| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firewall lässt sich nicht einschalten / keinerlei NetzwerkzugriffWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.08.2012, 09:56
| #1 |
| |  Firewall lässt sich nicht einschalten / keinerlei Netzwerkzugriff Hallo so langsam komm ich mit meinem Latein ans Ende... BS: Windows 7 Pro 64bit Fehler: Bekomme seit 3 Tagen keinerlei Zugriff auf das Netzwerk/ die Netzwerkdienste, WLAN Netze werden zwar angezeigt aber mit dem Zusatz "Eingeschränkter Zugriff" mit dem Iphone Netzwerk(Hotspot) lässt sich der PC auch nich verbinden --> kurzum keinerlei Internet verfügbar und die Firewall von MS ist ausgeschaltet und lässt sich nicht mehr einschalten, weder automatisch noch manuell... Virenschutz: AntiVir Premium Firewall: Microsoft (wenn sie denn gehen würde) Drüber laufen hab ich lassen den AntiVir Premium sowie EmsiSoft Antimalware und den Msert Schadsoftware Scanner von Microsoft sowie zu guter Letzt den S&D Spybot und HiJackThis.... Folgender Eintrag wird von HJT noch als schädlich eingestuft: O10 - Broken Internet access because of LSP provider 'd:\programme\vsocklib.dll' missing Das LSPFix läuft net wirklich und habe auch sonst die Meldung nicht wegbekommen... Anbei noch die Scanauswertung mit ODT:OTL Logfile: Code:
ATTFilter OTL logfile created on: 09.08.2012 11:04:43 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\AstaLaVista\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,24 Gb Available Physical Memory | 78,01% Memory free 15,99 Gb Paging File | 13,46 Gb Available in Paging File | 84,16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 189,19 Gb Total Space | 118,93 Gb Free Space | 62,87% Space Free | Partition Type: NTFS Drive D: | 52,92 Gb Total Space | 19,17 Gb Free Space | 36,24% Space Free | Partition Type: NTFS Drive E: | 21,61 Gb Total Space | 6,14 Gb Free Space | 28,41% Space Free | Partition Type: NTFS Drive F: | 2,97 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive G: | 5,30 Gb Total Space | 0,90 Gb Free Space | 17,07% Space Free | Partition Type: NTFS Drive H: | 15,03 Gb Total Space | 3,31 Gb Free Space | 22,03% Space Free | Partition Type: FAT32 Drive M: | 141,19 Gb Total Space | 38,24 Gb Free Space | 27,09% Space Free | Partition Type: FAT32 Computer Name: ASTALAVISTA-PC | User Name: AstaLaVista | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.08.09 10:36:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\AstaLaVista\Desktop\OTL.exe PRC - [2012.05.14 14:18:25 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE PRC - [2012.05.14 14:18:25 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe PRC - [2012.05.14 14:18:25 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.14 14:18:25 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.05.14 14:18:25 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.12 14:39:58 | 003,065,120 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe PRC - [2012.03.01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.02.29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.02.01 09:11:34 | 001,083,264 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe PRC - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe PRC - [2012.01.04 13:32:06 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.05.25 22:54:38 | 000,136,616 | ---- | M] () -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe PRC - [2010.11.05 10:28:14 | 000,083,248 | ---- | M] (iAnywhere Solutions, Inc.) -- C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe PRC - [2010.10.19 15:38:54 | 000,465,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe PRC - [2010.09.21 03:41:38 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe PRC - [2010.09.21 03:41:34 | 000,404,016 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe PRC - [2010.09.21 02:42:44 | 000,539,184 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe PRC - [2010.03.10 11:17:10 | 000,358,448 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe PRC - [2010.03.10 11:17:04 | 000,053,808 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\lktsrv.exe PRC - [2010.03.10 11:17:02 | 000,043,056 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\lkads.exe PRC - [2010.03.08 09:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\Common Files\aol\1286106206\ee\aolsoftware.exe PRC - [2009.12.09 22:12:50 | 001,118,208 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtWlan.exe PRC - [2009.12.07 13:49:24 | 000,040,960 | ---- | M] (Realtek) -- C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtlService.exe PRC - [2009.10.20 11:00:22 | 000,013,896 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\nisvcloc.exe PRC - [2009.09.29 13:56:52 | 000,695,136 | ---- | M] (National Instruments, Inc.) -- C:\Windows\SysWOW64\lkcitdl.exe PRC - [2009.01.26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe ========== Modules (No Company Name) ========== MOD - [2012.02.01 09:12:34 | 000,423,808 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll MOD - [2012.02.01 09:12:32 | 000,058,240 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll MOD - [2012.02.01 09:12:30 | 000,272,768 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll MOD - [2012.02.01 09:12:30 | 000,095,104 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll MOD - [2012.02.01 09:12:14 | 000,384,896 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QxtCore.dll MOD - [2012.02.01 09:12:14 | 000,165,248 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QxtWeb.dll MOD - [2012.02.01 09:12:12 | 010,843,520 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll MOD - [2012.02.01 09:12:12 | 002,557,312 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll MOD - [2012.02.01 09:12:12 | 000,346,496 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll MOD - [2012.02.01 09:12:08 | 001,294,208 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll MOD - [2012.02.01 09:12:08 | 000,196,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll MOD - [2012.02.01 09:12:06 | 000,919,936 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll MOD - [2012.02.01 09:12:06 | 000,682,880 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll MOD - [2012.02.01 09:12:06 | 000,517,504 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll MOD - [2012.02.01 09:12:04 | 008,172,928 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll MOD - [2012.02.01 09:12:04 | 002,252,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll MOD - [2012.02.01 09:12:02 | 002,288,512 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll MOD - [2012.02.01 09:12:00 | 000,422,272 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll MOD - [2012.02.01 09:11:56 | 000,202,624 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll MOD - [2012.02.01 09:11:56 | 000,034,688 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll MOD - [2012.02.01 09:11:54 | 000,032,640 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll MOD - [2012.02.01 09:11:36 | 000,388,480 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\OviShareLib.dll MOD - [2012.02.01 09:11:28 | 000,437,632 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll MOD - [2012.02.01 09:11:18 | 001,037,696 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\Maps Service API.dll MOD - [2012.02.01 09:10:52 | 000,758,656 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll MOD - [2012.01.05 15:19:12 | 000,112,640 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.12.14 13:23:22 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.08.05 01:23:18 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.05.14 14:18:25 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2012.05.14 14:18:25 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2012.05.14 14:18:25 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.05.14 14:18:25 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.12 14:39:58 | 003,065,120 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2012.03.01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.02.29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.12.14 13:23:34 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2011.12.14 13:23:22 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2011.05.25 22:54:38 | 000,136,616 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService) SRV - [2010.11.05 10:28:14 | 000,083,248 | ---- | M] (iAnywhere Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe -- (Lexware_Datenbank_Plus) SRV - [2010.09.21 03:41:38 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2010.09.21 03:41:34 | 000,404,016 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2010.09.21 02:42:44 | 000,539,184 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService) SRV - [2010.05.17 19:18:44 | 001,007,616 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.10 11:17:10 | 000,358,448 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe -- (NIDomainService) SRV - [2010.03.10 11:17:04 | 000,053,808 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\lktsrv.exe -- (lkTimeSync) SRV - [2010.03.10 11:17:02 | 000,043,056 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\lkads.exe -- (lkClassAds) SRV - [2009.12.07 13:49:24 | 000,040,960 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\SITECOM\300N USB Wireless LAN Utility\RtlService.exe -- (Realtek11nSU) SRV - [2009.10.20 11:00:22 | 000,013,896 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\nisvcloc.exe -- (niSvcLoc) SRV - [2009.09.29 13:56:52 | 000,695,136 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\lkcitdl.exe -- (LkCitadelServer) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007.12.17 04:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) SRV - [2007.01.11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) SRV - [2006.10.23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.05.14 14:18:25 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.05.14 14:18:25 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.12.15 16:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.11.03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci) DRV:64bit: - [2011.11.03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3) DRV:64bit: - [2011.11.01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2011.11.01 10:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2011.11.01 10:07:24 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2011.11.01 10:07:24 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2011.08.02 18:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl) DRV:64bit: - [2011.08.01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2011.03.18 13:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:64bit: - [2011.03.18 13:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010.10.20 20:05:18 | 000,014,592 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger) DRV:64bit: - [2010.09.21 03:43:06 | 000,068,656 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:64bit: - [2010.09.21 03:43:00 | 000,080,944 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:64bit: - [2010.09.21 03:41:08 | 000,031,792 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd) DRV:64bit: - [2010.09.21 03:40:56 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:64bit: - [2010.09.21 02:42:38 | 000,038,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:64bit: - [2010.09.21 00:18:14 | 000,045,104 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge) DRV:64bit: - [2010.09.21 00:18:14 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb) DRV:64bit: - [2010.09.21 00:18:14 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:64bit: - [2010.09.07 08:27:24 | 000,038,912 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PcaSp60.sys -- (PcaSp60) DRV:64bit: - [2010.03.09 12:09:32 | 000,676,864 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192su.sys -- (RTL8192su) DRV:64bit: - [2010.01.14 14:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60) DRV:64bit: - [2010.01.14 14:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT) DRV:64bit: - [2010.01.14 14:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) DRV:64bit: - [2009.08.24 00:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009.02.17 19:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV:64bit: - [2006.11.30 00:24:49 | 000,024,064 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wanatw64.sys -- (wanatw) DRV - [2012.03.25 21:21:09 | 000,063,880 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys -- (a2acc) DRV - [2012.03.25 21:21:06 | 000,041,728 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver) DRV - [2011.11.08 22:25:24 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2011.05.25 22:52:56 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver4.01) DRV - [2011.05.19 14:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA) DRV - [2010.09.07 08:27:24 | 000,038,912 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PcaSp60.sys -- (PcaSp60) DRV - [2010.05.05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 54 B1 1A D7 3C CC 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=19948&mntrId=6483418f000000000000000cf689a74ba74b IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{7B5057B6-7C53-49CE-B86D-B948E4930454}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local ========== FireFox ========== FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Picasa3\npPicasa3.