| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: "ihavenet-Problem" bei Google-Suche im Mozilla Firefox unter Windows Vista 32bitWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
14.12.2012, 22:37
| #1 |
| |  "ihavenet-Problem" bei Google-Suche im Mozilla Firefox unter Windows Vista 32bit Hallo liebes Trojaner-Board-Team, zunächst einmal vielen Dank, dass man hier die Chance auf Hilfe bekommt! Das Problem: Eine Verwandte hat seit gestern bei der Google-Suche im Firefox das oft geschilderte "ihavenet"-Problem. Auf dem Weg zur Lösung: Ich habe hier diverse Threads dazu gelesen und bemerkt, dass viele damit beginnen, ihre OTL-Logfiles zu posten, statt Logfiles anderer Scanner wie Malwarebytes. Da dies nicht beanstandet wurde, beginne ich deshalb auch gleich so, in der Hoffnung, dass dies richtig ist. Vielen Dank schon mal für Rückmeldungen und viele Grüße, Martin Inhalt der OTL.txt: Code:
ATTFilter OTL logfile created on: 14.12.2012 21:43:51 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mechthild\Documents\Downloads Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,75 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 60,51% Memory free 3,74 Gb Paging File | 2,82 Gb Available in Paging File | 75,49% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 141,04 Gb Total Space | 60,21 Gb Free Space | 42,69% Space Free | Partition Type: NTFS Computer Name: MECHTHILD-PC | User Name: Mechthild | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.12.14 20:31:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mechthild\Documents\Downloads\OTL.exe PRC - [2012.12.11 18:12:00 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.12.11 18:11:46 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2012.12.11 18:11:46 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2012.12.11 18:11:44 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.12.11 18:11:44 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.11.18 22:05:30 | 000,168,864 | ---- | M] () -- C:\Programme\HTC\HTC Sync Manager\HTC Sync\adb.exe PRC - [2012.11.08 17:31:21 | 000,997,320 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe PRC - [2012.11.08 17:31:21 | 000,711,112 | ---- | M] () -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe PRC - [2012.10.26 16:17:52 | 000,087,368 | ---- | M] (Nero AG) -- C:\Programme\HTC\HTC Sync Manager\HSMServiceEntry.exe PRC - [2012.10.19 01:26:06 | 001,573,584 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe PRC - [2012.10.08 16:40:38 | 000,166,912 | ---- | M] () -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.06.13 15:53:48 | 001,014,112 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Programme\Evernote\Evernote\EvernoteClipper.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.04.07 08:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Programme\Epson Software\Event Manager\EEventManager.exe PRC - [2008.01.19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.19 08:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2006.11.15 15:50:16 | 000,118,870 | ---- | M] () -- c:\Programme\Powercinema\Kernel\TV\CLSched.exe PRC - [2006.11.15 15:50:14 | 000,274,520 | ---- | M] () -- c:\Programme\Powercinema\Kernel\TV\CLCapSvc.exe PRC - [2006.11.09 10:57:52 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2004.01.12 19:40:24 | 000,069,632 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe PRC - [2003.11.19 12:03:40 | 000,045,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe PRC - [2000.07.21 23:55:54 | 000,028,739 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Microsoft Works\WkDetect.exe ========== Modules (No Company Name) ========== MOD - [2012.11.18 22:05:30 | 000,168,864 | ---- | M] () -- C:\Programme\HTC\HTC Sync Manager\HTC Sync\adb.exe MOD - [2012.11.08 17:31:21 | 000,997,320 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe MOD - [2012.11.08 17:31:21 | 000,566,728 | ---- | M] () -- C:\Programme\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll MOD - [2012.11.08 17:31:21 | 000,134,600 | ---- | M] () -- C:\Programme\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll MOD - [2012.03.16 14:42:58 | 000,315,392 | ---- | M] () -- C:\Programme\Evernote\Evernote\libtidy.dll MOD - [2012.03.16 14:42:56 | 000,433,664 | ---- | M] () -- C:\Programme\Evernote\Evernote\libxml2.dll MOD - [2009.03.12 14:45:32 | 000,135,168 | ---- | M] () -- C:\Programme\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll MOD - [2008.11.21 12:58:42 | 000,057,344 | ---- | M] () -- C:\Programme\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll MOD - [2006.11.08 12:05:50 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2004.02.06 15:36:34 | 000,024,576 | ---- | M] () -- C:\Programme\Ulead Systems\Ulead Photo Express 5 SE\CalRemiRC.dll ========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08) SRV - File not found [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler) SRV - [2012.12.12 13:45:58 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.12.11 18:12:00 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.12.11 18:11:46 | 000,565,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) SRV - [2012.12.11 18:11:44 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.12.08 16:40:03 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.11.08 17:31:21 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0) SRV - [2012.10.26 16:17:52 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\HTC\HTC Sync Manager\HSMServiceEntry.exe -- (HTCMonitorService) SRV - [2012.10.08 16:40:38 | 000,166,912 | ---- | M] () [Auto | Running] -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.01.19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2006.11.15 15:50:16 | 000,118,870 | ---- | M] () [Auto | Running] -- c:\Programme\Powercinema\Kernel\TV\CLSched.exe -- (CLSched) SRV - [2006.11.15 15:50:14 | 000,274,520 | ---- | M] () [Auto | Running] -- c:\Programme\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ANDROIDUSB.sys -- (HTCAND32) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - [2012.12.11 18:12:04 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.12.11 18:12:04 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.11.13 14:10:06 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012.11.08 17:31:21 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp) DRV - [2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012.08.27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.06.23 09:23:46 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot) DRV - [2009.01.10 13:57:36 | 000,108,768 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV08.sys -- (ACEDRV08) DRV - [2006.11.08 12:15:04 | 002,071,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2006.11.02 08:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2006.11.01 21:18:15 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) DRV - [2001.11.08 09:53:54 | 000,018,120 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gt680x.sys -- (GT680x) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80012 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80012 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.) IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {C04B7D22-5AEC-4561-8F49-27F6269208F6} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = hxxp://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60438 IE - HKCU\..\SearchScopes\{3A38DAA6-69F1-40E4-ADB5-C1055A1A3112}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^VK^DE&apn_uid=1167f9ae-176a-4934-a1a6-7dbefd0ec75c&apn_sauid=383DA204-8E6D-4260-8698-D81D8B05CF4C IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://localhost:4664/search&s=S_l9-FO8L9UrLfzpyZueTaFxy90?q={searchTerms} IE - HKCU\..\SearchScopes\{727367C1-DF73-4F03-BBD3-846C01A69513}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms} IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={E524972B-5B3C-4904-8C90-08D108E7743F}&mid=18eeadf1451f47d1806e0fc625a99a3a-158c45bb8828580e4f4fbc30e683841be92ee952&lang=de&ds=tt015&pr=sa&d=2012-02-09 11:00:07&v=12.2.5.32&sap=dsp&q={searchTerms} IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80012 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.08 16:40:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.08 16:39:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.06 14:02:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012.12.06 14:02:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.08 16:40:04 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.08 16:39:45 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.06 14:02:40 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012.12.06 14:02:43 | 000,000,000 | ---D | M] [2012.12.08 16:39:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.12.08 16:39:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions [2012.12.08 16:39:35 | 000,000,000 | ---D | M] (GMX Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@gmx.net [2012.12.08 16:40:04 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012.06.20 17:24:34 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.11.08 17:31:26 | 000,003,574 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2009.07.26 18:23:06 | 000,002,194 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012.11.07 18:54:04 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2007.07.26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml [2012.06.20 17:24:34 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.06.20 17:24:34 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.20 17:24:34 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.20 17:24:34 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google () CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo Layers\YontooIEClient.dll (Yontoo Technology, Inc.) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [EEventManager] C:\Programme\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation) O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe () O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Ulead AutoDetector] C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe (Ulead Systems, Inc.) O4 - HKLM..\Run: [Ulead Photo Express 5 SE Calendar Checker] C:\Programme\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe (Ulead Systems, Inc.) O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [EPSON SX510W Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [gsbjitpnec] C:\Users\Mechthild\AppData\Roaming\KB160.dll () O4 - HKCU..\Run: [Microsoft Works Update Detection] C:\Programme\Microsoft Works\WkDetect.exe (Microsoft® Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - Startup: C:\Users\Mechthild\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Programme\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Common Files\microsoft shared\Reference 2001\EROProj.dll () O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.7.2) O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA758C19-CC8C-40E7-93FE-A2290A9652C0}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msencarta {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Programme\Common Files\microsoft shared\Reference 2001\MSREF.DLL () O18 - Protocol\Handler\msero {B0D92A71-886B-453B-A649-1B91F93801E7} - C:\Programme\Common Files\microsoft shared\Reference 2001\msero.dll () O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\msref {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\Programme\Common Files\microsoft shared\Reference 2001\MSREF.DLL () O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll () O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Mechthild\Eigene Bilder\Digitalkamera Pentax\Sept.Okt. 2012\103_0210\IMGP0003.JPG O24 - Desktop BackupWallPaper: C:\Users\Mechthild\Eigene Bilder\Digitalkamera Pentax\Sept.Okt. 2012\103_0210\IMGP0003.JPG O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{99fee1ce-c901-11e1-aef2-fa6690f9baca}\Shell - "" = AutoRun O33 - MountPoints2\{99fee1ce-c901-11e1-aef2-fa6690f9baca}\Shell\AutoRun\command - "" = E:\HTC_Sync_Manager_PC.exe O33 - MountPoints2\{99fee1eb-c901-11e1-aef2-fa6690f9baca}\Shell - "" = AutoRun O33 - MountPoints2\{99fee1eb-c901-11e1-aef2-fa6690f9baca}\Shell\AutoRun\command - "" = E:\HTC_Sync_Manager_PC.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.12.14 21:28:50 | 000,000,000 | ---D | C] -- C:\Users\Mechthild\Desktop\ihavenet-problem [2012.12.14 21:06:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.12.14 21:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.12.14 21:06:19 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.12.14 21:06:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.12.10 19:00:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2012.12.10 18:48:39 | 000,000,000 | ---D | C] -- C:\Program Files\Spirent Communications [2012.12.08 16:39:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012.12.06 14:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012.11.27 17:40:01 | 000,000,000 | ---D | C] -- C:\NwDocx [2012.11.27 17:40:01 | 000,000,000 | ---D | C] -- \NwDocx [2012.11.27 17:38:58 | 000,000,000 | ---D | C] -- C:\Docx2Rtf [2012.11.27 17:38:58 | 000,000,000 | ---D | C] -- \Docx2Rtf [2007.05.18 10:51:04 | 000,250,544 | ---- | C] (KeyWorks Software) -- C:\Program Files\Common Files\keyhelp.ocx [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.12.14 