| |
| |||||||
Log-Analyse und Auswertung: GMX-Account versendet Spam-Mails von meiner AdresseWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
23.07.2012, 09:50
| #1 |
| |  GMX-Account versendet Spam-Mails von meiner Adresse Hallo, ich bekam heute ein Mail von mehreren Bekannten(aus meinem gmx Adressbuch...), die mir sagten, dass ich ihnen einen Link geschickt hätte, der ihnen verdächtig vorkam und, den sie deshalb noch nicht geöffnet haben. Ich vermute, dass es mein gmx-Account ist, der die Mail ohne mein Wissen verschickt hat. Ich habe von einem anderen Computer aus gerade mein Passwort des Accounts geändert. (hatte ich hier in einem anderen Thread gelesen). Danke schon mal für's durchschauen, ich hoffe ich habe die ganzen logs richtig durchgeführt! Malwarebytes hat beim Quickscan nichts gefunden. Hier der Bericht: Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.23.03 Windows Vista Service Pack 1 x86 NTFS Internet Explorer 7.0.6001.18000 Maike :: MAIKE-PC [Administrator] Schutz: Aktiviert 23.07.2012 09:17:38 mbam-log-2012-07-23 (09-17-38).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 176978 Laufzeit: 4 Minute(n), 39 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Sollte ich noch einen Voll-scan durchführen? Die defogger-Suche ergab ebenfalls nichts. Hier die OTL-Ergebnisse: OTL-Text: OTL logfile created on: 23.07.2012 09:26:09 - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Maike\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 57,02% Memory free 6,21 Gb Paging File | 4,86 Gb Available in Paging File | 78,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222,75 Gb Total Space | 125,69 Gb Free Space | 56,43% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 5,71 Gb Free Space | 57,10% Space Free | Partition Type: NTFS Computer Name: MAIKE-PC | User Name: Maike | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.07.23 09:21:19 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Maike\Desktop\OTL.exe PRC - [2012.07.05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.07.03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.06.30 12:28:24 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\hidfind.exe PRC - [2008.06.30 12:28:14 | 000,196,608 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\Apoint.exe PRC - [2008.06.30 12:28:12 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApntEx.exe PRC - [2008.06.30 12:28:12 | 000,046,376 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApMsgFwd.exe PRC - [2008.06.26 13:10:06 | 000,442,467 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe PRC - [2008.06.26 13:10:00 | 000,221,273 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\stacsv.exe PRC - [2008.06.26 13:09:50 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\AEstSrv.exe PRC - [2008.06.03 15:54:56 | 000,446,635 | ---- | M] (Creative Technology Ltd.) -- C:\Programme\Dell Webcam\Dell Webcam Central\WebcamDell.exe PRC - [2008.04.28 16:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe PRC - [2008.03.11 12:44:38 | 000,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Programme\Dell Support Center\bin\sprtsvc.exe PRC - [2008.03.11 12:44:36 | 000,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Programme\Dell Support Center\bin\sprtcmd.exe PRC - [2008.02.08 15:18:16 | 001,804,840 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe PRC - [2008.02.08 15:18:16 | 000,752,168 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2008.01.21 04:24:49 | 000,299,520 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\ieuser.exe PRC - [2008.01.21 04:24:13 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe PRC - [2008.01.14 10:13:02 | 000,132,392 | ---- | M] (CyberLink Corp.) -- C:\Programme\Dell\MediaDirect\PCMService.exe PRC - [2007.10.03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007.10.03 15:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe ========== Modules (No Company Name) ========== MOD - [2012.07.16 03:22:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\dee800943eedfcd6120a7b56f0887fb0\System.Runtime.Remoting.ni.dll MOD - [2012.07.16 03:22:17 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\f8694104e62a8182b9fbbae0e5173fcf\System.Web.ni.dll MOD - [2012.07.16 03:21:55 | 005,451,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\898e41b30712906b3de438644a44c78f\System.Xml.ni.dll MOD - [2012.07.16 03:21:38 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f4fbd5c3aa0de64cce8f542b447a31a8\System.Windows.Forms.ni.dll MOD - [2012.07.16 03:21:29 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\54d1bb7213f94f2bfa67b0b560785220\System.Drawing.ni.dll MOD - [2012.07.16 03:20:26 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\a9288099fbc6849c6c7523745b4f64f4\System.ni.dll MOD - [2012.07.16 03:20:07 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a189480a53deaaf80a820de30553259b\mscorlib.ni.dll MOD - [2008.08.20 11:12:53 | 000,034,816 | ---- | M] () -- C:\Programme\Google\Google Desktop Search\gzlib.dll MOD - [2008.08.20 11:07:52 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3019.36912__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dl l MOD - [2008.08.20 11:07:52 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3019.36870__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2008.08.20 11:07:52 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3019.36924__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2008.08.20 11:07:52 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3019.37100__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2008.08.20 11:07:52 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3019.37065__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2008.08.20 11:07:52 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3019.36904__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2008.08.20 