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_3.6@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6 [2012.04.17 21:39:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.15 23:01:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.16 10:07:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.04.17 21:39:31 | 000,000,000 | ---D | M] [2012.07.22 16:00:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AstaLaVista\AppData\Roaming\mozilla\Extensions [2012.07.22 16:00:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AstaLaVista\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de [2012.08.07 12:58:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AstaLaVista\AppData\Roaming\mozilla\Firefox\Profiles\i5dygax2.default\extensions [2011.07.26 13:30:48 | 000,000,000 | ---D | M] (Aardvark) -- C:\Users\AstaLaVista\AppData\Roaming\mozilla\Firefox\Profiles\i5dygax2.default\extensions\aardvark@rob.brown [2012.08.07 12:58:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.06.01 12:19:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.06.05 09:48:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.07.17 09:41:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2012.07.16 10:07:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2008.12.10 15:49:34 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv86win32.dll [2010.10.19 19:15:20 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv90win32.dll [2011.12.14 19:07:43 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.07.20 16:09:25 | 000,002,291 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2011.12.14 19:07:43 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.12.14 19:07:43 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.12.14 19:07:43 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.12.14 19:07:43 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No CLSID value found. O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ASUS Ai Charger] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1286106206\ee\AOLSoftware.exe (AOL Inc.) O4 - HKLM..\Run: [NI Background Service] C:\Program Files (x86)\National Instruments\Shared\Update Service\niupdate.exe (National Instruments) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - Startup: C:\Users\AstaLaVista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - DD:\Programme\x64\vsocklib.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - DD:\Programme\x64\vsocklib.dll File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C673113-BB8E-4CF5-9F28-2F0DD534FC88}: DhcpNameServer = 192.168.1.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7B51B878-A5A1-4291-B0E5-15445FF1C9E5}: DhcpNameServer = 10.74.210.210 10.74.210.211 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9BF99A1-D919-42FA-B5F7-93C6180B8D1B}: DhcpNameServer = 192.168.1.1 192.168.2.1 O18:64bit: - Protocol\Handler\haufereader - No CLSID value found O18 - Protocol\Handler\haufereader - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.07.15 21:39:51 | 000,000,122 | R--- | M] () - F:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2010.10.26 21:34:30 | 000,001,813 | ---- | M] () - G:\Automation License Manager.lnk -- [ NTFS ] O32 - Unable to obtain root file information for disk H:\ O32 - AutoRun File - [2009.06.29 10:50:56 | 000,000,000 | ---- | M] () - M:\AUTOEXEC.BAT -- [ FAT32 ] O33 - MountPoints2\{9076c8ff-11a3-11e0-afd5-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{9076c8ff-11a3-11e0-afd5-005056c00008}\Shell\AutoRun\command - "" = K:\KODAK_Software_Downloader.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.08.09 11:04:31 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\AstaLaVista\Desktop\OTL.exe [2012.08.09 00:51:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.08.09 00:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.08.09 00:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012.08.09 00:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012.08.09 00:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2012.08.09 00:10:43 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Desktop\backups [2012.08.09 00:02:19 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\AstaLaVista\Desktop\HiJackThis204.exe [2012.07.24 10:08:01 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Documents\BriefeanHr.Semmler [2012.07.22 16:00:46 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\AppData\Roaming\Haufe Mediengruppe [2012.07.22 16:00:46 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\AppData\Local\Haufe Mediengruppe [2012.07.21 12:33:58 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Documents\netbank_giroLoyal_Antrag_und_Rueckumschlag_342815 [2012.07.20 23:32:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Haufe [2012.07.20 23:30:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haufe [2012.07.20 23:30:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Haufe [2012.07.20 22:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\DownloadManager [2012.07.20 20:07:21 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Desktop\TAXMAN 2012 [2012.07.17 15:28:11 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Documents\IMG_1073 [2012.07.16 10:07:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.07.16 10:06:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012.07.13 21:01:27 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Documents\(BestätigungHerrSemmler14.