44:08 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Haufe [2009.09.18 15:49:30 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\IrfanView [2011.12.14 10:46:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Jumping Bytes [2011.11.15 08:17:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Juniper Networks [2009.08.04 10:03:24 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Lexware [2011.12.10 15:25:11 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\MyPhoneExplorer [2011.04.27 20:19:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Nokia [2010.06.07 13:45:50 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Octoshape [2011.01.27 10:59:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\OpenOffice.org [2010.11.19 13:39:32 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PC Suite [2009.09.20 23:33:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PixelPlanet [2011.11.25 18:12:53 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Soerg [2011.05.12 22:08:21 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Subversion [2011.07.14 20:43:40 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TeamViewer [2009.07.14 13:46:17 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Template [2010.11.22 00:44:49 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TigerPlayer [2009.11.30 21:53:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TomTom [2009.11.09 19:10:07 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\VistaCodecs [2012.02.17 00:47:16 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > [/code] OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 23.02.2012 15:51:20 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Familie Caliebe\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,93 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 50,46% Memory free
6,07 Gb Paging File | 3,53 Gb Available in Paging File | 58,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 19,11 Gb Free Space | 20,72% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 439,20 Gb Free Space | 94,30% Space Free | Partition Type: NTFS
Drive E: | 364,76 Gb Total Space | 326,85 Gb Free Space | 89,61% Space Free | Partition Type: NTFS
Computer Name: FAMCALIEBE-PC | User Name: Familie Caliebe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028B4C32-C2D9-4394-902F-B9142219333C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{04F92F9A-138C-42BC-921A-6E929B789ACE}" = lport=139 | protocol=6 | dir=in | app=system |
"{0CF2E451-41AC-4B16-B11E-81C4D558ADF0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0F94B7EE-08A7-49B0-916F-DBEBF25DF505}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{14B0B50E-0819-4BBD-84A1-F51E92743180}" = lport=138 | protocol=17 | dir=in | app=system |
"{177BBE08-15EF-4FFF-88EB-3E17CA93AFE0}" = rport=445 | protocol=6 | dir=out | app=system |
"{399FDB8C-5179-42B2-A847-F738A011EA7D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3D2C6B5F-2B58-4FF8-995D-7B8DCC4AFA97}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4BB8119E-E588-4963-B0F7-667AA204AF76}" = rport=137 | protocol=17 | dir=out | app=system |
"{4C864EF2-4DB2-4AD5-829C-BAA34CA3F038}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4F230D45-7BEE-498C-85F3-091CC6D56780}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{529CD8FE-D9D3-46B8-8E7A-B6C8BA20C872}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56E53D23-9C46-4171-B4BD-EFEFDE2DBCA6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5FC96C63-4C16-45BD-AD48-836411891633}" = lport=137 | protocol=17 | dir=in | app=system |
"{61357620-41F8-48DD-AFFD-228457F83830}" = lport=10243 | protocol=6 | dir=in | app=system |
"{692D14CA-E8EA-4C5D-B2C8-4E124BE5ABC0}" = lport=1034 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4003 |
"{74C16965-AF24-48D7-B913-7A95C4B7A475}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8248A5D1-C496-4E05-AF87-7119575749AE}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8345D527-2093-4C85-B5B9-DC13EF97E7CE}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8DF2E9DE-924C-48D9-A533-910B82DAD3F5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8F631649-75FD-476B-A8CA-F08361146E6D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{90F60FA8-7C36-4BC7-B476-A76F1CA349F8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{97A07EDA-C778-485D-8250-2B9526CD87A1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{ADC075BE-47C4-4E1C-A951-89C496952C3F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AEBCB133-9BA5-4C3A-8BC5-7408E0096418}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B157AC96-138D-42F7-9D03-1BD53F3AECEE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B16315F2-2295-4409-826B-EB0C60194D4C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B787F7C8-758E-4D0B-AF40-4D0E936A6A40}" = lport=445 | protocol=6 | dir=in | app=system |
"{B9EC8EB4-BAFD-4FC1-86E3-7E809FF82DF7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C75F07D7-7439-4878-9700-FD62FB9ECB4E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C793794A-107A-466E-B0F5-044E487FF23F}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4006 |
"{D4ECD863-4A9F-4CCC-A9DD-C95B8FE51F0C}" = rport=138 | protocol=17 | dir=out | app=system |
"{D81FE3F8-4BF9-4559-93B1-99B5F11296EF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E3A2B235-5E7E-41DE-8387-46E14FA5C8DD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E3B52225-2D40-45DD-A1C6-344AE1ADB81B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EF823FEB-C81D-41FD-B2DB-2710D38C6451}" = lport=5721 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4002 |
"{EF8868C3-56E3-431F-A11B-766A1E15DE42}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F7E23D1C-F8DD-4FC6-8C12-18A78E2EE947}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FEF35F35-6B6E-4285-89AB-15789297896F}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16CFECE3-6272-40FB-AC9F-6E6884EFD3F1}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{1CA5A966-6291-4188-86E8-C00AF13ECD63}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2C29F314-74C9-4645-A2AB-4BDAA7ACB000}" = protocol=6 | dir=out | app=system |