11:07:52 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3019.37022__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dl l MOD - [2008.08.20 11:07:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3019.36890__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime. dll MOD - [2008.08.20 11:07:51 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3019.37131__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2008.08.20 11:07:39 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3019.36884__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2008.08.20 11:07:38 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3019.37072__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2008.08.20 11:07:38 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3019.37130__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard. dll MOD - [2008.08.20 11:07:38 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3019.37137__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2008.08.20 11:07:38 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3019.37079__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2008.08.20 11:07:38 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3019.37071__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2008.08.20 11:07:38 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3019.37129__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2008.08.20 11:07:37 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3019.37030__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2008.08.20 11:07:37 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3019.36936__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashbo ard.dll MOD - [2008.08.20 11:07:37 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3019.37023__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2008.08.20 11:07:37 | 000,446,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3019.37015__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2008.08.20 11:07:37 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3019.36891__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashbo ard.dll MOD - [2008.08.20 11:07:37 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3019.37092__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2008.08.20 11:07:37 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3019.37058__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2008.08.20 11:07:37 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3019.36943__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2008.08.20 11:07:37 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3019.36930__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2008.08.20 11:07:37 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3019.37044__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashbo ard.dll MOD - [2008.08.20 11:07:37 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3019.37029__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2008.08.20 11:07:37 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3019.37022__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2008.08.20 11:07:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3019.36942__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime. dll MOD - [2008.08.20 11:07:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3019.37029__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2008.08.20 11:07:37 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3019.37044__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime. dll MOD - [2008.08.20 11:07:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3019.37058__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2008.08.20 11:07:36 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll MOD - [2008.08.20 11:07:36 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2008.08.20 11:07:36 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll MOD - [2008.08.20 11:07:36 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2008.08.20 11:07:36 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2008.08.20 11:07:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2008.08.20 11:07:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2008.08.20 11:07:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2008.08.20 11:07:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2008.08.20 11:07:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2008.08.20 11:07:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2008.08.20 11:07:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll MOD - [2008.08.20 11:07:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll MOD - [2008.08.20 11:07:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2008.08.20 11:07:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll MOD - [2008.08.20 11:07:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2008.08.20 11:07:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2008.08.20 11:07:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2008.08.20 11:07:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2008.08.20 11:07:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2008.08.20 11:07:36 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2008.08.20 11:07:35 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2008.08.20 11:07:35 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2008.08.20 11:07:35 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2008.08.20 11:07:35 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2008.08.20 11:07:35 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2008.08.20 11:07:35 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2008.08.20 11:07:35 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2008.08.20 11:07:35 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2008.08.20 