| |
| |||||||
Log-Analyse und Auswertung: EVU Trojaner - Bitte um HilfeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.01.2013, 20:35
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  EVU Trojaner - Bitte um Hilfe Eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.01.2013, 20:50
| #17 |
 | EVU Trojaner - Bitte um HilfeCode:
ATTFilter OTL logfile created on: 08.01.2013 20:40:07 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maik\Desktop\gvu virus Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 50,05% Memory free 6,00 Gb Paging File | 4,38 Gb Available in Paging File | 72,96% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 256,99 Gb Total Space | 128,72 Gb Free Space | 50,09% Space Free | Partition Type: NTFS Drive D: | 40,00 Gb Total Space | 0,01 Gb Free Space | 0,04% Space Free | Partition Type: NTFS Drive E: | 5,63 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: MAIK-PC | User Name: Maik | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\Maik\Desktop\gvu virus\OTL.exe (OldTimer Tools) PRC - C:\Users\Maik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (Adobe Systems, Inc.) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Users\Maik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Programme\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.) PRC - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Programme\Samsung\Kies\Kies.exe (Samsung) PRC - C:\Programme\DriverBoost\DriverBoost\DriverBoost.exe (PC Drivers Headquarters) PRC - C:\Programme\Adobe\Reader 9.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) PRC - C:\Programme\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe (Symantec Corporation) PRC - C:\Programme\Tobit Radio.fx\Server\rfx-server.exe () PRC - C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) PRC - C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\phonostar-Player\phonostarTimer.exe () PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\calc.exe (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.) PRC - C:\ProgramData\DatacardService\DCService.exe () PRC - C:\Programme\Winamp\winampa.exe (Nullsoft, Inc.) PRC - C:\Programme\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.) PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Programme\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor) PRC - C:\Programme\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE () PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) PRC - C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Programme\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.) PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Modules (No Company Name) ========== MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_135.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\ffbf68f58f6b363a0bb4ad3b458b33b4\Kies.Theme.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\424d49ddc7e0499eb7ad23a3383a5c39\DevicePodcast.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\97251ffd3639785762de2192b1367bb0\DevicePhoto.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\c255a0a3604f2af66f018a7cab34383a\DeviceVideo.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\05048245f00f48565f4007853d821aff\DeviceMusic.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\4b6ec7942074dec89819125afc57c363\VideoManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\e8f2a64ef24cba8bcc406a0c38abf1df\PodcastService.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\d4689f8d8ac3cc2cc730348b481348f9\Podcaster.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\3157f5a031c1537160fab39c88f6a470\PhotoManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3fb9963f643a6e43a5f3075e95071d39\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\138faa4f2701295e2c58ef89e363893b\DeviceHost.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\9cb37a529eaf76d1a0e3bf6da1de62d5\Phonebook.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\73b37cc93eb4c6dcf997809db7c6e4a4\CPKTMusicPlugin.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\a3bc819952ed2ab66979d427ecfc9c18\MusicManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\17e0fc1a2041fade4f25a2741687ffe0\EBookManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\d3949fd50863ce70276048116448fe36\BATPlugin.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\44c98acc33b8dea0c4d1ddf14e46a21f\AllShareController.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\211991e13a1bd7147773b6a1c76cb5a9\Kies.Common.StoreManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\55fbe9063179771c2a9d9fc27ff86cba\Kies.Common.MediaDB.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\f8c8f34f4703169ec8ef159f4a3eff05\ASF_cSharpAPI.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\d0d50fad5e8fe8d3162afcb5d2b6bddb\Kies.Common.AllShare.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\936e305e35268ee454999b6c93dc63ca\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\89399dbb7d69a67bc61d4860e394ccb0\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\358c117e190bc7c3b30772129ba9abd4\Kies.Common.DeviceServiceLib.FileService.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\e69aa79efffd2c4c86c9adb11a36e0a7\Interop.DevFileServiceLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\424388d0957c8b7fb6d5ed0a2e7af878\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\74262e0140ce93c36cb628751d9c7ce9\Kies.Common.DeviceServiceLib.Interface.