| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Diese Webseite kann nicht angezeigt werden / Desktop gesperrtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
28.07.2012, 20:05
| #1 |
| |  Diese Webseite kann nicht angezeigt werden / Desktop gesperrt Hallo habe das Problem seit gestern. Habe mir ein Video im Internet angeguckt und schwups ging nichts mehr. Habe immer einen weißen Bildschirm mit der Fehlermeldung "Diese Webseite kann nicht angezeigt werden" und kann auf nichts zugreifen. Der Task-Manager stürzt auch immer wieder ab. Habe allerdings Zugriff auf den abgesicherten Modus mit Netzwerktreibern. Habe die drei Programme, die ihr vorgeschlagen habt, schon durchlaufen lassen. (OTL, Gmer, und Defogger) Hier der Text von Gmer: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-07-28 20:41:09
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2 ST9320320AS rev.0303
Running: q3jpor2d.exe; Driver: C:\Users\Nadine\AppData\Local\Temp\kxlirkoc.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs tdrpm251.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \FileSystem\Ntfs \Ntfs AsDsm.sys (Data Security Manager Driver/Windows (R) Codename Longhorn DDK provider)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 tdrpm251.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 tdrpm251.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 tdrpm251.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 tdrpm251.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat tdrpm251.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \FileSystem\fastfat \Fat AsDsm.sys (Data Security Manager Driver/Windows (R) Codename Longhorn DDK provider)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001bdc0f66b1
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001bdc0f66b1 (not active ControlSet)
---- Files - GMER 1.0.15 ----
File C:\ADSM_PData_0150 0 bytes
File C:\ADSM_PData_0150\DB 0 bytes
File C:\ADSM_PData_0150\DB\SI.db 624 bytes
File C:\ADSM_PData_0150\DB\UL.db 16 bytes
File C:\ADSM_PData_0150\DB\VL.db 16 bytes
File C:\ADSM_PData_0150\DB\_avt 512 bytes
File C:\ADSM_PData_0150\DragWait.exe 253952 bytes executable
File C:\ADSM_PData_0150\_avt 512 bytes
File C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86 0 bytes
File C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86\AsDsm.sys 29752 bytes executable
File C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86\_avt 512 bytes
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter OTL logfile created on: 28.07.2012 19:47:29 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Nadine\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 82,20% Memory free 6,19 Gb Paging File | 5,88 Gb Available in Paging File | 94,93% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 149,04 Gb Total Space | 96,94 Gb Free Space | 65,04% Space Free | Partition Type: NTFS Drive D: | 137,33 Gb Total Space | 52,55 Gb Free Space | 38,27% Space Free | Partition Type: NTFS Computer Name: NADINE-LAPTOP | User Name: Nadine | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.07.28 19:41:08 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Nadine\Desktop\OTL.exe PRC - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe ========== Modules (No Company Name) ========== MOD - [2008.02.12 21:50:40 | 000,688,128 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll MOD - [2007.06.15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll MOD - [2007.06.02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll ========== Win32 Services (SafeList) ========== SRV - [2012.07.27 07:32:59 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.07.05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012.06.29 15:19:00 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.06.25 15:07:34 | 000,184,848 | ---- | M] (Nitro PDF Software) [Auto | Stopped] -- C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe -- (NitroReaderDriverReadSpool2) SRV - [2012.05.08 16:06:31 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.08 16:06:21 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.03.26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.07.24 18:33:03 | 002,326,920 | ---- | M] (Acronis) [Auto | Stopped] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv) SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009.09.12 18:09:44 | 000,660,936 | ---- | M] (Acronis) [Auto | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2008.03.18 06:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2007.08.08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2007.08.03 21:24:54 | 000,125,496 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr) SRV - [2007.05.18 11:31:16 | 000,073,728 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService) SRV - [2007.02.06 03:13:14 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTSTOR.SYS -- (RTSTOR) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2012.05.08 16:06:32 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.05.08 16:06:32 