21:50:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.12.14 21:45:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.12.14 21:36:51 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2012.12.14 21:36:47 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.12.14 21:36:47 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.12.14 21:36:44 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.12.14 21:36:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.12.14 21:36:21 | 1878,384,640 | -HS- | M] () -- C:\hiberfil.sys [2012.12.14 21:06:23 | 000,000,909 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.12.14 20:30:15 | 000,000,000 | ---- | M] () -- C:\Users\Mechthild\defogger_reenable [2012.12.14 20:00:00 | 000,000,532 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Vollständige Systemprüfung ausführen - Mechthild.job [2012.12.14 19:58:01 | 000,000,248 | ---- | M] () -- C:\Windows\tasks\Epson Printer Software Downloader.job [2012.12.14 00:20:56 | 000,628,210 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.12.14 00:20:56 | 000,595,308 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.12.14 00:20:56 | 000,126,850 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.12.14 00:20:56 | 000,104,742 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.12.12 20:58:42 | 000,430,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.12.11 18:12:04 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys [2012.12.11 18:12:04 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys [2012.12.10 19:21:10 | 000,002,025 | ---- | M] () -- C:\Users\Mechthild\Desktop\HTC Sync Manager.lnk [2012.11.27 18:12:04 | 000,000,849 | ---- | M] () -- C:\Users\Mechthild\Desktop\Docx2Rtf.exe - Verknüpfung.lnk [2012.11.26 16:18:11 | 000,000,647 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\windata Zahlungserinnerung.lnk [2012.11.26 16:18:11 | 000,000,545 | ---- | M] () -- C:\Users\Public\Desktop\windata 8.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.12.14 21:06:23 | 000,000,909 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.12.14 20:30:15 | 000,000,000 | ---- | C] () -- C:\Users\Mechthild\defogger_reenable [2012.12.10 19:21:10 | 000,002,025 | ---- | C] () -- C:\Users\Mechthild\Desktop\HTC Sync Manager.lnk [2012.11.27 18:12:04 | 000,000,849 | ---- | C] () -- C:\Users\Mechthild\Desktop\Docx2Rtf.exe - Verknüpfung.lnk [2012.11.26 16:18:11 | 000,000,647 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\windata Zahlungserinnerung.lnk [2012.11.26 16:18:11 | 000,000,545 | ---- | C] () -- C:\Users\Public\Desktop\windata 8.lnk [2012.09.11 00:03:19 | 000,000,967 | ---- | C] () -- C:\Users\Mechthild\Bildbestellung.html [2012.06.14 22:22:08 | 000,000,016 | -H-- | C] () -- C:\Users\Mechthild\SyncToy_21df9e93-f96f-4bc1-9398-4cdf9501b917.dat [2011.03.31 18:46:04 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2011.03.31 18:46:04 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2011.03.31 18:46:04 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2011.03.31 18:46:04 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2011.03.31 18:46:04 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2011.03.31 18:46:04 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2011.03.31 18:46:04 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2011.03.31 18:46:04 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2011.03.31 18:46:04 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2011.03.31 18:46:04 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2011.03.31 18:46:04 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2011.03.31 18:46:04 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2011.03.31 18:46:04 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2011.03.31 18:46:04 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2011.03.31 18:46:04 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2011.03.31 18:46:04 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2011.03.31 18:46:04 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2011.03.31 18:46:04 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2011.03.31 18:46:04 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2010.04.26 14:30:01 | 000,010,263 | ---- | C] () -- C:\Users\Mechthild\Martin Hunstein Ski-Service_Ma19Hu50_elster_2048.pfx [2009.10.01 20:32:34 | 1878,384,640 | -HS- | C] () -- \hiberfil.sys [2009.09.03 14:00:50 | 003,193,344 | ---- | C] () -- C:\Program Files\Common