-15.07.2012) [2012.07.12 19:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3 [2012.07.12 19:47:28 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Desktop\Asmedia_USB3_V11430_XPVistaWin7 [2012.07.12 13:56:10 | 000,000,000 | ---D | C] -- C:\Users\AstaLaVista\Documents\p1locStarzik [3 C:\Users\AstaLaVista\Documents\*.tmp files -> C:\Users\AstaLaVista\Documents\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.08.09 10:36:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\AstaLaVista\Desktop\OTL.exe [2012.08.09 10:23:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.08.09 09:36:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.08.09 02:00:02 | 000,018,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.08.09 02:00:02 | 000,018,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.08.09 01:52:02 | 2146,000,895 | -HS- | M] () -- C:\hiberfil.sys [2012.08.09 00:51:31 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.08.09 00:23:34 | 000,001,258 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Spybot - Search & Destroy.lnk [2012.08.08 23:58:54 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\AstaLaVista\Desktop\HiJackThis204.exe [2012.08.08 22:43:03 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml [2012.08.08 22:43:03 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml [2012.08.08 22:41:13 | 000,007,132 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Windows-Kompatibilitätsbericht.htm [2012.08.08 01:09:52 | 001,984,382 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.08.08 01:09:52 | 000,833,142 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.08.08 01:09:52 | 000,776,498 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.08.08 01:09:52 | 000,202,846 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.08.08 01:09:52 | 000,169,058 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.08.07 00:34:40 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI [2012.08.07 00:25:53 | 001,730,354 | ---- | M] () -- C:\Users\AstaLaVista\Documents\Anmeldung_Fortbildungspruefung.pdf [2012.08.05 11:21:24 | 000,026,849 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\6-schuljahr,-schuelerband.jpg [2012.07.25 20:16:37 | 000,382,898 | ---- | M] () -- C:\Users\AstaLaVista\Documents\TAXMAN_2012_Dasi.zip [2012.07.24 10:08:01 | 003,762,774 | ---- | M] () -- C:\Users\AstaLaVista\Documents\BriefeanHr.Semmler.zip [2012.07.23 16:12:38 | 001,453,631 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Contract Vertrag Holiday Frankreich001.jpg [2012.07.21 12:33:58 | 000,767,279 | ---- | M] () -- C:\Users\AstaLaVista\Documents\netbank_giroLoyal_Antrag_und_Rueckumschlag_342815.zip [2012.07.21 11:11:50 | 000,019,863 | ---- | M] () -- C:\Users\AstaLaVista\Documents\IhreRetoure6510214669.pdf [2012.07.21 00:24:33 | 000,002,669 | ---- | M] () -- C:\Users\Public\Desktop\TAXMAN 2012.lnk [2012.07.20 23:32:38 | 000,002,319 | ---- | M] () -- C:\Users\Public\Desktop\TAXMAN Bibliothek 2012.lnk [2012.07.19 20:42:52 | 000,012,750 | ---- | M] () -- C:\Users\AstaLaVista\Documents\=windows-1250QBank=E4nderung=2EPDF= [2012.07.19 16:45:13 | 000,012,750 | ---- | M] () -- C:\Users\AstaLaVista\Documents\Kennwort.pdf [2012.07.19 13:46:15 | 002,268,071 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\diego001.jpg [2012.07.17 15:57:56 | 001,199,146 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Pattex Conrad rechnung002.jpg [2012.07.17 15:52:35 | 001,211,176 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Pattex Conrad rechnung001.jpg [2012.07.17 15:28:11 | 002,132,203 | ---- | M] () -- C:\Users\AstaLaVista\Documents\IMG_1073.zip [2012.07.13 21:01:27 | 000,379,198 | ---- | M] () -- C:\Users\AstaLaVista\Documents\(BestätigungHerrSemmler14.-15.07.2012).zip [2012.07.12 19:47:15 | 005,294,566 | ---- | M] () -- C:\Users\AstaLaVista\Desktop\Asmedia_USB3_V11430_XPVistaWin7.zip [2012.07.12 13:56:10 | 002,001,415 | ---- | M] () -- C:\Users\AstaLaVista\Documents\p1locStarzik.zip [3 C:\Users\AstaLaVista\Documents\*.tmp files -> C:\Users\AstaLaVista\Documents\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.08.09 00:51:31 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.08.09 00:23:34 | 000,001,258 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Spybot - Search & Destroy.lnk [2012.08.08 22:41:14 | 000,007,132 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Windows-Kompatibilitätsbericht.htm [2012.08.07 00:25:35 | 001,730,354 | ---- | C] () -- C:\Users\AstaLaVista\Documents\Anmeldung_Fortbildungspruefung.pdf [2012.08.05 11:21:24 | 000,026,849 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\6-schuljahr,-schuelerband.jpg [2012.07.24 10:07:15 | 003,762,774 | ---- | C] () -- C:\Users\AstaLaVista\Documents\BriefeanHr.Semmler.zip [2012.07.23 16:12:37 | 001,453,631 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Contract Vertrag Holiday Frankreich001.jpg [2012.07.22 18:26:28 | 000,382,898 | ---- | C] () -- C:\Users\AstaLaVista\Documents\TAXMAN_2012_Dasi.zip [2012.07.21 12:33:49 | 000,767,279 | ---- | C] () -- C:\Users\AstaLaVista\Documents\netbank_giroLoyal_Antrag_und_Rueckumschlag_342815.zip [2012.07.21 11:11:49 | 000,019,863 | ---- | C] () -- C:\Users\AstaLaVista\Documents\IhreRetoure6510214669.pdf [2012.07.20 23:32:38 | 000,002,319 | ---- | C] () -- C:\Users\Public\Desktop\TAXMAN Bibliothek 2012.lnk [2012.07.20 23:31:39 | 000,002,669 | ---- | C] () -- C:\Users\Public\Desktop\TAXMAN 2012.lnk [2012.07.19 20:42:51 | 000,012,750 | ---- | C] () -- C:\Users\AstaLaVista\Documents\=windows-1250QBank=E4nderung=2EPDF= [2012.07.19 16:45:13 | 000,012,750 | ---- | C] () -- C:\Users\AstaLaVista\Documents\Kennwort.pdf [2012.07.19 13:45:57 | 002,268,071 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\diego001.jpg [2012.07.17 15:57:55 | 001,199,146 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Pattex Conrad rechnung002.jpg [2012.07.17 15:52:35 | 001,211,176 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Pattex Conrad rechnung001.jpg [2012.07.17 15:27:49 | 002,132,203 | ---- | C] () -- C:\Users\AstaLaVista\Documents\IMG_1073.zip [2012.07.13 21:01:22 | 000,379,198 | ---- | C] () -- C:\Users\AstaLaVista\Documents\(BestätigungHerrSemmler14.