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.03.20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2011.10.19 17:56:50 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011.07.24 18:33:04 | 000,159,168 | ---- | M] (Acronis) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp) DRV - [2011.07.24 18:32:59 | 000,902,432 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tdrpm251.sys -- (tdrpman251) DRV - [2011.07.24 18:32:57 | 000,570,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\timntr.sys -- (timounter) DRV - [2011.07.24 18:32:48 | 000,157,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\snapman.sys -- (snapman) DRV - [2010.06.17 16:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.09.05 15:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008.10.09 16:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV - [2008.06.10 18:35:54 | 003,839,488 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008.06.03 08:41:52 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2008.05.29 19:21:02 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby) DRV - [2008.05.13 08:35:24 | 001,772,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) DRV - [2008.03.21 06:13:00 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2007.08.11 05:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm) DRV - [2007.08.03 06:26:22 | 000,020,936 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio) DRV - [2007.07.24 20:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP) DRV - [2007.06.20 05:12:18 | 000,047,616 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH) DRV - [2006.12.14 09:11:58 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2006.11.02 09:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=00f760dc-579e-43b1-ae17-bcb0c69137be&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=FR&userid=00f760dc-579e-43b1-ae17-bcb0c69137be&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=FR&userid=00f760dc-579e-43b1-ae17-bcb0c69137be&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=FR&userid=00f760dc-579e-43b1-ae17-bcb0c69137be&affid=111583&searchtype=hp&babsrc=lnkry_nt IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=FR&userid=00f760dc-579e-43b1-ae17-bcb0c69137be&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=FR&userid=00f760dc-579e-43b1-ae17-bcb0c69137be&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=FR&userid=00f760dc-579e-43b1-ae17-bcb0c69137be&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100467&mntrId=0083f68400000000000000224379dc00 IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "Elf 1.12 Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.8&q=" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "google.de" FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.6 FF - prefs.js..extensions.enabledItems: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c}:2.5.6.0 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 FF - prefs.js..extensions.enabledItems: {38542454-dfb6-44f5-b052-d4e071a3d073}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2857572&SearchSource=3&q={searchTerms}" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( ) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.25 20:50:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.29 15:19:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.25 20:25:56 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.29 15:19:03 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.25 20:25:56 | 000,000,000 | ---D | M] [2011.07.24 20:01:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nadine\AppData\Roaming\mozilla\Extensions [2012.07.25 22:20:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nadine\AppData\Roaming\mozilla\Firefox\Profiles\fv0tvdcp.default\extensions [2011.07.25 19:01:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Nadine\AppData\Roaming\mozilla\Firefox\Profiles\fv0tvdcp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.07.25 22:20:49 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Nadine\AppData\Roaming\mozilla\Firefox\Profiles\fv0tvdcp.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012.01.17 17:27:51 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Nadine\AppData\Roaming\mozilla\Firefox\Profiles\fv0tvdcp.default\extensions\ffxtlbr@babylon.com [2012.04.25 20:45:58 | 000,000,000 | ---D | M] (loadtbs) -- C:\Users\Nadine\AppData\Roaming\mozilla\Firefox\Profiles\fv0tvdcp.default\extensions\software@loadtubes.com [2012.07.02 16:12:12 | 000,000,853 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\11-suche.xml [2010.12.02 09:07:28 | 000,000,919 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\conduit.xml [2012.07.02 16:12:11 | 000,002,209 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\englische-ergebnisse.xml [2012.07.02 16:12:11 | 000,010,506 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\gmx-suche.xml [2012.07.15 16:53:18 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-1.xml [2010.04.04 18:09:35 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-10.xml [2010.06.24 15:14:03 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-11.xml [2010.06.29 18:14:00 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-12.xml [2010.07.28 19:12:05 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-13.xml [2010.09.09 21:07:43 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-14.xml [2010.09.18 10:44:07 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-15.xml [2010.10.24 17:00:48 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-16.xml [2010.10.31 15:09:00 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-17.xml [2010.12.11 18:22:12 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-18.xml [2010.12.29 14:02:35 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-19.xml [2009.04.29 06:17:11 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-2.xml [2011.03.05 13:35:26 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-20.xml [2011.03.24 18:01:29 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-21.xml [2011.04.27 21:36:40 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-22.xml [2011.05.01 21:49:30 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-23.xml [2011.07.25 19:10:05 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-24.xml [2011.08.21 23:24:24 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-25.xml [2011.09.01 18:17:31 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-26.xml [2011.09.07 22:56:11 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-27.xml [2011.10.04 21:15:47 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-28.xml [2011.11.14 18:06:30 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-29.xml [2009.06.13 12:05:23 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-3.xml [2012.01.12 21:15:49 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-30.xml [2012.02.05 19:40:27 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-31.xml [2012.02.14 15:25:52 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-32.xml [2012.02.22 19:32:01 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-33.xml [2012.03.21 19:11:17 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-34.xml [2012.05.09 21:30:27 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-35.xml [2012.06.29 15:19:23 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-36.xml [2012.07.15 17:46:01 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-37.xml [2009.07.25 10:23:05 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-4.xml [2009.08.05 15:41:59 | 000,000,656 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-5.xml [2009.09.11 21:43:34 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-6.xml [2009.10.29 20:55:18 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-7.xml [2010.03.14 12:34:34 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-8.xml [2010.03.27 13:50:25 | 000,000,950 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin-9.xml [2012.07.24 14:48:30 | 000,000,168 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin.gif [2012.07.24 14:48:30 | 000,000,618 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin.src [2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\icqplugin.xml [2012.07.02 16:12:12 | 000,002,368 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\lastminute.xml [2011.05.04 21:59:00 | 000,003,915 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\SweetIM Search.xml [2012.07.25 17:21:53 | 000,002,474 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\Web Search.xml [2012.07.02 16:12:11 | 000,005,489 | ---- | M] () -- C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\fv0tvdcp.default\searchplugins\webde-suche.xml [2012.07.22 15:08:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2012.07.22 15:08:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.01.12 17:27:04 | 000,211,765 | ---- | M] () (No name found) -- C:\USERS\NADINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FV0TVDCP.DEFAULT\EXTENSIONS\{89506680-E3F4-484C-A2C0-ED711D481EDA}.XPI [2012.07.02 16:12:00 | 000,575,217 | ---- | M] () (No name found) -- C:\USERS\NADINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FV0TVDCP.DEFAULT\EXTENSIONS\TOOLBAR@GMX.NET.XPI [2012.06.29 15:19:02 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.02.27 20:51:44 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012.02.15 16:48:02 | 000,378,880 | ---- | M] (InfiniAd GmbH) -- C:\Program Files\mozilla firefox\plugins\npmieze.dll [2012.06.29 15:18:54 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.08.21 22:39:31 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012.06.29 15:18:54 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.06.29 15:18:54 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.06.29 15:18:54 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.29 15:18:54 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.29 15:18:54 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (ICQ Sparberater) - {5A0D6E4B-B0DF-4148-8B1E-F7A430FF5E24} - C:\Program Files\icq\Internet Explorer\icq.dll (solute gmbh) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3 - HKLM\..