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\ec3f62c5f333c2cd143cee7fe47a40bc\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\299d5529a819e7f3d9cd548ca478c670\Kies.Common.DeviceService.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\5911766cf78c9ff4b4b89dcd0d2f3899\Interop.P3MPINTERFACECTRLLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\b2991e7347afcb391a714b60ebf7fdff\Interop.MP3FileInfoCOMLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\1ea9d4d50c7fdf418de5c801ed76701d\Interop.OGGFileInfoCOMLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\4611b6c0f9fbf71ecb81eb8fd6b5f2c4\Interop.PRPLAYERCORELib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\d3e68df5f9cb57209bed5add5c2a55a0\Kies.Common.Multimedia.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\b65e465e082adf5a8051c32119784604\Kies.Common.MainUI.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\e50e1a832f1285357f0fbbfa2b9e9a19\Kies.Common.DBManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\a7d6c3e5b62fecc924bbb0032e13d440\ICSharpCode.SharpZipLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\dd6c740085ff9051f0b9d7aec72f889f\CabLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\b588a9fc95ce714f3807256821cdff6f\Kies.Common.Util.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\4b6a37da062543cb6a866f649ffa849e\Kies.Locale.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\6a805942c8c6f80be2f6d60410b0fef9\Interop.DeviceSearchLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\f8e88004811df47a7f15a4286b481017\Kies.UI.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\17fe14a98797cb83d09401fdbc5ddf2a\Kies.MVVM.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\088676cc322e339363b855b240aa1105\GongSolutions.Wpf.DragDrop.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\76f0a312890f736489f4b2766ea45ad5\Kies.Interface.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\adaaf894878905f022f824b84fcd59a8\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\3ebb49cd31ae72ca680a647130a33e95\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\aebb94e0eea9c39ec18a7915a711f621\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\520f350554ab9e4da9b4048481146659\Kies.ni.exe () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\cd9650239eabb344a9ba1efb05085efb\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\XPBurnComponent\c8ae107ef5d9e3a0765de835975b31a0\XPBurnComponent.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\8399883d188ce28bd66fbd306cbe087f\Microsoft.Practices.EnterpriseLibrary.Common.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\a296cb432e7978ad4e566f386730d656\Microsoft.Practices.ObjectBuilder.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\RuleEngine\9cdd39ec1e0f467706d41144f6b46be1\RuleEngine.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\2eb10cf495db12785e10d027d6a31016\Microsoft.ApplicationBlocks.Updater.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Win32.Tas#\f230503357da39c9ed69181df137dee9\Microsoft.Win32.TaskScheduler.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Agent.Communication\69c7886eef7bb8ba8cb469bc40542baa\Agent.Communication.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.WUApiLib\a60794fb7ec1f25d7c3a28def07f1dc3\Interop.WUApiLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Common\b5a37a653edf4594b60691ba7a1b3c12\Common.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\ExceptionLogging\e71477a45267d46fa8357af532e4c105\ExceptionLogging.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Agent.Common\f714da3db09911a1cae7519644c6e75c\Agent.Common.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Agent\beca08ebf1bf1ac4bcb1dd104ace11ad\Agent.ni.exe () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\cf840dca36a7b949696ce331d0532d3e\System.Web.Services.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\616b25e9ad3de7ab58c67f200e21dbac\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7c8bffb6e42a248341d7821a8464ef0b\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74fade4c3e490c62af3d60742fb078a\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dfe6e22159d3f5bf61b5bfe1da6f2758\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e10bbd79027aa4c1ca8950b78fd640d4\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c63fe1e324904c893d2a5d02f0783658\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14d2241be401f66cc1898dc5dc383b80\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\379599837ade465016dd5d96798b2766\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dbc34d53e1fbedabecd201fe4f264961\mscorlib.ni.dll () MOD - C:\Programme\DriverBoost\DriverBoost\ThemePack.DriverBoost.dll () MOD - C:\Programme\DriverBoost\DriverBoost\Agent.Communication.XmlSerializers.dll () MOD - c:\Programme\Adobe\Reader 9.0\Reader\RdLang32.DEU () MOD - C:\Programme\Adobe\Reader 9.0\Reader\plug_ins\PPKLITE.DEU () MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Programme\phonostar-Player\phonostarTimer.exe () MOD - C:\Programme\phonostar-Player\QtCore4.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Programme\phonostar-Player\plugins\sqldrivers\qsqlite4.dll () MOD - C:\Programme\phonostar-Player\QtGui4.dll () MOD - C:\Programme\phonostar-Player\QtSql4.