11:07:35 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2008.08.20 11:07:35 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2939.23763__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2008.08.20 11:07:35 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dl l MOD - [2008.08.20 11:07:35 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2008.08.20 11:07:35 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dl l MOD - [2008.08.20 11:07:35 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2008.08.20 11:07:35 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dl l MOD - [2008.08.20 11:07:35 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll MOD - [2008.08.20 11:07:35 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2008.08.20 11:07:35 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2008.08.20 11:07:34 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll MOD - [2008.08.20 11:07:34 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2008.08.20 11:07:34 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2008.08.20 11:07:31 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3019.37147__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2008.08.20 11:07:30 | 001,511,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3019.36878__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2008.08.20 11:07:30 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3019.36897__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2008.08.20 11:07:30 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3019.37122__90ba9c70f846762e\MOM.Implementation.dll MOD - [2008.08.20 11:07:30 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3019.36862__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2008.08.20 11:07:30 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3019.36863__90ba9c70f846762e\ATIDEMOS.dll MOD - [2008.08.20 11:07:30 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3019.37121__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2008.08.20 11:07:30 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2008.08.20 11:07:30 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2008.08.20 11:07:30 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2008.08.20 11:07:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2008.08.20 11:07:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3019.37122__90ba9c70f846762e\CCC.Implementation.dll MOD - [2008.08.20 11:07:30 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2008.08.20 11:07:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2008.08.20 11:07:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2008.08.20 11:07:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2008.08.20 11:07:30 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll MOD - [2008.08.20 11:07:30 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3019.36862__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2008.08.20 11:07:29 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3019.36861__90ba9c70f846762e\APM.Server.dll MOD - [2008.08.20 11:07:29 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3019.36862__90ba9c70f846762e\AEM.Server.dll MOD - [2008.08.20 11:07:29 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2008.07.27 20:03:08 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2008.07.27 20:03:08 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2008.07.27 19:58:25 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2008.05.04 10:42:20 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2008.03.12 07:37:52 | 000,055,808 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll MOD - [2008.02.08 14:44:32 | 000,126,976 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll ========== Win32 Services (SafeList) ========== SRV - [2012.07.21 17:18:17 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.07.13 22:50:34 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.07.05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2008.08.20 11:19:38 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist) SRV - [2008.06.26 13:10:00 | 000,221,273 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\stacsv.exe -- (STacSV) SRV - [2008.06.26 13:09:50 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\AEstSrv.exe -- (AESTFilters) SRV - [2008.04.28 16:56:28 | 000,161,048 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService) SRV - [2008.03.11 12:44:38 | 000,202,544 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.10.03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2003.07.28 14:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012.07.03 18:21:53 | 000,057,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2008.06.30 12:28:10 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2008.06.26 13:10:08 | 000,380,928 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2008.05.04 10:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2008.05.04 10:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008.03.14 15:04:26 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir) DRV - [2008.03.12 07:37:46 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY) DRV - [2008.03.11 08:53:02 | 000,149,208 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd) DRV - [2008.03.11 08:53:00 | 000,277,624 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid) DRV - [2008.03.11 08:42:24 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM) DRV - [2008.03.11 08:24:46 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2008.03.11 08:24:44 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2008.03.11 08:24:42 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2008.01.21 04:23:25 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2) DRV - [2008.01.21 04:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DADE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=5080820 