\Toolbar: (loadtbs) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - C:\Users\Nadine\AppData\Roaming\loadtbs\toolbar.dll (InfiniAd GmbH) O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe () O4 - HKLM..\Run: [ASUSTPE] C:\Windows\System32\ASUSTPE.exe (ASUS) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [dcllyoreexqiymw] C:\ProgramData\dcllyore.exe () O4 - Startup: C:\Users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CNET TechTracker.lnk = C:\Users\Nadine\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4573FF26-4D74-4C58-B69B-5140A1CC1B1D}: DhcpNameServer = 172.16.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7E24C71-D0A3-4E1E-9BF1-B64422C5E1EA}: DhcpNameServer = 172.16.0.1 O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Nadine\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Nadine\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.07.28 19:46:36 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Nadine\Desktop\OTL.exe [2012.07.27 19:04:54 | 000,000,000 | ---D | C] -- C:\ProgramData\ypfpgfzmewjhjiv [2012.07.22 15:06:53 | 000,000,000 | ---D | C] -- C:\Users\Nadine\AppData\Roaming\Skype [2012.07.22 15:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.07.22 15:06:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012.07.22 15:06:27 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012.07.22 15:06:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012.07.15 17:50:58 | 000,000,000 | ---D | C] -- C:\Users\Nadine\AppData\Roaming\Nitro PDF [2012.07.15 17:50:36 | 000,027,152 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalmon2.dll [2012.07.15 17:50:36 | 000,018,448 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalui2.dll [2012.07.15 17:50:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro PDF [2012.07.15 17:50:09 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro PDF [2012.07.15 17:50:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro PDF [2012.07.15 17:48:15 | 000,000,000 | ---D | C] -- C:\Users\Nadine\AppData\Roaming\Downloaded Installations [2012.07.15 17:31:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [2012.07.15 17:31:27 | 000,000,000 | ---D | C] -- C:\Users\Nadine\AppData\Roaming\pdfforge [2012.07.15 17:31:12 | 000,081,920 | ---- | C] (pdfforge GbR) -- C:\Windows\System32\pdfcmon.dll [2012.07.15 17:31:06 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator [2012.07.15 17:31:06 | 000,000,000 | ---D | C] -- C:\Users\Nadine\AppData\Roaming\OpenCandy [2012.07.15 16:50:47 | 000,000,000 | ---D | C] -- C:\Users\Nadine\Desktop\Bewerbung ========== Files - Modified Within 30 Days ========== [2012.07.28 19:43:16 | 000,302,592 | ---- | M] () -- C:\Users\Nadine\Desktop\q3jpor2d.exe [2012.07.28 19:43:16 | 000,001,356 | ---- | M] () -- C:\Users\Nadine\AppData\Local\d3d9caps.dat [2012.07.28 19:41:08 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Nadine\Desktop\OTL.exe [2012.07.28 19:40:06 | 000,000,000 | ---- | M] () -- C:\Users\Nadine\defogger_reenable [2012.07.28 19:39:04 | 000,050,477 | ---- | M] () -- C:\Users\Nadine\Desktop\Defogger.exe [2012.07.28 19:25:15 | 000,673,774 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.07.28 19:25:15 | 000,634,464 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.07.28 19:25:15 | 000,145,810 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.07.28 19:25:15 | 000,119,990 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.07.28 19:20:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.28 19:17:18 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.28 19:17:18 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.28 18:29:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.07.28 18:24:22 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2012.07.28 11:32:07 | 000,002,379 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.07.27 19:04:59 | 000,000,051 | ---- | M] () -- C:\ProgramData\bhbkzkxrwjoiejd [2012.07.27 19:04:44 | 000,061,440 | ---- | M] () -- C:\ProgramData\dcllyore.exe [2012.07.27 07:55:04 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.07.26 23:27:58 | 000,013,312 | ---- | M] () -- C:\Users\Nadine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.07.26 00:23:58 | 000,000,843 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FILSHtray.lnk [2012.07.25 18:03:55 | 000,002,631 | ---- | M] () -- C:\Users\Nadine\Desktop\Microsoft Office Word 2007.lnk [2012.07.16 20:14:08 | 000,372,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.07.05 13:02:30 | 000,081,920 | ---- | M] (pdfforge GbR) -- C:\Windows\System32\pdfcmon.dll ========== Files Created - No Company Name ========== [2012.07.28 19:46:36 | 000,302,592 | ---- | C] () -- C:\Users\Nadine\Desktop\q3jpor2d.exe [2012.07.28 19:46:36 | 000,050,477 | ---- | C] () -- C:\Users\Nadine\Desktop\Defogger.exe [2012.07.28 19:40:06 | 000,000,000 | ---- | C] () -- C:\Users\Nadine\defogger_reenable [2012.07.27 19:04:59 | 000,061,440 | ---- | C] () -- C:\ProgramData\dcllyore.exe [2012.07.27 19:04:46 | 000,000,051 | ---- | C] () -- C:\ProgramData\bhbkzkxrwjoiejd [2012.07.26 00:23:58 | 000,000,843 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FILSHtray.lnk [2012.07.22 15:06:37 | 000,002,379 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012.07.15 17:50:29 | 000,001,872 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 2.lnk [2012.02.07 18:37:34 | 000,001,356 | ---- | C] () -- C:\Users\Nadine\AppData\Local\d3d9caps.dat [2011.10.14 16:48:50 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2011.08.10 14:30:41 | 000,013,312 | ---- | C] () -- C:\Users\Nadine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.07.25 19:47:05 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2011.07.25 19:47:05 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2011.07.25 02:36:11 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe [2011.07.25 02:30:37 | 000,033,136 | ---- | C] () -- C:\Windows\ASScrPro.exe [2011.07.25 02:30:26 | 000,047,672 | ---- | C] () -- C:\Windows\AsScrProlog.exe [2011.07.25 00:07:05 | 000,081,920 | ---- | C] () -- C:\Windows\PGMONITOR.EXE [2011.07.25 00:06:52 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2011.07.25 00:06:52 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2011.07.25 00:06:51 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011.07.25 00:06:50 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe [2011.07.25 00:05:19 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2011.07.25 00:03:01 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys [2011.07.25 00:02:19 | 001,772,544 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2011.07.25 00:02:19 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll [2011.07.25 00:02:19 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2011.07.25 00:02:19 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [2011.07.24 23:34:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.07.24 23:12:37 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2011.07.24 20:55:35 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.07.02 04:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll [2008.05.22 18:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg ========== LOP Check ========== [2011.08.21 22:38:08 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\Babylon [2011.08.28 17:14:44 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\Canneverbe Limited [2011.08.21 22:43:17 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\CBS Interactive [2012.07.15 17:48:15 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\Downloaded Installations [2012.04.15 14:47:33 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\ICQ [2012.04.25 20:45:58 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\loadtbs [2012.07.15 17:52:39 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\Nitro PDF [2012.07.15 17:31:06 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\OpenCandy [2012.07.15 17:31:27 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\pdfforge [2011.10.14 17:04:52 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\TeamViewer [2011.08.21 22:48:58 | 000,000,000 | ---D | M] -- C:\Users\Nadine\AppData\Roaming\WindSolutions [2012.07.27 07:55:04 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 28.07.2012 19:47:29 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Nadine\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 82,20% Memory free
6,19 Gb Paging File | 5,88 Gb Available in Paging File | 94,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 96,94 Gb Free Space | 65,04% Space Free | Partition Type: NTFS
Drive D: | 137,33 Gb Total Space | 52,55 Gb Free Space | 38,27% Space Free | Partition Type: NTFS
Computer Name: NADINE-LAPTOP | User Name: Nadine | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F3F860-126B-4C59-A6C5-4491D611B997}" = rport=138 | protocol=17 | dir=out | app=system |
"{04B8E5E8-6DF9-4F79-8FAE-81F0C5ACD357}" = lport=138 | protocol=17 | dir=in | app=system |
"{0526FBFC-1C5D-4A83-A368-B89EC636BAC9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1C7606C1-31F2-4BEC-B1DF-DBA680B4B714}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1D927C82-69AF-441A-8BC3-840206231A35}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{22DF1930-50EE-4557-B8CD-21CBF90A96AA}" = rport=137 | protocol=17 | dir=out | app=system |
"{334FF619-C475-41F8-9571-F90F7BF4D376}" = rport=445 | protocol=6 | dir=out | app=system |
"{33BB60FE-8840-4E4B-8870-6DAC0A603B09}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3E5399F5-79ED-4959-B925-8407CC22A0E3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{542D32F9-6E57-436B-9054-22A175208D2D}" = lport=137 | protocol=17 | dir=in | app=system |
"{639BDB0C-C6AE-493A-82B5-49B4887D2714}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6E2FA2DF-CA83-47EC-B66A-DE1EDC547A2F}" = rport=139 | protocol=6 | dir=out | app=system |