-15.07.2012).zip [2012.07.12 19:47:14 | 005,294,566 | ---- | C] () -- C:\Users\AstaLaVista\Desktop\Asmedia_USB3_V11430_XPVistaWin7.zip [2012.07.12 13:55:49 | 002,001,415 | ---- | C] () -- C:\Users\AstaLaVista\Documents\p1locStarzik.zip [2012.06.16 20:43:00 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll [2012.06.16 20:43:00 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2012.06.16 20:41:50 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012.06.16 20:41:48 | 000,032,497 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2012.06.16 15:09:23 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2012.06.16 15:09:23 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2012.04.14 23:10:28 | 000,003,997 | ---- | C] () -- C:\Windows\scad3.INI [2012.02.29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012.02.27 10:41:52 | 000,202,240 | ---- | C] () -- C:\Windows\SysWow64\LXPrnUtil10.dll [2012.02.27 10:40:44 | 000,304,128 | ---- | C] () -- C:\Windows\SysWow64\LxDNT100.dll [2012.02.27 10:38:36 | 000,133,120 | ---- | C] () -- C:\Windows\SysWow64\LxDNTvmc100.dll [2012.02.27 10:38:18 | 000,069,120 | ---- | C] () -- C:\Windows\SysWow64\LxDNTvm100.dll [2011.12.05 21:54:43 | 000,001,125 | ---- | C] () -- C:\Users\AstaLaVista\Dokumente - Verknüpfung.lnk [2011.11.10 23:06:31 | 000,000,017 | ---- | C] () -- C:\Users\AstaLaVista\AppData\Local\resmon.resmoncfg [2011.09.03 13:19:30 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2011.08.09 12:48:39 | 000,000,153 | ---- | C] () -- C:\Windows\ODBC.INI [2011.08.05 23:17:56 | 000,009,216 | ---- | C] () -- C:\Users\AstaLaVista\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.05.13 10:03:16 | 000,303,104 | ---- | C] () -- C:\Windows\SysWow64\dnt27VC8.dll [2011.05.13 10:01:22 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\dntvmc27VC8.dll [2011.05.13 10:01:00 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dntvm27VC8.dll [2010.10.13 20:58:31 | 001,961,340 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.10.03 23:46:25 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010.10.03 23:46:25 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2030.DAT [2010.10.03 13:19:08 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat [2010.10.03 13:07:44 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe ========== LOP Check ========== [2012.02.07 22:09:32 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Arduino [2012.02.01 09:25:02 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Ashampoo [2012.04.26 23:47:58 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Asxany [2011.10.09 20:30:22 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\CadSoft [2011.01.11 01:12:33 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Dev-Cpp [2011.11.02 18:45:18 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\DVSE GmbH [2011.10.09 12:02:29 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\EPSON [2012.02.22 17:59:11 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Fritzing [2011.01.08 14:38:25 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\GetRightToGo [2012.07.22 16:00:46 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Haufe Mediengruppe [2012.04.15 23:23:57 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\HeidiSQL [2012.04.14 21:20:57 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\ibf [2011.02.27 16:05:02 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\ImgBurn [2010.10.10 01:23:01 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Leadertech [2011.04.24 11:07:49 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\LEGO Media [2011.08.09 17:13:59 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Lexware [2012.04.14 23:07:57 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\LTC [2012.01.15 19:51:50 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\National Instruments [2012.04.18 08:29:10 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Nokia [2011.09.23 19:55:34 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Nokia Ovi Suite [2010.10.03 14:29:08 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\OpenOffice.org [2010.10.03 13:53:50 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Opera [2011.10.31 09:47:13 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Origin [2012.04.27 15:03:22 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Oxota [2011.09.23 19:59:54 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\PC Suite [2010.12.27 13:49:19 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Skinux [2011.11.25 00:04:35 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\TuneUp Software [2012.03.23 21:52:21 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Ucoz [2011.10.19 20:28:42 | 000,000,000 | ---D | M] -- C:\Users\AstaLaVista\AppData\Roaming\Vocup [2012.07.04 18:29:42 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:8FEEB0BF75CBDF76 < End of report > EXTRA.txt.OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 09.08.2012 11:04:43 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\AstaLaVista\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,24 Gb Available Physical Memory | 78,01% Memory free
15,99 Gb Paging File | 13,46 Gb Available in Paging File | 84,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 189,19 Gb Total Space | 118,93 Gb Free Space | 62,87% Space Free | Partition Type: NTFS
Drive D: | 52,92 Gb Total Space | 19,17 Gb Free Space | 36,24% Space Free | Partition Type: NTFS
Drive E: | 21,61 Gb Total Space | 6,14 Gb Free Space | 28,41% Space Free | Partition Type: NTFS
Drive F: | 2,97 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 5,30 Gb Total Space | 0,90 Gb Free Space | 17,07% Space Free | Partition Type: NTFS
Drive H: | 15,03 Gb Total Space | 3,31 Gb Free Space | 22,03% Space Free | Partition Type: FAT32
Drive M: | 141,19 Gb Total Space | 38,24 Gb Free Space | 27,09% Space Free | Partition Type: FAT32
Computer Name: ASTALAVISTA-PC | User Name: AstaLaVista | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{121B05EA-49C6-4967-9F3D-A524738EF466}" = rport=445 | protocol=6 | dir=out | app=system |
"{14FEF1B3-2D9B-448F-A41E-6AFF62B59048}" = rport=10243 | protocol=6 | dir=out | app=system |
"{181691D7-5AE6-46FE-BF0E-C43FB7B71441}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1874E7EA-1607-4B25-850E-6ECD0CD5DAC0}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{1DD3EC0F-BD8A-4A6F-BC57-C21EF8B3879F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3624DAE8-FF37-4C7D-82EA-648FA0DBC2F9}" = lport=137 | protocol=17 | dir=in | app=system |
"{391362B2-1F70-42FA-9440-5A2812469572}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3A62F956-BC36-49FC-9064-161D7189F800}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3D06744D-A4B9-4E75-8684-2E2BA85A485E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3F5859A5-C564-4FE2-B357-A2DC48921FB1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{45087C81-A404-48D8-9B40-92F45F9C99E0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{460D1B51-F99C-4FDA-B1B8-E20D95C3547F}" = lport=138 | protocol=17 | dir=in | app=system |
"{4FB320D4-B274-49A6-A559-B19C64E7A161}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5566E58E-3914-4B01-8EA3-5C1AE5F91CB8}" = rport=139 | protocol=6 | dir=out | app=system |