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=5080820 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DADE_deDE492 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.tagesschau.de/" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.13 20:11:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.21 17:18:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.21 17:18:18 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.13 19:14:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maike\AppData\Roaming\mozilla\Extensions [2012.07.14 19:16:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maike\AppData\Roaming\mozilla\Firefox\Profiles\podhavk4.default\extensions [2012.07.13 21:25:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.07.13 21:25:05 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.07.13 20:11:00 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2012.07.21 17:18:18 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.07.21 17:18:14 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.07.21 17:18:14 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.07.21 17:18:14 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.07.21 17:18:14 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.21 17:18:14 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.21 17:18:14 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://www.google.com CHR - homepage: hxxp://www.google.com CHR - Extension: YouTube = C:\Users\Maike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Maike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: No name found = C:\Users\Maike\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\ CHR - Extension: Google Mail = C:\Users\Maike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Dell\BAE\BAE.dll (Dell Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( ) O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( ) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll () O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 10.5.1) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 10.5.1) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D85255B3-4B2B-4E23-AA80-62C299780AA3}: DhcpNameServer = 10.72.0.68 10.72.0.69 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC3B6648-2010-43BD-92A1-34EAF5288E83}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Programme\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.) O24 - Desktop WallPaper: C:\Users\Maike\Pictures\ADSC_0911.JPG O24 - Desktop BackupWallPaper: C:\Users\Maike\Pictures\ADSC_0911.JPG O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.07.23 09:21:11 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Maike\Desktop\OTL.exe [2012.07.23 09:03:58 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Roaming\Malwarebytes [2012.07.23 09:03:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.07.23 09:03:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.07.23 09:03:49 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.07.23 09:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.07.23 08:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012.07.16 18:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4700 series [2012.07.16 18:41:04 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information [2012.07.16 18:40:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2012.07.15 19:39:41 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Local\Stardock_Corporation [2012.07.14 18:09:25 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Local\SupportSoft [2012.07.14 17:58:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell [2012.07.13 22:03:54 | 000,000,000 | ---D | C] -- C:\Users\Maike\.jordan [2012.07.13 22:03:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.07.13 21:57:37 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2012.07.13 21:51:10 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Local\Macromedia [2012.07.13 21:24:47 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Roaming\Skype [2012.07.13 21:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.07.13 21:24:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012.07.13 21:24:31 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012.07.13 21:24:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012.07.13 21:13:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012.07.13 21:13:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync [2012.07.13 21:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012.07.13 21:12:30 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012.07.13 21:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012.07.13 20:23:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012.07.13 20:12:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012.07.13 20:12:09 | 000,353,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2012.07.13 20:12:09 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2012.07.13 20:12:08 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2012.07.13 20:12:08 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2012.07.13 20:12:07 | 000,721,000 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2012.07.13 20:12:03 | 000,057,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2012.07.13 20:10:45 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012.07.13 20:10:44 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2012.07.13 20:10:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012.07.13 20:10:22 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012.07.13 19:37:42 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\yelle [2012.07.13 19:37:36 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\Video Converter [2012.07.13 19:37:36 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\TriKont