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3811.38670__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3811.38550__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3811.38570__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Dashboard\2.0.3811.38672__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3811.38621__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3811.38558__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3811.38602__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3811.38641__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3811.38592__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3811.38564__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3811.38559__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Runtime\2.0.3811.38672__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3811.38670__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3811.38666__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3811.38595__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3811.38571__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3811.38615__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3811.38607__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3811.38570__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3811.38639__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Dashboard\2.0.3811.38649__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3811.38594__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3811.38607__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3811.38599__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3811.38607__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossFireX.Graphics.Dashboard\2.0.3811.38665__90ba9c70f846762e\CLI.Aspect.CrossFireX.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3811.38639__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3811.38599__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3811.38574__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Runtime\2.0.3811.38649__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3811.38593__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3811.38589__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3811.38601__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3811.38575__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3811.38542__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3811.38540__90ba9c70f846762e\CLI.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3811.38585__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3811.38621__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3811.38592__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3811.38606__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3811.38568__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3811.38593__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3811.38558__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3811.38639__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3811.38593__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3811.38602__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3811.38600__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3811.38539__90ba9c70f846762e\LOG.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3811.38558__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3811.38635__90ba9c70f846762e\CLI.Foundation.XManifest.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3811.38616__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3811.38559__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3811.38567__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3811.38541__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3811.38599__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3811.38542__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3811.38548__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3811.38541__90ba9c70f846762e\APM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3811.38564__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3811.38558__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3811.38540__90ba9c70f846762e\NEWAEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.3811.38615__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3811.38640__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3811.38544__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3811.38541__90ba9c70f846762e\CLI.Component.Client.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3811.38541__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3811.38548__90ba9c70f846762e\DEM.Graphics.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3811.38639__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3811.38545__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3811.38543__90ba9c70f846762e\MOM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3811.38543__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3811.38646__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3811.38549__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3811.38545__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3811.38554__90ba9c70f846762e\CLI.Component.