"{7056F636-BF65-4CEB-8AE4-461BCCD2480C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{71D7D0BF-55EB-40C5-93AC-A85DA5EFB37A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{75778374-4FD3-42D4-AD1D-3FF6BC3DEC71}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{800A6E0B-535C-4EBF-BB0E-8BEDDC628270}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9BC82F5D-9E5F-4D53-B9D4-D46136B6BE7C}" = lport=445 | protocol=6 | dir=in | app=system |
"{B408D360-CC99-4C77-AD04-1AC548D686BD}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B5D8C32F-5D33-4CD9-9F5B-34A0E9D4362E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B9F2E412-B514-43A6-942E-C66B2C8D07C3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{C77B314A-6BC2-4720-9FDB-7B74EAC8649C}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D17EB796-4A88-48AA-ADD7-791499A0F2B2}" = rport=2869 | protocol=6 | dir=out | app=system |
"{D50809A1-1C0B-4018-941F-9CE828FE6644}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DAB26B18-E289-46F6-B06F-9FF70B9F1221}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DC68FE0F-A3DE-4059-A6C7-B15DEC967528}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F1DBD7F3-CB25-4859-ABA1-A70E08C1D7C1}" = lport=139 | protocol=6 | dir=in | app=system |
"{F33534E0-6576-404B-B695-E5EF97E2BF1D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2134D3F0-035D-436B-BF17-442D6B11FEBF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{434D5ACF-5A11-46D5-ACA8-E1BDA60A91F9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{43ED1EC7-A265-4CDE-95A3-D63D56AA14E2}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{491629DE-7BCD-471E-8668-7B8085BD08B4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6E671B7D-2877-49D2-B5CA-B8E5619D2DA3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{74DBDC77-4545-4634-B432-791246025037}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{806D51DD-93FF-4FDC-95F4-37EE3BA45812}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{903BD706-9EFF-41A4-92B2-9AECC22CEC05}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{912EB071-C6E9-42FE-B1BF-6E6E2130ED6D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{92FC1D97-204D-4DD3-8635-1A42993ABEE1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{99F83690-A8F0-42C0-90A3-E2C4F5A52227}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9BAFFB8D-F4CD-4EBF-ADA5-D1CF9D48A6E0}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A6CE7143-8120-4834-BD73-3C9A5B1C7862}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE0875CF-83C1-4030-8EF1-32112719D256}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{C36608ED-5C2B-4F9B-8CCF-903E0C3DE62B}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{CFE98295-25BE-4A29-B4AB-369AD878AAD0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{096EB4FC-E110-8426-4295-CE869349527C}" = Catalyst Control Center Localization Turkish
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C7D5C27-49E4-3273-5B83-EE608FFD7FA8}" = Catalyst Control Center Localization Swedish
"{0D37C7F0-2C9B-692C-4657-3A1BDD9F67C8}" = CCC Help French
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{11D9CBD3-17FF-1456-47DA-0817FD09816B}" = CCC Help Spanish
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{18C8C1F6-A36A-A42E-1FB2-D9B3ECF538AD}" = CCC Help Finnish
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{221F76A9-68F0-4658-B296-A87CAED6A726}" = Nitro Reader 2
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{27D51A76-371D-48B6-B06E-4137A15B7583}" = Express Gate
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{28F332E8-7A90-512B-E222-67013949139E}" = ccc-utility
"{29A1D086-A174-485A-1577-ED3E98CEB391}" = Catalyst Control Center Localization Polish
"{29DCE677-70BB-A83C-F7B3-D2E5C31748B9}" = CCC Help Russian
"{2A1598E3-4CB4-545A-A824-F7921E31167E}" = Catalyst Control Center Localization Greek
"{32EC3CBE-4A4A-2BB7-2BB6-F5A49902A6EE}" = Skins
"{336DA7E1-35FC-67C7-2A6A-1E048D661B35}" = Catalyst Control Center Localization Dutch
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3BDAD4E1-5A70-E9BF-CA71-05C9DA49040B}" = CCC Help Hungarian
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{4583D057-A120-6B48-7BCE-FDFC86556C4C}" = Catalyst Control Center Localization Czech
"{484E9C72-90B3-0E72-69FB-02826E25EDF3}" = ATI Catalyst Install Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C5D72D0-CDFE-3952-C813-FA2F52FB2C87}" = CCC Help Greek
"{4F5D7C1B-6CB0-F45C-F83E-A1FC98FA2C0B}" = CCC Help Italian
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{54E77B08-4375-4584-7363-ECE88A784013}" = Catalyst Control Center Localization German
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5928359F-BF46-4646-BF19-B64E55171EB5}" = FILSHtray
"{5A0D6E4B-B0DF-4148-8B1E-F7A430FF5E24}" = ICQ Sparberater
"{61A55572-0E51-F389-583C-55EBAA4ED575}" = CCC Help Japanese
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{66433C66-28B6-7E2B-9B77-66D10E5E055F}" = CCC Help Polish
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6AB9A96D-C554-E68F-FD7A-8991C99AA497}" = Catalyst Control Center Graphics Previews Vista