"{566E0AE6-8CF8-47C0-83FF-D18781E6A559}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5CD6E2F9-5B8F-4ACA-889D-BA6531BAD955}" = lport=2869 | protocol=6 | dir=in | app=system |
"{65434C8C-A0F2-4217-ADEE-1557F16DC364}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{66EC20EF-A4CC-439C-8EB9-BD49590C0ADB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6A382021-9F2A-47A1-A9BD-B635D4072249}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6BFE4453-C2A1-41D0-AC9E-5CBCCEE2B967}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{6D4A4710-6CD4-45CB-9614-D864D57F7A82}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{75C91A0F-0134-4583-9CE9-FC92E879E9DA}" = lport=445 | protocol=6 | dir=in | app=system |
"{92AD8858-CFED-4329-9D36-9799755982BD}" = lport=139 | protocol=6 | dir=in | app=system |
"{9A08DFCC-E54B-408D-91C5-636A139C08C8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{AE21704A-4429-4FCF-9139-6E5F8061ACF6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF15764C-8F60-403C-B3AB-9CD30860EC3F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BCC15698-6158-48C5-86C6-11C99129E656}" = rport=138 | protocol=17 | dir=out | app=system |
"{C380B045-5C9C-42BD-8C09-711DB5C1DE74}" = rport=137 | protocol=17 | dir=out | app=system |
"{C8E45625-3429-4CEC-9AC0-582CEB84AB32}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E2C7DA95-B005-4AE4-9932-732E6337FDEF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E76BBDB2-D13F-4EC6-83D5-52A984DFBF02}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E92B02F8-1840-4FBA-92B5-6836D1C68476}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ED174098-656E-47BA-9815-B61E8EEE2688}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FC4C24A8-F4D3-4A3F-AB14-90BABC935DF0}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0687B906-F5EF-4BED-AA23-C191D1CB5345}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{08618EC7-5913-4E8D-A940-B5C95D29723B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{086F28B8-BCE6-4E90-8555-4A53CC746BF8}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{0D31A316-1819-4EBF-96ED-F919DA36D06B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1073BFDF-C7BB-410F-B430-8AD4D60E5FF8}" = protocol=6 | dir=in | app=c:\program files (x86)\sitecom\300n usb wireless lan utility\rtwlan.exe |
"{12F4EB3F-D8C7-4F98-81F9-95CC09C87F50}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{17D818A1-C257-4267-B7DD-377B0D275634}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{199B1715-D112-4EEA-9C58-3D30472B1FBE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{1D4AE342-80D3-42E4-B858-595B7283FF8C}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{213C0F9F-4976-4F42-9466-3FE092781E7E}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{22689738-C5B8-4E85-96F1-FD530363F8BD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{23818030-1F55-47CE-8851-009D176D0961}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{324936A8-429B-497D-B357-15FD677ADAA2}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\fifa 12\game\fifa.exe |
"{352460CD-B631-421E-A098-923643EFB503}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C9BD508-E308-4FBB-B73F-51D95BB5A569}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{40A7E5FF-0FA6-4D9D-BBE8-19DCFE2CA1EA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{50445194-3CDE-4039-A336-0A4DF083F2D7}" = protocol=6 | dir=in | app=c:\program files (x86)\sybase\sql anywhere 9\win32\dbsrv9.exe |
"{51C25E29-4B84-4024-B9DF-DA08BDFA557D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{51F13C9F-246A-4D72-AACB-EF49E44E0929}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{550F4015-14E7-425E-844E-79DAD94BF9B3}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{56F96A08-B9DA-4A2B-8163-A440E36E68A5}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{593928AD-9700-4AC4-A4BC-B6E217B0CA40}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1286106206\ee\aolsoftware.exe |
"{6131ACA1-A7AA-4DB5-B5B1-3FB5DD6003D2}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{68D741D2-2331-48F1-A053-79C7BD5693F9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6BEEA514-F9F6-4932-BB5A-D5AD0965DFB9}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1286106206\ee\aolsoftware.exe |
"{70A070B5-FB5C-4CE2-A289-3686835362FC}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{74183B9C-A223-4CA3-AA47-B2DBDA3080A9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{76A036E9-D3AE-4415-9D5B-5F719DCF277E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7C1C97BB-6027-4030-BBF3-6CD581DB7A6D}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{81E20C74-D38D-4899-AD64-04E92961BFA7}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{82835B4E-ACEF-42EA-B597-DC847FF8ED20}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{85F9DAF0-D1AF-46ED-AEAC-62CF20433928}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{92B897D7-9F1A-4879-BA54-8DC864394B16}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{93F57C00-4E0B-42CF-B0BC-4F771ED2DDC0}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1286106206\ee\aolsoftware.exe |
"{A02F53C5-279C-42B7-BF58-9FCE52A8A50A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A252C970-ED17-44CB-94D4-5610EFB8C24C}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{A3D152DE-8EFD-43D0-BA2E-A1F21FF148D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A64323F6-E23F-48A4-9E98-784969D28237}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AB90F3DD-5CAA-4B53-B84B-17F6E3921693}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{AC59179E-A039-4E17-B3D8-9B3ADBA74C46}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{AF65953B-55E8-403B-BBE6-DC21022E522B}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\fifa 12\game\fifa.exe |
"{B8097C66-BCA2-4B2D-8D92-2D417D0E5A82}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B84C5A9D-42E7-422F-8D8E-ABC8B81B16E2}" = protocol=17 | dir=in | app=c:\program files (x86)\sitecom\300n usb wireless lan utility\rtwlan.exe |
"{BCF82093-781B-44A5-8D27-BC09047751B7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C5A59AB2-CCB4-4E92-A755-312A9148A2E3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{C8B46F28-0DFF-426E-A407-3C0E9CD00FFC}" = protocol=17 | dir=in | app=c:\program files (x86)\sybase\sql anywhere 9\win32\dbsrv9.exe |
"{C96B7694-73F5-4D27-BE7A-1B12AAB47D61}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CAED408A-4C77-44A0-B3D3-3183084F1725}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1286106206\ee\aolsoftware.exe |