Orga [2012.07.13 19:37:29 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\neuro summerschool [2012.07.13 19:37:11 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\Näherei! [2012.07.13 19:37:11 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\My Music [2012.07.13 19:37:10 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\My Digital Editions [2012.07.13 19:37:09 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\Kontoauszüge [2012.07.13 19:37:09 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\ICQ [2012.07.13 19:37:09 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\gegl-0.0 [2012.07.13 19:36:40 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\Französisch [2012.07.13 19:36:40 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\DVDVideoSoft [2012.07.13 19:36:37 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\bvmd [2012.07.13 19:36:37 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\Audible [2012.07.13 19:36:34 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\Abschlussbericht [2012.07.13 19:25:50 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Local\Adobe [2012.07.13 19:14:18 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Roaming\Mozilla [2012.07.13 19:14:18 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Local\Mozilla [2012.07.13 19:14:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.07.13 19:14:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2012.07.13 19:14:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012.07.13 19:12:07 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Roaming\Macromedia [2012.07.13 19:11:47 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Roaming\Adobe [2012.07.13 19:10:45 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Roaming\Google [2012.07.13 19:08:34 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Local\MigWiz [2012.07.13 19:07:46 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\Eigene Google Gadgets [2012.07.13 19:07:39 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Local\Google [2012.07.13 19:07:37 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Roaming\ATI [2012.07.13 19:07:37 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Local\ATI [2012.07.13 19:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012.07.13 19:07:36 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\Dell WebCam Central [2012.07.13 19:07:28 | 000,000,000 | ---D | C] -- C:\Users\Maike\Bluetooth Software [2012.07.13 19:07:28 | 000,000,000 | ---D | C] -- C:\Users\Maike\Documents\Bluetooth Exchange Folder [2012.07.13 19:07:12 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Local\MediaDirect [2012.07.13 19:06:52 | 000,000,000 | R--D | C] -- C:\Users\Maike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.07.13 19:06:51 | 000,000,000 | R--D | C] -- C:\Users\Maike\Searches [2012.07.13 19:06:41 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Roaming\Identities [2012.07.13 19:06:38 | 000,000,000 | R--D | C] -- C:\Users\Maike\Contacts [2012.07.13 19:06:01 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Roaming\Dell [2012.07.13 19:05:40 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Local\VirtualStore [2012.07.13 19:05:36 | 000,000,000 | --SD | C] -- C:\Users\Maike\AppData\Roaming\Microsoft [2012.07.13 19:05:36 | 000,000,000 | R--D | C] -- C:\Users\Maike\Videos [2012.07.13 19:05:36 | 000,000,000 | R--D | C] -- C:\Users\Maike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.07.13 19:05:36 | 000,000,000 | R--D | C] -- C:\Users\Maike\Saved Games [2012.07.13 19:05:36 | 000,000,000 | R--D | C] -- C:\Users\Maike\Pictures [2012.07.13 19:05:36 | 000,000,000 | R--D | C] -- C:\Users\Maike\Music [2012.07.13 19:05:36 | 000,000,000 | R--D | C] -- C:\Users\Maike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.07.13 19:05:36 | 000,000,000 | R--D | C] -- C:\Users\Maike\Links [2012.07.13 19:05:36 | 000,000,000 | R--D | C] -- C:\Users\Maike\Favorites [2012.07.13 19:05:36 | 000,000,000 | R--D | C] -- C:\Users\Maike\Downloads [2012.07.13 19:05:36 | 000,000,000 | R--D | C] -- C:\Users\Maike\Documents [2012.07.13 19:05:36 | 000,000,000 | R--D | C] -- C:\Users\Maike\Desktop [2012.07.13 19:05:36 | 000,000,000 | R--D | C] -- C:\Users\Maike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\Vorlagen [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\AppData\Local\Verlauf [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\AppData\Local\Temporary Internet Files [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\Startmenü [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\SendTo [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\Recent [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\Netzwerkumgebung [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\Lokale Einstellungen [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\Documents\Eigene Videos [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\Documents\Eigene Musik [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\Eigene Dateien [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\Documents\Eigene Bilder [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\Druckumgebung [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\Cookies [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\AppData\Local\Anwendungsdaten [2012.07.13 19:05:36 | 000,000,000 | -HSD | C] -- C:\Users\Maike\Anwendungsdaten [2012.07.13 19:05:36 | 000,000,000 | -H-D | C] -- C:\Users\Maike\AppData [2012.07.13 19:05:36 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Local\Temp [2012.07.13 19:05:36 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Local\Microsoft [2012.07.13 19:05:36 | 000,000,000 | ---D | C] -- C:\Users\Maike\AppData\Roaming\Media Center Programs [2012.07.13 19:01:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.07.13 