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6CF61AF4-F808-9114-E34A-72831AC7660E}" = CCC Help English
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EABC0D-94EB-E569-877E-7BC634A67F0D}" = Catalyst Control Center Localization Russian
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{81042C93-7A00-71BC-51E9-768A6F849DA2}" = CCC Help Czech
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{86520F07-CEA2-5681-39CA-DF844C659E16}" = CCC Help Swedish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D4BD33B-0429-A9D3-B4B8-68D956F8EE95}" = Catalyst Control Center Localization Chinese Traditional
"{8E50189D-A1B3-3929-5D2F-EC405F7C8A3D}" = CCC Help Chinese Standard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{901C0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Access 2003 Runtime
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear eXtreme
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D38CCB7-DE05-A447-8651-8231BC2656BC}" = Catalyst Control Center Graphics Full New
"{9D77BA02-5C15-BA02-B338-FA9351D4140D}" = CCC Help Turkish
"{9E18CB28-70FE-F6F6-9ED9-A661FF87C1AB}" = ccc-core-static
"{A5D74142-6C1B-5CE3-0D76-A41504FBDC47}" = CCC Help Danish
"{AA7D6DB6-9D3F-4CB9-31C0-B4794E0D75D5}" = Catalyst Control Center Localization Danish
"{AB75B59E-07C8-084F-5C7F-E3567ABB4248}" = Catalyst Control Center Localization Japanese
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AE6370D7-4926-E5C2-705C-9B98B4600C09}" = CCC Help German
"{B1DA213E-4EE2-19F4-277E-81C0E0487076}" = CCC Help Chinese Traditional
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B85A4462-E53C-932E-42EF-2506755EC9A1}" = Catalyst Control Center Localization Thai
"{BDBA9828-200B-43A0-AB4F-82DABEE64F94}_is1" = LPS 2009v 3.0 USB
"{BE426BC1-F401-1E0A-1334-FED883491077}" = Catalyst Control Center InstallProxy
"{BEDB89F5-DF1A-D1E3-A99F-8E64C3BFB934}" = CCC Help Korean
"{BFD373DA-A54D-C040-AD6C-3A1A7FFDA880}" = Catalyst Control Center Localization Italian
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}" = Acronis*True*Image*Home
"{C3E314F1-A53F-D3D7-D7C2-7D0345D6C5D6}" = Catalyst Control Center Graphics Previews Common
"{C73CA646-73B3-4AEF-A136-C37505745174}" = iTunes
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CBCF8E27-A027-CBBD-0F01-58DB1D0E8CF1}" = Catalyst Control Center Localization Chinese Standard
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE560B9B-2991-FE0A-3A78-E053CF94B3DC}" = Catalyst Control Center Localization Norwegian
"{CF5E038B-B6FF-A325-A448-1A02AF57340A}" = CCC Help Portuguese
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D1F23CD0-D2B0-FEA3-E015-2F50BC64B1F4}" = Catalyst Control Center Graphics Full Existing
"{D3224046-1642-9CA4-0908-86EA5F76EBDC}" = Catalyst Control Center Localization Portuguese
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D700ADD4-F389-3EE6-9B9E-2EEFF23B68A2}" = Catalyst Control Center Localization French
"{D7DACC88-5011-78D1-5AB8-8967AC37C190}" = Catalyst Control Center Localization Hungarian
"{DA96BC7A-8208-73CB-CDFB-6B07CC6033D5}" = Catalyst Control Center Localization Finnish
"{DB1384E7-B98E-7482-4FF5-401A8F852D84}" = CCC Help Thai
"{DB891739-2EB3-45A8-9CBD-941C255CECD4}" = ASUS Touch Pad Extra
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E1B05228-9CC4-2702-E106-76D70B4BDDFA}" = Catalyst Control Center Core Implementation
"{E1EC5742-3B54-3E4A-3EEA-DA779ED38FE1}" = CCC Help Norwegian
"{E3A5DDF7-17BD-43F1-9EBA-BB136EEB17DC}" = Catalyst Control Center - Branding
"{E635F30D-FA08-C46B-0BB8-903A1EA04342}" = Catalyst Control Center Graphics Light
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC977620-330D-EC0B-A937-EEFF183AE912}" = CCC Help Dutch
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F596720A-C838-3830-703A-5B3906E277AB}" = Catalyst Control Center Localization Korean
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F99A4B91-B160-B60D-876E-0CF895E15E06}" = Catalyst Control Center Localization Spanish
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Avira AntiVir Desktop" = Avira Free Antivirus
"BabylonToolbar" = Babylon toolbar on IE
"DivX Setup" = DivX-Setup
"ENTERPRISER" = Microsoft Office Enterprise 2007
"loadtbs-2.1" = loadtbs-2.1
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB2.0 UVC 1.3M WebCam" = USB2.0 UVC 1.3M WebCam
"VLC media player" = VLC media player 1.1.11
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"93b54dbdbb302b0d" = Eichsfeld Gymnasium Duderstadt - VPN
"CNET TechTracker" = CNET TechTracker
"CopyTrans Suite" = Nur Deinstallierung der CopyTrans Suite möglich.
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.07.2012 01:21:54 | Computer Name = Nadine-Laptop | Source = CNET TechTracker | ID = 131074
Description = Unable to complete request due to error: Die Serververbindung konnte
nicht hergestellt werden.
Error - 26.07.2012 01:21:54 | Computer Name = Nadine-Laptop | Source = CNET TechTracker | ID = 131074
Description = Unable to complete request due to error: The server was busy and could
not check for updates.