FilesDDBACSetup.msi [2009.06.03 15:28:43 | 000,000,016 | -H-- | C] () -- C:\Users\Mechthild\SyncToy_cf19573e-728d-47eb-8e50-2257478acf23.dat [2009.06.03 13:47:11 | 001,789,952 | ---- | C] () -- C:\Users\Mechthild\AppData\Local\filesync.metadata [2007.12.27 22:51:02 | 000,234,496 | ---- | C] () -- \VC_RED.MSI [2007.12.27 22:48:06 | 001,442,522 | ---- | C] () -- \VC_RED.cab [2007.12.27 22:37:08 | 000,096,272 | ---- | C] () -- \install.res.1031.dll [2007.12.27 22:24:20 | 000,000,843 | ---- | C] () -- \install.ini [2007.12.27 22:24:08 | 000,562,688 | ---- | C] () -- \install.exe [2007.12.27 22:24:08 | 000,005,686 | ---- | C] () -- \vcredist.bmp [2007.12.27 22:24:08 | 000,001,110 | ---- | C] () -- \globdata.ini [2007.06.30 10:55:45 | 000,004,096 | -H-- | C] () -- C:\Users\Mechthild\AppData\Local\keyfile3.drm [2007.05.10 17:24:47 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html [2007.03.30 13:58:25 | 000,013,603 | ---- | C] () -- C:\Users\Mechthild\pspbrwse.jbf [2007.03.21 10:15:30 | 004,387,766 | ---- | C] () -- C:\Users\Mechthild\mmsm.exe [2007.03.15 20:52:08 | 035,792,384 | ---- | C] () -- C:\Users\Mechthild\wdhome.exe [2007.03.04 19:08:57 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS [2007.03.04 19:08:57 | 000,000,000 | RHS- | C] () -- \IO.SYS [2007.03.03 13:58:20 | 000,447,773 | ---- | C] () -- C:\Users\Mechthild\ds_ddr2_c_die_udimm_rev12.pdf [2007.02.10 23:36:26 | 000,024,576 | ---- | C] () -- C:\Users\Mechthild\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006.12.06 17:11:55 | 000,333,257 | RHS- | C] () -- \bootmgr [2006.12.04 06:35:47 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK [2006.12.03 22:17:50 | 000,000,328 | ---- | C] () -- \PB.iss [2006.12.03 22:08:40 | 000,001,901 | ---- | C] () -- C:\Users\Mechthild\Benutzerhandbuch (PackardBell InfoCentre).lnk [2006.12.03 21:59:44 | 000,001,809 | -H-- | C] () -- \IPH.PH [2006.11.02 11:23:09 | 000,000,024 | ---- | C] () -- \autoexec.bat [2006.11.02 07:25:08 | 000,000,010 | ---- | C] () -- \config.sys ========== ZeroAccess Check ========== [2006.11.02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 76 bytes -> C:\Users\Mechthild\Installationsdateien Martin Feb 2007:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Mechthild\Documents\Updater5:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Mechthild\Documents\Stick Kolloquium:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Mechthild\Documents\Stick Genie Parken:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Mechthild\Documents\neu bis 03.03.07:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Mechthild\Documents\Meine PSP-Dateien:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Mechthild\Documents\Eigene Maps:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Mechthild\Documents\Bildschirmschoner:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Mechthild\Documents\2007:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Mechthild\Desktop\Notizen:Roxio EMC Stream < End of report > Code:
ATTFilter OTL Extras logfile created on: 14.12.2012 20:32:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mechthild\Documents\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,75 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 51,24% Memory free
3,75 Gb Paging File | 2,62 Gb Available in Paging File | 70,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141,04 Gb Total Space | 60,22 Gb Free Space | 42,70% Space Free | Partition Type: NTFS
Computer Name: MECHTHILD-PC | User Name: Mechthild | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.reg [@ = regfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\Foto Brinke\Foto Brinke Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Foto Brinke Fotowelt] -- "C:\Program Files\Foto Brinke\Foto Brinke Fotowelt\Foto Brinke Fotowelt.exe" "%1" ()
Directory [Mein CEWE FOTOBUCH] -- "C:\Program Files\CeWe Color\Mein CEWE FOTOBUCH\Mein CEWE FOTOBUCH.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E5AC463-FF31-4C19-9B85-D1C58A24362E}" = protocol=6 | dir=in | app=c:\program files\powercinema\powercinema.exe |
"{1B040E4F-F03E-402A-B041-F866BD67AF40}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{2A2A8681-013F-4797-B4C9-FD0D8E95DE34}" = dir=in | app=c:\program files\htc\htc sync manager\htcsyncmanager.exe |