"{CBED26BD-4878-4BBF-9274-1506C9B94A95}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D06D02E5-AFAF-4974-90F6-5731DA6BE7C2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{D17B905D-F362-4C53-B5F2-6E529146259F}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{D6AB1DAC-B40C-406F-8371-C840344CF0E5}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{D6B63EE3-6CCF-41B6-83B6-96DE0423CA5B}" = protocol=6 | dir=out | app=system |
"{E8FE35AE-A843-4F8F-986C-7C9D46DA871D}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{EEE758CD-C96D-4DE2-8990-5780BD46724F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F01121A6-AB7A-4174-A5DC-DBEC894CB93D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F40A0307-E4A1-4AA2-A624-232C557DA5D9}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F507F49F-1498-4417-AE63-1CAA2A933B42}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7AF57F2-F511-417C-8D3F-8D02D7575349}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FD8D08EB-BA43-4ED1-92E3-5C242C7AC5DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FDA0250C-43C9-4494-8AAE-363DAB8B6F8C}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"TCP Query User{3E973B62-F048-4FCF-B46C-B0015C1A22A4}C:\users\astalavista\downloads\kicad-20120121-r3372-windows\eeschema.exe" = protocol=6 | dir=in | app=c:\users\astalavista\downloads\kicad-20120121-r3372-windows\eeschema.exe |
"UDP Query User{7438D975-F806-45BB-9B0B-DE18A23FB3FB}C:\users\astalavista\downloads\kicad-20120121-r3372-windows\eeschema.exe" = protocol=17 | dir=in | app=c:\users\astalavista\downloads\kicad-20120121-r3372-windows\eeschema.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files
"{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21903252-3854-48D6-8F0C-F648CFA818C9}" = NI Help Assistant (64bit)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416013FF}" = Java(TM) 6 Update 13 (64-bit)
"{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{3DD68F17-2C5D-49AC-9280-13C90FE19B71}" = NI Logos64 5.1.3
"{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{4EBBC187-6988-4B10-A846-E1DBD2AD2B8D}" = NI Math Kernel Libraries (64-bit)
"{52167B0C-FB5D-43E7-BEC5-24EE6BEE2BA0}" = DVSE Updater
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{62140B07-129A-2BD0-81D2-2A1A7408ADC8}" = ATI Catalyst Install Manager
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{7C39E0D1-E138-42B1-B083-213EC2CF7692}" = Microsoft SQL Server Native Client
"{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-1000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{945CF655-4A32-4667-B085-70A9D53C5A86}" = NI VC2008MSMs x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B092C4EE-F80B-48DD-B57D-C42B66543BE0}" = NI VC2005MSMs x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C342A5D7-9D75-4D37-879A-BAA68D168670}" = NI Logos64 XT Support
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{CA7DAF6F-D5F4-46FD-A824-7E0B472C3211}" = NI USI 1.7.0 64-Bit
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{CCC79B52-19CF-4A50-BE60-AEE3DE96B3EA}" = NI Web Pipeline 2.0.1 64-bit support
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{D8C0E5E1-3B66-465D-8F9B-F591F5CDA726}" = NI Trace Engine (64-bit)
"{E63A64BC-6458-432B-A5FA-A61BFD34EA6E}" = NI TDMS (64-bit)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"CCleaner" = CCleaner
"EPSON SX410 Series" = EPSON SX410 Series Printer Uninstall
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Office14.SingleImage" = Microsoft Office Home and Student 2010
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{0197D136-598D-4968-BEEA-91C1B764F05D}" = Lexware buchhalter 2012
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (JTLWAWI)
"{02B6E651-686D-4BCD-8A93-C07B01761745}" = NI Logos 5.1.3
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{0F32914F-A633-4516-B531-7084C8F19F93}" = Haufe iDesk-Browser
"{0FD812C9-3BBE-4CC5-A43C-B7304E3EC581}" = NI Web Pipeline 2.0.1
"{1923679F-C14B-4790-BC54-EFA3FCDE147B}" = Lexware Elster
"{1D081AB0-B1CC-11E0-80C0-005056B12123}" = Haufe iDesk-Service
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200927E3-5E45-493A-9343-508613BC59CE}" = NI LabVIEW Web Services Runtime
"{213B996A-A55B-4F9F-B897-2F8C4397EF97}" = WinFunktion Mathematik + 16
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{2DBC8A34-0646-4F3D-B005-414E317FB281}" = NI Circuit Design Suite 11.0.2 Edu Licenses
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2FFCCA65-E775-4636-8274-B382F72F6D24}" = Cadence Allegro Free Physical Viewers 16.5
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011
"{37BC8FCE-15B1-456E-A62C-EEB175B71340}" = Lexware reisekosten plus 2011
"{3A05B900-A3E7-11DE-A9B7-005056806466}" = Google Earth
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{41A0986C-CED7-4C93-AFF2-DC8566253B7B}" = NI MetaSuite Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4FFBBF14-D82E-483D-8C1D-FCECAABD399E}" = NI LabWindows/CVI 9.0.1 Run-Time Engine
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{57B77060-04B4-468E-89A9-F68EEE466F57}" = NI USI 1.7.0
"{5C0BBD9F-2D3F-4093-AD7B-3F7377E0EDCA}" = NI LabVIEW Real-Time NBFifo
"{5DC29616-B2BD-4E55-BDA1-AA81D30F83D5}" = LTpowerPlay
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{604D1BD4-7EE3-4704-8D53-0675FA94AE57}" = NI MDF Support
"{63E19B33-DD24-4EAB-9E77-6735C2171CE4}" = NI VC2005MSMs x86
"{644DAD90-2083-4871-BD49-721BF8FAE295}" = NI LabVIEW Run-Time Engine 8.6.1
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65246CE4-17F2-4896-8828-696086BED5F6}" = NI TDMS
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C520D64-E109-4A73-82A3-7808592051BC}" = NI Circuit Design Suite 11.0.2 Core
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F7D11DC-DE87-45C8-A37E-A35B724FC771}" = NI Help Assistant
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7ACFB216-29F7-4331-A5ED-2563AEB51F21}" = NI Trace Engine
"{7BE5AA0C-E564-430F-B297-2B01121A1C5A}" = NI LabVIEW Real-Time NBFifo
"{7CD0F3A4-AA2F-4F6E-84F4-BFC2905D4BA3}" = NI EULA Depot
"{7FB64E72-9B0E-4460-A821-040C341E414A}" = ASUS Ai Charger
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B05C597-5509-47C6-87B8-461E1BB6AF5C}" = NI LabVIEW Run-Time Engine 2009
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C049499-055C-4a0c-A916-1D8CA1FF45EB}" = Sitecom 300N USB Wireless LAN Driver and Utility
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A3752527-E9F5-4EE5-9A09-D6582AFE1D35}" = NI Circuit Design Suite 11.0.2 Education