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Eeu\2.0.3811.38617__90ba9c70f846762e\CLI.Component.Eeu.dll () MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3811.38664__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3811.38629__90ba9c70f846762e\CLI.Component.Systemtray.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3811.38564__90ba9c70f846762e\CLI.Component.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3811.38635__90ba9c70f846762e\MOM.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3811.38633__90ba9c70f846762e\LOG.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3811.38547__90ba9c70f846762e\CLI.Component.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3811.38546__90ba9c70f846762e\APM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3811.38548__90ba9c70f846762e\CLI.Component.SkinFactory.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3811.38544__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3811.38546__90ba9c70f846762e\AEM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3811.38646__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3811.38544__90ba9c70f846762e\CLI.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3811.38553__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3811.38542__90ba9c70f846762e\LOG.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3811.38543__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3811.38634__90ba9c70f846762e\CCC.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3811.38563__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3811.38553__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3811.38569__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3811.38547__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3811.38545__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3811.38545__90ba9c70f846762e\AEM.Server.Shared.dll () MOD - C:\Programme\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE () MOD - C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll () MOD - C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll () MOD - C:\Programme\Adobe\Reader 9.0\Reader\plug_ins\Escript.deu () MOD - C:\Programme\Adobe\Reader 9.0\Reader\plug_ins\updater.DEU () MOD - C:\Programme\Adobe\Reader 9.0\Reader\plug_ins\Annots.DEU () MOD - C:\Programme\Adobe\Reader 9.0\Reader\plug_ins\DigSig.DEU () MOD - C:\Programme\Adobe\Reader 9.0\Reader\plug_ins\Acroform.DEU () MOD - C:\Programme\Adobe\Reader 9.0\Reader\plug_ins\accessibility.DEU () MOD - C:\Programme\Adobe\Reader 9.0\Reader\sqlite.dll () MOD - C:\Programme\Adobe\Reader 9.0\Reader\AdobeXMP.dll () MOD - C:\Programme\Adobe\Reader 9.0\Reader\ccme_base.dll () MOD - C:\Programme\Adobe\Reader 9.0\Reader\cryptocme2.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.285\McCHSvc.exe (McAfee, Inc.) SRV - (Norton PC Checkup Application Launcher) -- C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe (Symantec Corporation) SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (Radio.fx) -- C:\Programme\Tobit Radio.fx\Server\rfx-server.exe () SRV - (cvhsvc) -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) SRV - (sftvsa) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (DCService.exe) -- C:\ProgramData\DatacardService\DCService.exe () SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (Micro Star SCM) -- C:\Programme\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.) SRV - (PSI_SVC_2) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Driver Services (SafeList) ========== DRV - (catchme) -- C:\Users\Maik\AppData\Local\Temp\catchme.sys File not found DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation) DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation) DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation) DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation) DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation) DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.) DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corporation) DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV - (rtl8192se) -- C:\Windows\System32\drivers\rtl8192se.sys (Realtek Semiconductor Corporation ) DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (Advanced Micro Devices Inc.) DRV - (usbfilter) -- C:\Windows\System32\drivers\usbfilter.sys (Advanced Micro Devices) DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1809649647-3722367740-903643459-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data] IE - HKU\S-1-5-21-1809649647-3722367740-903643459-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-1809649647-3722367740-903643459-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com IE - HKU\S-1-5-21-1809649647-3722367740-903643459-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1809649647-3722367740-903643459-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1809649647-3722367740-903643459-1000\..\SearchScopes\{06B10694-38BD-4D05-80F1-9A5B4412F98B}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKU\S-1-5-21-1809649647-3722367740-903643459-1000\..\SearchScopes\{77E1BADB-E50D-442C-9BC4-FB06E81EE7ED}: "URL" = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms} IE - HKU\S-1-5-21-1809649647-3722367740-903643459-1000\..\SearchScopes\{78C422A2-3BE7-4A94-98F5-F749E5A6AC2B}: "URL" = hxxp://www.dict.cc/?s={searchTerms} IE - HKU\S-1-5-21-1809649647-3722367740-903643459-1000\..