"{31614585-9B2E-44A3-A29C-7901A7E343C0}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"{4541FB6C-F7F8-49EB-AA29-763C9F717FFB}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{4C5F75EC-D40D-47ED-A8FC-BB3BB32B56FA}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{60E36F3B-23DB-43C7-AC08-B5691F61C123}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{61ADCB72-7432-40E4-A512-46A59E0F7649}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{6A660A25-F48F-468C-8C13-D2F334EA40E7}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe |
"{7EB1BF5D-D2D9-4314-8FCD-0B244175608F}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{ACB2CD6D-48CD-4568-B9A0-30617CD888B5}" = protocol=17 | dir=in | app=c:\program files\powercinema\pcmservice.exe |
"{D2B9D372-2B75-49D6-8ED8-736ADEEE27CF}" = protocol=6 | dir=in | app=c:\program files\powercinema\pcmservice.exe |
"{DE5F7BB1-244B-4B70-A9B0-9DB4C6D85539}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{F335C0AE-EE2A-40F8-876C-286DF30AB90E}" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"{F546ABA8-4A15-481A-B1C1-A8EADB1CC627}" = protocol=17 | dir=in | app=c:\program files\powercinema\powercinema.exe |
"TCP Query User{23856CD8-B91D-44CE-BFA9-A9DD533CCD4C}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{9E222A53-3EBC-407B-ADB5-287A4755E6A7}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{ACE7EC92-DFD9-498A-A5AE-D14F8E91DFFF}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{571F82EA-178A-4C20-862B-87BC6D9F8F7F}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{61D14F27-9FA7-4449-8D23-72C354FC6B0E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{C00954AD-6C17-4F70-AE53-38DB7581E488}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02008202-5D65-445A-B3B4-3DCE72BA0C6C}" = Microsoft Encarta Weltatlas 2001
"{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0BE73D3C-B5AF-11E1-933A-984BE15F174E}" = Evernote v. 4.5.7
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{1EFCD7BB-781F-4181-9690-938D99E14C43}" = windata Systemkomponenten
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = PowerCinema
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{31383A1D-FAE6-435A-9DBD-FDB61C7C8EC9}" = Ulead Photo Express 5 SE
"{33B637E3-1DF3-9729-0813-9A7AFD95B7FF}" = ATI Catalyst Control Center Ex
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5AA41640-7B32-48C7-AD5C-7370256650D7}" = windata 8
"{5DC3BFF3-B84F-4CBE-B2BD-FB52B6C247CA}" = HTC Sync Manager
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B26AE16-746E-4EF4-A8BA-51F095A8C673}" = Mindjet MindManager Viewer 6
"{725DD816-9E49-4384-900B-B13533567664}" = windata 7
"{7E0BD9D3-F6A0-4931-84B1-3A59FE002D2D}" = Schulleiter-ABC Bayern
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers 1.10.01
"{8BEF9578-AB8E-48B7-8EAA-873ED21B7DFE}" = DDBAC
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.2 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AFDFC350-C142-4790-BE12-8357AECD028F}" = SyncToy 2.0 (x86)
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF4434001}" = Epson Printer Software Downloader
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Creator 9 LE
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C5DB5FBF-F037-4BEE-A110-257E89EDD8BB}" = Microsoft Word in Works Suite-Add-In
"{C7B8E06E-EBBC-4210-93AB-DFC8760E3FC9}" = Works Suite-Betriebssystem-Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0AC6844-79D4-11D4-AFEE-00C04F443448}" = Microsoft Works 6.0
"{D271DAE0-8D68-4C97-8356-A126D48A1D8C}" = Ulead Photo Explorer 8.0 SE Basic
"{D719E8F1-6931-40b4-AC0B-5FE2C097F995}" = C4200_doccd
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E6098043-1183-4580-89EF-423CBF807188}" = pdfforge Toolbar v4.6
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2260E94-80F2-4CB1-B6B1-6043D9BFFA47}" = Works-Synchronisierung
"{FA5E9826-466A-11D7-AA57-00E07DDCAF19}" = DER ZAHLENTEUFEL
"{FFFAE01B-466F-4C07-9821-A94FD753BDDA}" = EpsonNet Setup
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AnotherUnzipper_is1" = AnotherUnzipper - Deinstallation
"AnotherZipper_is1" = AnotherZipper - Deinstallation
"AOL Deinstallation" = AOL Deinstallation
"AUDIO_REALTEK" = Realtek HD Audio V6.0.1.5322
"AVG Secure Search" = AVG Security Toolbar
"Avira AntiVir Desktop" = Avira Free Antivirus
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"CREATOR9" = Creator 9
"Epson Printer Software Downloader" = Epson Printer Software Downloader
"EPSON Scanner" = EPSON Scan
"Epson Stylus SX510W_TX550W Benutzerhandbuch" = Epson Stylus SX510W_TX550W Handbuch
"EPSON SX510W Series" = EPSON SX510W Series Printer Uninstall