"{39BFA96F-2ED4-4B36-B4C8-47D40FAC1EA8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{400B3FCA-0462-4A41-A488-667BE7300515}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{53A783E9-71AA-49C6-BD46-B20324A38E94}" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"{5A6464F6-6CCB-4BB3-B009-1B73CC55E515}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5BD806D7-EE42-4989-AFE3-874512F1DA7A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5C0ACF25-5B53-4527-9C5A-3DDBD2095673}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5CE22F28-378D-401F-BBC1-259DF989CA9E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{63920450-A1B2-4B2C-9F3E-AE7202AC6EAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6915F986-0CF0-4252-8CAB-AFA6862DD3CC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7135FA55-D064-47C0-92B5-E9FCDB97D550}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{73DBF261-8B04-4232-9CC0-3A2228604DB6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{783B9F82-EBCF-4356-9721-871AF9B48EEB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{7BD13045-E407-4990-8AFB-C46B6BB72D35}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{83867EC9-0C61-4457-914A-618BA58C8DAF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{84FC65AC-3E38-4200-9616-1E907C8EEFEF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8795D016-BA9E-48B7-A82C-74BAFCF420EC}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{8D81974A-7E85-4B63-BDBE-D1C7F581150E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E09A290-C25D-47FA-9A86-A76DF1BFB6C2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{95EDE25A-A91A-4AD6-870B-45486836220C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{98B9728F-D9CC-4900-AEB7-D732AE63DE4D}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{9E6F1110-EDAC-421F-B014-E8017C3C09FA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A571B085-7546-453C-9725-9451132E1348}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A945F80E-19B0-44E5-9D84-64B55D1C9357}" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"{B785D447-A5FD-4085-8A20-E6A2A1E98237}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BB970AD3-2015-421D-908A-603B3B44452F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DC909859-9709-48C2-8BEC-A1A4D49BA1F3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DDB96144-E043-4151-BE55-68856F397BD7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E82D08A7-FE1F-47F8-95AC-6F0A7EAB25C8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{EDE2310D-B442-416F-8C6D-96C4938DC523}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{F34D272E-9668-447D-A99C-0171C0BA3F39}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F8694076-8ED2-4F50-A017-ECBFC033E2EB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{FE627DAE-22D5-467F-BF75-5F501F6FE7E5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{1E1C8E01-4AEF-4C56-899C-1F7C459F9BA9}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{5609AF03-403E-4DE3-86F7-B00CB7A481E5}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{6BF93385-690E-4499-801D-1078C3703FA1}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{98F3BF9B-15FA-4422-8583-8976FE9272A9}C:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{B078E111-3752-49D8-BE05-196EC7484287}C:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe |
"TCP Query User{BA5CA1E8-95E3-4CC8-B169-1A189813514E}C:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{CC4C04DA-F5A4-4241-BA10-350903397661}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{3F29293B-5D3C-45AD-8614-A9E483ABC3A6}C:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe |
"UDP Query User{464AC7C3-7144-49B9-B6F2-1AAC3E68BDB8}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{6FF4DEB1-1A1D-4ADD-AE18-DBC082FFEC37}C:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{DE671AA4-6E71-430D-AD1A-FE34A34417D8}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{E0922CB7-D8F9-4A3F-A2B4-1201D6D809A8}C:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{EC9D70E0-90EE-47D0-837B-258412B13D92}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{FFC939BE-D69D-4FE6-A423-41A311E2FBFF}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}" = Windows Mobile-Gerätecenter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 30
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}" = SystemDiagnostics
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32180A3A-F7F0-4BD9-924A-B3A271DD35AE}" = Caillous Vorschule
"{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java(TM) SE Development Kit 6 Update 26
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011
"{373C3C97-2FA9-4E18-85A2-255060C21031}" = Nero 8 Essentials
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42B74521-4706-412A-9A27-AED12B83E886}" = Nokia Ovi Application Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56FDB311-6511-11DE-832F-0050560400B1}" = Haufe iDesk-Browser
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}" = Nokia Ovi Content Copier
"{64F974D4-135B-4BB9-9791-CD94AEBDAE5C}" = WGW Deutsch 1
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B56E0F8-762D-46F8-846D-D9609116997E}" = WGW Deutsch 3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D9B4C6B-7879-477A-B5EE-7DF068B91F34}" = PdfGrabber 5.0
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.1.2
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{93FFBCB3-9DC8-4807-8E2B-D36E9C18A289}" = WGW Deutsch 4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.0 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFC454ED-A26F-4816-826B-C35129D82E1F}" = Fujitsu Siemens Computers Recovery