\SearchScopes\{D81D3048-98AC-4046-8A8E-7430692A9614}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox IE - HKU\S-1-5-21-1809649647-3722367740-903643459-1000\..\SearchScopes\{F736B167-4030-45AC-B074-033055D992CF}: "URL" = hxxp://dict.leo.org/ende?lp=ende&lang=de&searchLoc=0&cmpType=relaxed§Hdr=on&spellToler=on&chinese=both&pinyin=diacritic&search={searchTerms}&relink=on IE - HKU\S-1-5-21-1809649647-3722367740-903643459-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Ecosia" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://go.web.de/tb/mff_startpage_home" FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.3.4 FF - prefs.js..extensions.enabledAddons: %7Bd04b0b40-3dab-4f0b-97a6-04ec3eddbfb0%7D:2.0.6 FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..extensions.enabledItems: {d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}:2.0.5 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.06 20:16:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.06 20:16:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.04.17 19:49:08 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.06 20:16:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.06 20:16:55 | 000,000,000 | ---D | M] [2011.05.30 17:57:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maik\AppData\Roaming\mozilla\Extensions [2011.05.30 17:57:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maik\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013.01.06 17:02:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maik\AppData\Roaming\mozilla\Firefox\Profiles\nrnhh2x1.default\extensions [2012.11.16 23:02:55 | 000,566,853 | ---- | M] () (No name found) -- C:\Users\Maik\AppData\Roaming\mozilla\firefox\profiles\nrnhh2x1.default\extensions\toolbar@web.de.xpi [2011.05.16 18:02:38 | 000,017,696 | ---- | M] () (No name found) -- C:\Users\Maik\AppData\Roaming\mozilla\firefox\profiles\nrnhh2x1.default\extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2011.05.05 17:24:02 | 000,002,289 | ---- | M] () -- C:\Users\Maik\AppData\Roaming\mozilla\firefox\profiles\nrnhh2x1.default\searchplugins\ecosia.xml [2012.11.16 23:02:57 | 000,002,273 | ---- | M] () -- C:\Users\Maik\AppData\Roaming\mozilla\firefox\profiles\nrnhh2x1.default\searchplugins\englische-ergebnisse.xml [2012.11.16 23:02:57 | 000,010,563 | ---- | M] () -- C:\Users\Maik\AppData\Roaming\mozilla\firefox\profiles\nrnhh2x1.default\searchplugins\gmx-suche.xml [2012.11.16 23:02:57 | 000,002,432 | ---- | M] () -- C:\Users\Maik\AppData\Roaming\mozilla\firefox\profiles\nrnhh2x1.default\searchplugins\lastminute.xml [2012.11.16 23:02:57 | 000,005,545 | ---- | M] () -- C:\Users\Maik\AppData\Roaming\mozilla\firefox\profiles\nrnhh2x1.default\searchplugins\webde-suche.xml [2012.12.06 20:16:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.12.06 20:16:53 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.12.06 20:16:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012.12.06 20:16:53 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012.12.06 20:16:59 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012.06.23 17:10:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.01 14:54:10 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.06.23 17:10:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.06.23 17:10:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.23 17:10:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.23 17:10:08 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2013.01.08 19:15:36 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [MGSysCtrl] C:\Programme\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.) O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-21-1809649647-3722367740-903643459-1000..\Run: [DriverBoost] C:\Program Files\DriverBoost\DriverBoost\DriverBoost.exe (PC Drivers Headquarters) O4 - HKU\S-1-5-21-1809649647-3722367740-903643459-1000..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKU\S-1-5-21-1809649647-3722367740-903643459-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung) O4 - HKU\S-1-5-21-1809649647-3722367740-903643459-1000..\Run: [phonostarTimer] C:\Programme\phonostar-Player\phonostarTimer.exe () O4 - HKU\S-1-5-21-1809649647-3722367740-903643459-1000..\Run: [Spotify Web Helper] C:\Users\Maik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - Startup: C:\Users\Maik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Maik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Maik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1809649647-3722367740-903643459-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1809649647-3722367740-903643459-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{117206FD-4549-4CC5-AE35-EC2EDEE8F0E3}: NameServer = 212.23.97.2 212.23.97.