"FoneSync" = FoneSync
"Foto Brinke Fotowelt" = Foto Brinke Fotowelt
"FotoQuelle Fotosoftware" = FotoQuelle Fotosoftware 4.12.1
"GMX Internet Manager" = GMX Internet Manager
"GMX ProfiFax" = GMX ProfiFax
"GMX SMS-Manager" = GMX SMS-Manager
"Google Desktop" = Google Desktop
"hotpot6_is1" = Hot Potatoes v 6.2.0.9
"Infocentre" = Infocentre Rev. 2.0
"Mein CEWE FOTOBUCH" = Mein CEWE FOTOBUCH
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MindManager Smart" = MindManager Smart
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"Mozilla Thunderbird 17.0 (x86 de)" = Mozilla Thunderbird 17.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCSR" = Microsoft Speech Recognition Engine 4.0 (English)
"NIS2007_DE" = NIS2007
"Picasa 3" = Picasa 3
"PowerCinema5" = Power Cinema 5
"Shockwave" = Shockwave
"SKYPE" = Skype 2.5.2.151
"Skype_is1" = Packard Bell - Skype 2.5
"Updator" = Packard Bell Updator
"VIDEO_RIO" = Video ATI v8.31
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinRAR archiver" = WinRAR
"Works2001Setup" = Microsoft Works 2001-Setup-Start
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.12.2012 14:00:08 | Computer Name = Mechthild-PC | Source = System Restore | ID = 8193
Description =
Error - 10.12.2012 14:02:06 | Computer Name = Mechthild-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\HTC\HTC
Sync Manager\HTC Sync\FDAgentForOutlook64.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.12.2012 14:03:08 | Computer Name = Mechthild-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\HTC\HTC
Sync Manager\HTC Sync\FDAgentForOutlook64.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.12.2012 14:04:53 | Computer Name = Mechthild-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\HTC\HTC
Sync Manager\HTC Sync\FDAgentForOutlook64.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.12.2012 15:12:16 | Computer Name = Mechthild-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung firefox.exe, Version 17.0.1.4715, Zeitstempel
0x50b71a4b, fehlerhaftes Modul xul.dll, Version 17.0.1.4715, Zeitstempel 0x50b7198b,
Ausnahmecode 0xc0000005, Fehleroffset 0x00144ed8, Prozess-ID 0xb44, Anwendungsstartzeit
01cdd6f82d512568.
Error - 13.12.2012 14:09:01 | Computer Name = Mechthild-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 13.12.2012 14:09:02 | Computer Name = Mechthild-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 13.12.2012 14:09:16 | Computer Name = Mechthild-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 13.12.2012 14:15:19 | Computer Name = Mechthild-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 13.12.2012 20:03:44 | Computer Name = Mechthild-PC | Source = Application Hang | ID = 1002
Description = Programm avscan.exe, Version 13.6.0.402 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: ad0 Anfangszeit: 01cdd93806c4a8f1 Zeitpunkt der Beendigung:
0
[ System Events ]
Error - 12.12.2012 16:01:25 | Computer Name = Mechthild-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 12.12.2012 16:01:25 | Computer Name = Mechthild-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 13.12.2012 07:27:11 | Computer Name = Mechthild-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 13.12.2012 07:27:11 | Computer Name = Mechthild-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 14.12.2012 04:52:28 | Computer Name = Mechthild-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 14.12.2012 04:52:29 | Computer Name = Mechthild-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 14.12.2012 04:52:58 | Computer Name = Mechthild-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 14.12.2012 04:53:04 | Computer Name = Mechthild-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 14.12.2012 13:14:01 | Computer Name = Mechthild-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 14.12.2012 13:14:01 | Computer Name = Mechthild-PC | Source = Service Control Manager | ID = 7009
Description =
< End of report >
|
| Themen zu "ihavenet-Problem" bei Google-Suche im Mozilla Firefox unter Windows Vista 32bit |
| 32 bit, antivir, autorun, avg secure search, avg security toolbar, avira, avira searchfree toolbar, desktop, excel, fehler, firefox, flash player, home, ihavenet, intranet, mozilla, packard bell, pdfforge toolbar, plug-in, problem, realtek, registry, secure search, security, software, stick, symantec, tr/ponmocup.eb.7, vtoolbarupdater, win32/adware.ndotnet, win32/adware.yontoo, win32/adware.yontoo.a, windows, yontoo |
Baum-Darstellung