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{ABD79E99-F9E3-413B-8D18-11070754355F}" = NI Math Kernel Libraries
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B10F8C17-3DB8-4093-92F6-9F85C263D51A}" = NI LabVIEW Run-Time Engine Interop 2009
"{B226F936-42E3-402E-8CF8-C1D92F255A17}" = NI Uninstaller
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BBAAAD82-6242-420F-86D4-BD72BB5E6C86}" = Tools für Microsoft SQL Server 2005 Express Edition
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BE95841B-D741-4B72-B79B-1EC61240F10E}" = NI Service Locator
"{C0FF3C38-FC96-4575-8A7B-89DDA3F9C79D}" = NI-Update-Dienst 1.1
"{C1C50448-C067-454A-80B2-334ECAC8F414}" = Lexware Admintools Plus
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFF55EAB-5A2F-4A95-99D4-EF3E585F03FD}" = NI Logos XT Support
"{D34A78EB-78F2-48ab-8CAE-5D4DC255A491}" = Lexware reisekosten plus 2011
"{D361B9E5-E918-48CB-BEC3-8E44A5F6E624}" = NI LabVIEW 2009 SP1 Run-Time Engine Web Services
"{D581FB60-4827-4AB0-9BF0-A1159C1D0579}" = NI License Manager
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DAD5AC93-8518-4F46-A5FE-E63FEE791B6F}" = AMD OverDrive
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{DAF15921-FA90-4427-82A2-1852A9BAC99A}" = Lexware Datenbank plus 2011
"{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries
"{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU
"{DF344785-0900-471E-B9F5-6F28C89AF638}" = TAXMAN Bibliothek 2012
"{E37CCD6C-56C1-43C7-B2FA-24A32B6B09F7}" = NI Example Finder 9.0
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC8BF669-EFEA-40D9-8894-9074E407FC07}" = NI VC2008MSMs x86
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F11F2CA2-F45F-4CC2-8962-28A0F5DC625A}" = NI-Update-Dienst 1.1 Full
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}" = Lexware Info Service
"{FA3FDB06-3368-4579-B2F2-5AE8AD6E7871}" = TAXMAN 2012
"{FE24BCDF-9231-450D-AA08-D3550B81EE41}" = NI LabVIEW Web Server for Run-Time Engine
"{FEFA778A-05D2-4D0F-80A3-7AE24B8161C0}" = NI LabVIEW Web Server for Run-Time Engine
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"Avira AntiVir Desktop" = Avira Antivirus Premium 2012
"bhv Schule total 2008/09 Starter" = bhv Schule total 2008/09 Starter
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DivX Setup.divx.com" = DivX-Setup
"EAGLE 6.1.0" = EAGLE 6.1.0
"ELECTRA_is1" = ELECTRA 2.8
"EPSON Scanner" = EPSON Scan
"Flugzeuge bauen mit Willy Werkel_is1" = Flugzeuge bauen mit Willy Werkel
"HC51 9.60PL0" = HI-TECH C51-lite V9.60PL0
"HeidiSQL_is1" = HeidiSQL 7.0.0.4053
"Kalo24 - der Freeware-Kaloreinexperte" = Kalo24 - der Freeware-Kaloreinexperte 1.0.0.0
"LTspice IV" = LTspice IV
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox (3.6.28)" = Mozilla Firefox (3.6.28)
"NI Uninstaller" = Software von National Instruments
"nLite_is1" = nLite 1.4.9.1
"Nokia Suite" = Nokia Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.01.1532" = Opera 12.01
"Origin" = Origin
"PICC 9.60PL0" = HI-TECH PICC lite V9.60PL0
"Target 3001! V15 discover" = Target 3001! V15 discover
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"ViewpointMediaPlayer" = Viewpoint Media Player
"VMware_Player" = VMware Player
"Vocup_is1" = Vocup 1.4.3
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FIFA 11 Hybrid Gameplay Patch 3.0.4 AUTO INSTALL by Doctor+" = FIFA 11 Hybrid Gameplay Patch 3.0.4 AUTO INSTALL by Doctor+
"FoxTab PDF Converter" = FoxTab PDF Converter
"WinSetupFromUSB" = WinSetupFromUSB
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 08.08.2012 20:23:26 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10015
Error - 08.08.2012 20:23:27 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 08.08.2012 20:23:27 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11013
Error - 08.08.2012 20:23:27 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11013
Error - 08.08.2012 20:23:28 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 08.08.2012 20:23:28 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12012
Error - 08.08.2012 20:23:28 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12012
Error - 08.08.2012 20:23:29 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 08.08.2012 20:23:29 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13010
Error - 08.08.2012 20:23:29 | Computer Name = AstaLaVista-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13010
[ System Events ]
Error - 09.08.2012 05:10:32 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%0
Error - 09.08.2012 05:10:32 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
dienstspezifischem Fehler beendet: %%-1073741288.
Error - 09.08.2012 05:10:35 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%0
Error - 09.08.2012 05:10:35 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
dienstspezifischem Fehler beendet: %%-1073741288.
Error - 09.08.2012 05:10:38 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%0
Error - 09.08.2012 05:10:38 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
dienstspezifischem Fehler beendet: %%-1073741288.
Error - 09.08.2012 05:10:41 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%0
Error - 09.08.2012 05:10:41 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
dienstspezifischem Fehler beendet: %%-1073741288.
Error - 09.08.2012 05:10:44 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%0
Error - 09.08.2012 05:10:44 | Computer Name = AstaLaVista-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "NLA (Network Location Awareness)" wurde mit folgendem
dienstspezifischem Fehler beendet: %%-1073741288.
< End of report >
keiner ne idee? ist es überhaupt ein Virus? Geändert von Dr.Dietz (09.08.2012 um 10:16 Uhr) |
|
15.08.2012, 15:43
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Firewall lässt sich nicht einschalten / keinerlei NetzwerkzugriffZitat:
Das ist nicht rein zufällig ein Büro-PC bzw hauptsächlich gewerblich genutzter Rechner um den es hier geht?
__________________ |
|
| Themen zu Firewall lässt sich nicht einschalten / keinerlei Netzwerkzugriff |
| 7-zip, access, angezeigt, antimalware, antivir, automatisch, document, eingeschränkter zugriff, emsisoft, firewall, gameplay, google earth, guter, hijack, hotspot, install.exe, interne, internet, langsam, meldung, microsoft, national, netzwerkzugriff, nicht mehr, nvidia update, plug-in, programme, safer networking, scan, scanner, schutz, spybot, usb 3.0, verfügbar, visual studio, windows, windows 7, wirklich, wlan, wrapper, zugriff |
Linear-Darstellung