19:01:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.07.13 19:01:50 | 000,000,000 | -HSD | C] -- C:\Programme [2012.07.13 19:01:50 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.07.13 19:01:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.07.13 19:01:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.07.13 19:01:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.07.13 19:01:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.07.13 19:01:50 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.07.13 19:01:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.07.13 19:01:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop [2012.07.13 19:01:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.07.13 19:01:16 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2012.07.23 09:27:46 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.07.23 09:21:19 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Maike\Desktop\OTL.exe [2012.07.23 09:18:47 | 000,000,000 | ---- | M] () -- C:\Users\Maike\defogger_reenable [2012.07.23 09:03:51 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.23 08:50:21 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.07.23 08:50:21 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.07.23 08:50:21 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.07.23 08:50:21 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.07.23 08:50:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.07.23 08:44:33 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.07.23 08:44:10 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.23 08:44:10 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.23 08:44:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.23 08:43:57 | 3219,103,744 | -HS- | M] () -- C:\hiberfil.sys [2012.07.22 23:10:18 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.07.15 20:49:26 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2012.07.15 14:50:42 | 000,021,504 | ---- | M] () -- C:\Users\Maike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.07.14 18:01:31 | 000,283,392 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.07.13 21:24:37 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.07.13 21:13:51 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI [2012.07.13 20:23:47 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012.07.13 20:12:10 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012.07.13 20:12:03 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2012.07.13 19:14:14 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.07.13 19:00:15 | 000,060,826 | ---- | M] () -- C:\Windows\System32\license.rtf [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2012.07.03 18:21:53 | 000,057,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2012.07.03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2012.07.03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys ========== Files Created - No Company Name ========== [2012.07.23 09:18:47 | 000,000,000 | ---- | C] () -- C:\Users\Maike\defogger_reenable [2012.07.23 09:03:51 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.15 20:49:26 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2012.07.14 00:52:56 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2012.07.14 00:52:56 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2012.07.14 00:52:51 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex [2012.07.14 00:36:37 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs [2012.07.14 00:36:37 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml [2012.07.14 00:36:37 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl [2012.07.13 22:14:01 | 000,021,504 | ---- | C] () -- C:\Users\Maike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.07.13 21:50:21 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.07.13 21:24:37 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012.07.13 21:13:51 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2012.07.13 20:23:47 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012.07.13 20:21:03 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf [2012.07.13 20:12:22 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.07.13 20:12:21 | 000,001,092 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.07.13 20:12:10 | 000,001,831 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012.07.13 19:37:58 | 000,140,081 | ---- | C] () -- C:\Users\Maike\Documents\zweiwohnsitz anmeldung.pdf [2012.07.13 19:37:55 | 020,533,281 | ---- | C] () -- C:\Users\Maike\Documents\vlc-1.1.9-win32.exe [2012.07.13 19:37:54 | 000,244,374 | ---- | C] () -- C:\Users\Maike\Documents\ticket emsa.pdf [2012.07.13 19:37:54 | 000,110,929 | ---- | C] () -- C:\Users\Maike\Documents\tans uni 2011.pdf [2012.07.13 19:37:54 | 000,099,614 | ---- | C] () -- C:\Users\Maike\Documents\stammdatenauszug ws 2011.pdf [2012.07.13 19:37:54 | 000,067,361 | ---- | C] () -- C:\Users\Maike\Documents\tumblr_lyngtdyymY1qewacoo1_500.jpg [2012.07.13 19:37:54 | 000,047,501 | ---- | C] () -- C:\Users\Maike\Documents\studienzeitbescheinigung.pdf [2012.07.13 19:37:53 | 000,053,413 | ---- | C] () -- C:\Users\Maike\Documents\regal2.JPG [2012.07.13 19:37:53 | 000,047,520 | ---- | C] () -- C:\Users\Maike\Documents\maike rentenbesch.pdf [2012.07.13 19:37:53 | 000,047,211 | ---- | C] () -- C:\Users\Maike\Documents\maike immatri.pdf [2012.07.13 19:37:53 | 000,046,540 | ---- | C] () -- C:\Users\Maike\Documents\regal.JPG [2012.07.13 19:37:53 | 000,024,914 | ---- | C] () -- C:\Users\Maike\Documents\Maike Johanna Fotos 0512.jpg [2012.07.13 19:37:53 | 000,020,261 | ---- | C] () -- C:\Users\Maike\Documents\Protokoll äth.25.2..odt [2012.07.13 19:37:53 | 000,013,818 | ---- | C] () -- C:\Users\Maike\Documents\kündigen 2.odt [2012.07.13 19:37:52 | 002,614,559 | ---- | C] () -- C:\Users\Maike\Documents\IMG_0066.JPG [2012.07.13 19:37:52 | 000,338,384 | ---- | C] () -- C:\Users\Maike\Documents\imma WS10.pdf [2012.07.13 19:37:52 | 000,255,711 | ---- | C] () -- C:\Users\Maike\Documents\Infopaket_Erstsemester_HM_WiSe0809.pdf [2012.07.13 19:37:52 | 000,194,533 | ---- | C] () -- C:\Users\Maike\Documents\jungs.jpg [2012.07.13 19:37:52 | 000,105,885 | ---- | C] () -- C:\Users\Maike\Documents\Ihre Alice Bestellung.pdf [2012.07.13 19:37:52 | 000,099,109 | ---- | C] () -- C:\Users\Maike\Documents\imma ws 2011.pdf [2012.07.13 19:37:52 | 000,099,104 | ---- | C] () -- C:\Users\Maike\Documents\imma ss11.pdf [2012.07.13 19:37:52 | 000,098,956 | ---- | C] () -- C:\Users\Maike\Documents\imma ss12.pdf [2012.07.13 19:37:52 | 000,047,231 | ---- | C] () -- C:\Users\Maike\Documents\immatrikulationsbescheinigungWise 09.pdf [2012.07.13 19:37:52 | 000,047,225 | ---- | C] () -- C:\Users\Maike\Documents\imma_ss10.pdf [2012.07.13 19:37:51 | 003,062,743 | ---- | C] () -- C:\Users\Maike\Documents\certificate emsa.JPG [2012.07.13 19:37:51 | 000,092,835 | ---- | C] () -- C:\Users\Maike\Documents\Famulaturbestätigung.pdf [2012.07.13 19:37:51 | 000,012,312 | ---- | C] () -- C:\Users\Maike\Documents\cc_20110827_152325.reg [2012.07.13 19:37:51 | 000,009,445 | ---- | C] () -- C:\Users\Maike\Documents\französische musik.odt [2012.07.13 19:37:50 | 000,693,678 | ---- | C] () -- C:\Users\Maike\Documents\BuKo-Aachen_Maike_Kusenbach.pdf [2012.07.13 19:37:50 | 000,377,619 | ---- | C] () -- C:\Users\Maike\Documents\butter paneer masala.pdf [2012.07.13 19:37:50 | 000,075,799 | ---- | C] () -- C:\Users\Maike\Documents\basics.pdf [2012.07.13 19:37:50 | 000,029,150 | ---- | C] () -- C:\Users\Maike\Documents\9782356413130_hq_0002.wma [2012.07.13 19:37:50 | 000,029,146 | ---- | C] () -- C:\Users\Maike\Documents\9782356413130_hq_0001.wma [2012.07.13 19:14:14 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.07.13 19:14:13 | 000,000,860 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.07.13 19:06:55 | 000,000,951 | ---- | C] () -- C:\Users\Maike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.07.13 19:06:49 | 000,000,946 | ---- | C] () -- C:\Users\Maike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2012.07.13 19:06:36 | 000,000,917 | ---- | C] () -- C:\Users\Maike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk [2012.07.13 18:59:11 | 3219,103,744 | -HS- | C] () -- C:\hiberfil.sys ========== LOP Check ========== [2012.07.22 23:10:18 | 000,013,202 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Extra-text: OTL Extras logfile created on: 23.07.2012 09:26:09 - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Maike\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 57,02% Memory free 6,21 Gb Paging File | 4,86 Gb Available in Paging File | 78,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222,75 Gb Total Space | 125,69 Gb Free Space | 56,43% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 5,71 Gb Free Space | 57,10% Space Free | Partition Type: NTFS Computer Name: MAIKE-PC | User Name: Maike | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{4D7980B7-79D6-4AD6-8AB4-D866914D136B}" = protocol=6 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe | "{53188800-E581-4A1B-980F-07447B501121}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe | "{7D9BCE33-ED1C-4B1E-A016-FFD020041C25}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe | "{A162D18C-F19A-43DE-9222-D7028F77D726}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{D1EA2915-60B4-4D83-9752-902B68FAEA66}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe | "{DC3BB188-46D6-43A4-8DF2-CBD9E801E179}" = protocol=17 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe | "{E547C262-F7E0-48A3-A1D6-644E1A2A132A}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.4400 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{05A677ED-F6EB-C225-0852-C8EDA143F637}" = Catalyst Control Center Core Implementation "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series" = Canon iP4700 series Printer Driver "{1339C679-8EBD-A264-F51B-8AFF9E5178AB}" = Catalyst Control Center Localization Chinese Standard "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{33D38429-A417-2939-F2ED-68B02C60524B}" = CCC Help Italian "{348982C0-1053-041B-90E9-27E52C5CBAC4}" = Catalyst Control Center Localization Chinese Traditional "{3683198D-D48D-8F78-D544-E0CEEDA9A5AD}" = Catalyst Control Center Localization Norwegian "{39874C29-6A64-A5E4-15E8-48CAB1630758}" = Catalyst Control Center Graphics Full New "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{497CDC20-F32E-B732-D5A7-C508832901B1}" = Catalyst Control Center Localization Italian "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CA09BF7-1CFC-44B8-80EA-7B4D15D12DC5}" = Catalyst Control Center - Branding "{4E8B4C51-20A4-A946-F2FD-361E1E64CBFE}" = Catalyst Control Center Localization Dutch "{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector "{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module "{66E07661-1C3B-EBB3-DDD7-CA2D9CF728E5}" = CCC Help Chinese Standard "{67192DDF-D12C-7C14-0891-1999A8322D9A}" = ccc-core-static "{693C5CAC-E43C-4A5F-0793-DB1A91576F00}" = Catalyst Control Center Localization Swedish "{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs "{6BA2D1B0-0892-AF53-1542-767C1B1B558F}" = CCC Help German "{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module "{706136D4-648C-92B9-FF9E-BDAC45C977CB}" = CCC Help Norwegian "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{732784F2-BBB3-AF93-F0F8-2B28D93F023E}" = Catalyst Control Center Localization Finnish "{75554025-5756-D2A8-E12A-3996A174E1AF}" = Catalyst Control Center Localization German "{7842F022-6597-76DA-4DE4-DA3FBD82ECF2}" = Skins "{7A4CE9D2-DC5E-4B5B-0ED2-A2F66E76DD52}" = CCC Help Russian "{7BE855E5-8130-A624-1C47-D5EB13FA6DF2}" = Catalyst Control Center Graphics