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E88D494-88B0-4797-939A-DA56D45D1123}: NameServer = 212.23.97.2 212.23.97.3 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{790ABDB0-69AF-4748-AE9F-5257E27B7A5C}: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8201C594-566C-4F85-8DEC-DCFD24DDAB5A}: DhcpNameServer = 192.168.2.1 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.01.08 19:14:06 | 000,000,000 | ---D | C] -- C:\_OTL [2013.01.06 13:03:03 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2013.01.06 13:03:02 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2013.01.06 10:48:56 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Maik\Desktop\aswMBR.exe [2013.01.06 10:48:51 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Maik\Desktop\tdsskiller.exe [2013.01.06 01:40:05 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013.01.06 01:31:20 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2013.01.06 01:16:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.01.06 01:16:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.01.06 01:16:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.01.06 01:15:46 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.01.06 01:15:30 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.01.06 01:03:46 | 000,000,000 | ---D | C] -- C:\Users\Maik\Desktop\gvu virus [2013.01.04 21:49:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.12.30 20:36:47 | 000,000,000 | ---D | C] -- C:\Users\Maik\Desktop\Sicherung [2012.12.13 21:01:22 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.12.13 21:01:21 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012.12.13 21:01:21 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.12.13 21:01:21 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012.12.13 21:01:21 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.12.13 21:01:20 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012.12.13 21:01:20 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.12.13 21:01:19 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012.12.13 18:56:47 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012.12.13 18:56:45 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll [2012.12.13 18:56:38 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2012.12.13 18:56:38 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2012.12.13 18:56:38 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2012.12.13 18:56:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2012.12.13 18:56:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2012.12.13 18:56:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2012.12.13 18:56:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2012.12.13 18:56:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2012.12.13 18:56:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2012.12.13 18:56:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2012.12.13 18:56:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2012.12.13 18:56:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.12.13 18:56:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2012.12.13 18:56:37 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2012.12.13 18:56:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2012.12.13 18:56:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2012.12.13 18:56:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2012.12.13 18:56:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2012.12.13 18:56:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2012.12.13 18:56:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2012.12.13 18:56:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2012.12.13 18:56:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2012.12.13 18:56:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2012.12.13 18:56:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2012.12.13 18:56:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2012.12.13 18:56:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2012.12.13 18:56:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2012.12.13 18:56:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2012.12.13 18:56:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2012.12.13 18:56:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2012.12.13 18:56:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll ========== Files - Modified Within 30 Days ========== [2013.01.08 20:24:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.01.08 19:58:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.01.08 19:24:05 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.08 19:24:05 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.08 19:16:41 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.01.08 19:16:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.08 19:16:31 | 2415,316,992 | -HS- | M] () -- C:\hiberfil.sys [2013.01.08 19:15:36 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2013.01.06 16:18:47 | 000,001,051 | ---- | M] () -- C:\Users\Maik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.01.06 16:17:44 | 000,551,997 | ---- | M] () -- C:\Users\Maik\Desktop\adwcleaner.exe [2013.01.06 16:11:28 | 000,334,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.01.06 10:48:18 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Maik\Desktop\tdsskiller.exe [2013.01.06 10:46:50 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Maik\Desktop\aswMBR.exe [2013.01.04 17:49:45 | 000,000,000 | ---- | M] () -- C:\Users\Maik\defogger_reenable [2013.01.04 17:48:18 | 000,654,844 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.01.04 17:48:18 | 000,616,686 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.01.04 17:48:18 | 000,130,426 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.01.04 17:48:18 | 000,106,808 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012.12.13 19:09:34 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.12.13 