Error - 26.07.2012 01:21:55 | Computer Name = Nadine-Laptop | Source = CNET TechTracker | ID = 131074
Description = result: Scan Failed - General scan failure computer: Nadine-Laptop scanned
on: 25.07.2012 22:19
Error - 26.07.2012 01:55:07 | Computer Name = Nadine-Laptop | Source = EventSystem | ID = 4621
Description =
Error - 26.07.2012 10:38:41 | Computer Name = Nadine-Laptop | Source = WinMgmt | ID = 10
Description =
Error - 26.07.2012 10:38:48 | Computer Name = Nadine-Laptop | Source = CNET TechTracker | ID = 131074
Description = Unable to complete request due to error: Die Serververbindung konnte
nicht hergestellt werden.
Error - 26.07.2012 10:38:48 | Computer Name = Nadine-Laptop | Source = CNET TechTracker | ID = 131074
Description = Unable to complete request due to error: The server was busy and could
not check for updates.
Error - 26.07.2012 10:38:50 | Computer Name = Nadine-Laptop | Source = CNET TechTracker | ID = 131074
Description = result: Scan Failed - General scan failure computer: Nadine-Laptop scanned
on: 25.07.2012 22:19
Error - 26.07.2012 11:56:05 | Computer Name = Nadine-Laptop | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung MsMpEng.exe, Version 4.0.1526.0, Zeitstempel
0x4f710236, fehlerhaftes Modul offreg.dll_unloaded, Version 0.0.0.0, Zeitstempel
0x4b70d7bd, Ausnahmecode 0xc0000005, Fehleroffset 0x68175d9a, Prozess-ID 0x4a8,
Anwendungsstartzeit 01cd6b3c1fa011ea.
Error - 26.07.2012 11:59:49 | Computer Name = Nadine-Laptop | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 28.07.2012 13:20:13 | Computer Name = Nadine-Laptop | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 28.07.2012 um 19:18:10 unerwartet heruntergefahren.
Error - 28.07.2012 13:20:51 | Computer Name = Nadine-Laptop | Source = DCOM | ID = 10005
Description =
Error - 28.07.2012 13:21:00 | Computer Name = Nadine-Laptop | Source = DCOM | ID = 10005
Description =
Error - 28.07.2012 13:21:00 | Computer Name = Nadine-Laptop | Source = DCOM | ID = 10005
Description =
Error - 28.07.2012 13:21:09 | Computer Name = Nadine-Laptop | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =
Error - 28.07.2012 13:21:19 | Computer Name = Nadine-Laptop | Source = DCOM | ID = 10005
Description =
Error - 28.07.2012 13:21:27 | Computer Name = Nadine-Laptop | Source = Service Control Manager | ID = 7001
Description =
Error - 28.07.2012 13:21:27 | Computer Name = Nadine-Laptop | Source = Service Control Manager | ID = 7026
Description =
Error - 28.07.2012 13:30:36 | Computer Name = Nadine-Laptop | Source = DCOM | ID = 10005
Description =
Error - 28.07.2012 13:30:36 | Computer Name = Nadine-Laptop | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.131.740.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%852 Quellpfad: Default URL Signaturtyp: %%800 Aktualisierungstyp: %%803 Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.8601.0 Fehlercode:
0x8007043c Fehlerbeschreibung: Der Dienst kann nicht im abgesicherten Modus gestartet
werden.
< End of report >
MfG ener90, eine schönen Abend noch. Hallo, die Themenüberschrift müsste eigentlich heißen: "Dieses Programm kann die Webseite nicht anzeigen". Entschuldigt bitte. Ich hoffe ihr könnt mir helfen. MfG ener90 Ihr benötigt sicherlich auch noch die Angabe zu meinem Betriebssystem. Habe Windows Vista Home Premium mit 32-Bit (Ich glaube das heißt so). Geändert von ener90 (28.07.2012 um 20:13 Uhr) |
| Themen zu Diese Webseite kann nicht angezeigt werden / Desktop gesperrt |
| abgesicherten, angezeigt, anhänge, babylon toolbar, babylontoolbar, bildschirm, candy, dateien, desktop, dieses programm kann die webseite nicht anzeigen, fehlermeldung, fenster, gesperrt, gfnexsrv.exe, gmer, install.exe, interne, internet, klicke, modus, netzwerk, nichts, office 2007, opencandy, plug-in, problem, programme, schöne, searchscopes, task-manager, video, webseite, weiße, zugriff, öffnet |
Baum-Darstellung