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B4848E3A-A9B8-4091-A3A2-3941B9AABC5E}" = Logitech QuickCam
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB8CA439-DA83-419C-A4CF-5A0A50025144}" = Windows Mobile-Gerätecenter: Treiberupdate
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D07C4EDD-1E82-4D66-A2E9-2A819A9E8A0D}" = Kids entdecken den menschlichen Körper
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E024F0D3-63D6-4C2A-BB94-7667FB125822}" = WGW Deutsch 2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3DBED25-09EE-45FE-BE53-4B07B0CBA0FC}" = PC Connectivity Solution
"{EB5AE940-8E5D-11DE-992A-005056B12123}" = Haufe iDesk-Service
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F55CA27A-8C3C-4E7D-891B-D29FD3259A94}" = TAXMAN 2008
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}" = Nokia Ovi System Utilities
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Canon MG5100 series Benutzerregistrierung" = Canon MG5100 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Free Video Converter_is1" = Free Video Converter V 2.9
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"GSview 4.9" = GSview 4.9
"Hotkey Utility_is1" = Hotkey Utility
"IrfanView" = IrfanView (remove only)
"Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0
"Juniper Network Connect 7.0.0" = Juniper Networks Network Connect 7.0.0
"Launch Pad_is1" = Launch Pad 1.0.3
"lvdrivers_11.51" = Logitech QuickCam-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mathe Klasse 1 - 4" = Mathe Klasse 1 - 4
"meinHausplaner" = meinHausplaner
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MpcStar" = MpcStar 5.1
"MPE" = MyPhoneExplorer
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3011
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3011
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3018
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Power Manager_is1" = Power Manager 2.8.3
"PROSet" = Intel(R) Network Connections Drivers
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"RealPlayer 12.0" = RealPlayer
"Rgb2Cmyk_is1" = Rgb2Cmyk 1.3
"Scribus 1.3.3.13" = Scribus 1.3.3.13
"TomTom HOME" = TomTom HOME 2.7.3.1894
"VLC media player" = VLC media player 1.0.5
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
"Zahlenbuch 2" = Zahlenbuch 2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Jeliot 3.7.2 (powered by AIFB)" = Jeliot 3.7.2 (powered by AIFB)
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Octoshape Streaming Services" = Octoshape Streaming Services
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
[ OSession Events ]
Error - 05.05.2010 10:55:45 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 948
seconds with 900 seconds of active time. This session ended with a crash.
Error - 27.01.2011 06:03:18 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 10522 seconds with 120 seconds of active time. This session ended with a
crash.
Error - 18.02.2011 04:04:41 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 64754
seconds with 6660 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 21.02.2012 22:12:25 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.02.2012 22:12:55 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 21.02.2012 22:12:55 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.02.2012 22:13:24 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 21.02.2012 22:13:24 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.02.2012 22:13:51 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 21.02.2012 22:13:51 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.02.2012 22:14:24 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 21.02.2012 22:14:24 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.02.2012 19:41:05 | Computer Name = FamCaliebe-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.35 für die Netzwerkkarte mit der Netzwerkadresse
00140B6445F7 wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
< End of report >
[/code] |
|
23.02.2012, 16:34
| #38 |
| /// Helfer-Team | Programm kann Webseite nicht anzeigen...Trojaner ➊ Datensicherung: ► NUR Daten sichern, die nicht ausführbaren Dateien enthalten - Dateiendungen - Dies ist eine Liste von Dateiendungen, die Dateien mit ausführbarem Code bezeichnen können. - Vorsicht mit den schon vorhandenen Dateien auf die extern gespeicherten Daten und auch jetzt mit dem Virus infizierte Dateien eine Datensicherung anzufertigen - Am besten alles was dir sehr wichtig, separat (extern) sichern - nicht mischen eventuell früher geschicherten Daten, also vor dem Befall! - Eventuell gecrackte Software nicht sichern und dann auf neu aufgesetztem System wieder drauf installieren! - Vor zurückspielen - bevor du mit deinem PC direkt ins Netz gehst...: - die Autoplay-Funktion für alle Laufwerke deaktivieren/ausschalten -> Autorun/Autoplay gezielt für Laufwerkstypen oder -buchstaben abschalten Die auf eine externe Festplatte gesicherten Daten, gründlich zu scannen von einem suaberen System aus, am besten mit mehreren Scannern-> Kostenlose Online Scanner - Anleitung ➋ -> Anleitung: Neuaufsetzen des Systems + Absicherung -> Anleitung zum Neuaufsetzen - Windows XP, Vista und Win7 ➌ Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern z.B. Login-, Mail- oder Website-Passwörter Tipps: Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern) auch noch hier unter: Sicheres Kennwort (Password) Tipps & Hilfe: -> Anleitung: Neuaufsetzen des Systems + Absicherung -> Neuaufsetzen (Windows XP, Vista und Windows 7) - Anleitungen
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
| Themen zu Programm kann Webseite nicht anzeigen...Trojaner |
| abgesicherte, abgesicherten, andere, anzeige, arbeit, brenner, computer, fehlermeldung, fenster, funktionier, funktioniert, großes, leute, modus, neustart, problem, programm, recovery, reparieren, schonmal, starte, version., vista, vorgehen, webseite |
Linear-Darstellung