Previews Vista "{7D712AFE-2D7C-13B8-DEB7-BA8A28FED665}" = Catalyst Control Center Localization Danish "{7E00AAF2-89F3-F7FC-A8F2-8C651449671E}" = CCC Help English "{828816F4-629A-233E-DB02-A6F8BD004643}" = Catalyst Control Center Localization Portuguese "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90601456-1F28-AD6C-C1CE-740526D3BC27}" = Catalyst Control Center Localization French "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{975F5675-8FC8-04A8-92CD-4653BD12282F}" = CCC Help French "{97900633-AADE-35DC-A424-21380BFC5431}" = Catalyst Control Center Graphics Previews Common "{98C948A6-5498-9DEE-BA4C-74B0A96CB521}" = CCC Help Danish "{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{A7969E95-7E39-A1AC-2D6F-85531D8A371D}" = CCC Help Japanese "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9C78107-7CBC-B05B-083B-562FA9C1EA0B}" = CCC Help Portuguese "{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BB883D70-5B1D-9430-E626-7F495925590D}" = Catalyst Control Center Localization Spanish "{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet "{C49E407D-A6A0-6F9A-767D-67387EF5523F}" = CCC Help Finnish "{CBF91610-C661-3464-8831-DA8AE2589DB9}" = Catalyst Control Center Localization Japanese "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D2DB5404-378B-2821-513E-A8F230A0E948}" = ccc-utility "{D5D92C28-42FB-5E24-DBFA-07232A50D670}" = CCC Help Dutch "{D9DD6E03-ACE1-2503-205E-4FA74267CDC6}" = CCC Help Spanish "{DB549485-9D94-E7AE-2FE7-DCB33A54FBD7}" = Catalyst Control Center Localization Russian "{DE200E10-45BD-E11E-EC8E-1DAD80EF8EA9}" = Catalyst Control Center Graphics Full Existing "{DEF19AE8-B330-CF2A-AEAA-1E23BBBC7B00}" = CCC Help Chinese Traditional "{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center "{E5BE4931-F31C-2BA0-F06E-4FEC56725673}" = CCC Help Swedish "{EC2C71BB-42DF-6F53-FB23-F7B3B160467B}" = Catalyst Control Center Graphics Light "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F1465B68-4D9A-D412-2528-4F84A681F15C}" = Catalyst Control Center Localization Korean "{F1E18790-4053-4031-483B-80E932CE3910}" = CCC Help Korean "{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver "{FD023F61-65E9-465C-B558-7C64EB2B97E6}" = Dell Handbuch zum Einstieg "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Advanced Audio FX Engine" = Advanced Audio FX Engine "avast" = avast! Free Antivirus "Broadcom 802.11b Network Adapter" = Dienstprogramm für Dell Wireless WLAN Karte "Creative OA001" = Integrated Webcam Driver (1.00.08.0216) "Dell Video Chat" = Dell Video Chat (remove only) "Dell Webcam Central" = Dell Webcam Central "ESET Online Scanner" = ESET Online Scanner v3 "Google Chrome" = Google Chrome "Google Desktop" = Google Desktop "GoToAssist" = GoToAssist 8.0.0.514 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 14.07.2012 16:40:34 | Computer Name = Maike-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung AUDIODG.EXE, Version 6.0.6001.18000, Zeitstempel 0x47919284, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0xb80000ff, Prozess-ID 0x544, Anwendungsstartzeit 01cd620048ee2aef. Error - 14.07.2012 17:42:21 | Computer Name = Maike-PC | Source = WinMgmt | ID = 10 Description = Error - 14.07.2012 21:02:14 | Computer Name = Maike-PC | Source = WinMgmt | ID = 10 Description = Error - 15.07.2012 02:45:02 | Computer Name = Maike-PC | Source = WinMgmt | ID = 10 Description = Error - 15.07.2012 05:21:34 | Computer Name = Maike-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung AUDIODG.EXE, Version 6.0.6001.18000, Zeitstempel 0x47919284, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0xb80000ff, Prozess-ID 0x528, Anwendungsstartzeit 01cd626b0d9747d3. Error - 15.07.2012 05:22:00 | Computer Name = Maike-PC | Source = WinMgmt | ID = 10 Description = Error - 15.07.2012 07:52:21 | Computer Name = Maike-PC | Source = WinMgmt | ID = 10 Description = Error - 15.07.2012 21:02:16 | Computer Name = Maike-PC | Source = WinMgmt | ID = 10 Description = Error - 15.07.2012 21:19:19 | Computer Name = Maike-PC | Source = WinMgmt | ID = 10 Description = Error - 17.07.2012 02:05:05 | Computer Name = Maike-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 13.07.2012 19:09:38 | Computer Name = Maike-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Error - 14.07.2012 12:01:45 | Computer Name = Maike-PC | Source = HTTP | ID = 15016 Description = Error - 14.07.2012 12:03:05 | Computer Name = Maike-PC | Source = Service Control Manager | ID = 7024 Description = Error - 14.07.2012 12:03:05 | Computer Name = Maike-PC | Source = Service Control Manager | ID = 7031 Description = Error - 14.07.2012 12:47:38 | Computer Name = Maike-PC | Source = Service Control Manager | ID = 7030 Description = Error - 14.07.2012 15:28:36 | Computer Name = Maike-PC | Source = BTHUSB | ID = 327697 Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen. Error - 14.07.2012 16:36:01 | Computer Name = Maike-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am 14.07.2012 um 21:32:32 unerwartet heruntergefahren. Error - 14.07.2012 16:36:06 | Computer Name = Maike-PC | Source = HTTP | ID = 15016 Description = Error - 14.07.2012 17:02:54 | Computer Name = Maike-PC | Source = BTHUSB | ID = 327697 Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen. Error - 14.07.2012 17:41:47 | Computer Name = Maike-PC | Source = HTTP | ID = 15016 Description = < End of report > Den GEMR-log hänge ich als Anhang an. |
| Themen zu GMX-Account versendet Spam-Mails von meiner Adresse |
| administrator, adobe, antivirus, audiodg.exe, autorun, avast, bho, canon, computer, defender, error, euro, excel, explorer, firefox, flash player, format, gmx-account, google, heuristiks/extra, heuristiks/shuriken, home, install.exe, intranet, logfile, mozilla, pdf, plug-in, registry, rundll, searchscopes, security, software, vista, wlan. |
Baum-Darstellung