19:09:33 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl ========== Files Created - No Company Name ========== [2013.01.06 16:17:41 | 000,551,997 | ---- | C] () -- C:\Users\Maik\Desktop\adwcleaner.exe [2013.01.06 01:16:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.01.06 01:16:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.01.06 01:16:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.01.06 01:16:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.01.06 01:16:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.01.04 17:49:45 | 000,000,000 | ---- | C] () -- C:\Users\Maik\defogger_reenable [2012.07.30 13:16:20 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012.07.30 13:16:18 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2012.07.30 13:16:18 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2012.07.30 13:16:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2012.07.30 13:16:18 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2012.04.13 19:12:08 | 002,681,344 | ---- | C] () -- C:\Windows\System32\dvmsg.dll [2012.01.05 18:28:51 | 000,017,408 | ---- | C] () -- C:\Users\Maik\AppData\Local\WebpageIcons.db [2011.12.19 21:46:23 | 000,000,860 | ---- | C] () -- C:\Users\Maik\.recently-used.xbel [2011.02.28 13:58:51 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011.02.12 23:32:21 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011.02.12 23:32:21 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010.08.16 15:22:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > Code:
ATTFilter OTL Extras logfile created on: 08.01.2013 20:40:07 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maik\Desktop\gvu virus
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 50,05% Memory free
6,00 Gb Paging File | 4,38 Gb Available in Paging File | 72,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 256,99 Gb Total Space | 128,72 Gb Free Space | 50,09% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 0,01 Gb Free Space | 0,04% Space Free | Partition Type: NTFS
Drive E: | 5,63 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: MAIK-PC | User Name: Maik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1809649647-3722367740-903643459-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0900D24E-6695-4738-B815-7552D045F9ED}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{09883CE9-26FE-4A45-989B-37A0BD81E4D1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1C8C2D0D-7D9D-4C17-9100-C09547172459}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{28187768-6E5D-4CF5-93FC-076F029C6EC9}" = rport=137 | protocol=17 | dir=out | app=system |
"{29E2B73A-1EB0-4443-9187-81E823B61F17}" = lport=138 | protocol=17 | dir=in | app=system |
"{2BE1D883-6EA8-4F69-B27F-C4DF8DA53F17}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3AC07D75-4EE6-4667-87BF-21169AFC217B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{481D8800-D9EB-4A76-87D9-6792E4CA4D16}" = lport=137 | protocol=17 | dir=in | app=system |
"{4E47CB00-8DA5-4B8C-9517-4D0BD2B5288D}" = rport=139 | protocol=6 | dir=out | app=system |
"{4FD58E28-D3A2-4808-A36D-D8FD03B60F1D}" = lport=445 | protocol=6 | dir=in | app=system |
"{50D2B6BF-EC45-473C-B5C0-DC03C3627A70}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5A0012CD-DF43-4A6E-AA51-5326D4960721}" = rport=10243 | protocol=6 | dir=out | app=system |
"{685A581F-B0DF-45A6-8223-6BEFA1F120F0}" = lport=139 | protocol=6 | dir=in | app=system |
"{6B7B4C0A-1EF2-44F7-A96A-477604EC4F32}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{707C00C0-4326-4A94-9E15-83629AB6DC0B}" = rport=138 | protocol=17 | dir=out | app=system |
"{7BD7F9A7-A9B7-47AD-BBFE-B2B82FD0B224}" = rport=445 | protocol=6 | dir=out | app=system |
"{8C862FE4-05EF-4FBD-ABE3-173716173733}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{92E673F4-0836-4A19-A865-B68FE6711C1C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BDD16072-28D0-478E-92FD-CABE83F7B25D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C2818382-7CF9-4197-AB43-CF1252D95EAB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EB143DF5-4933-439B-B9E6-3850D8672933}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ED9A3D3C-DD5F-4F92-A043-C0E95C1D9F56}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FE0B37C1-64CF-427C-BA77-ED32BB8C831D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{017282CC-B9C6-4F83-B7D0-E39002E586B1}" = protocol=6 | dir=in | app=c:\program files\tobit radio.fx\server\rfx-server.exe |
"{019B0A18-B262-4331-AEDA-1B18A178C2FC}" = protocol=17 | dir=in | app=c:\games\sid meier's civilization iv colonization\colonization.exe |
"{01BE9E87-562D-4F17-9FBD-C6A50BC539A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0BB72CC1-76F2-434A-B734-799E94588E73}" = protocol=6 | dir=in | app=c:\users\maik\appdata\roaming\dropbox\bin\dropbox.exe |
"{0C5F5E67-C648-432F-B029-E4699CA57A1F}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{1092020F-1D01-4404-BE69-85E0370ECC19}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{15623B23-3FC9-4AD5-A80B-2BBC01DEFAE3}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{15A2EFC3-4B58-4DBD-94F3-414D80464B77}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{1DAB9A10-C92E-42A4-B713-672254D31D24}" = protocol=6 | dir=in | app=c:\games\sid meier's civilization iv colonization\colonization.exe |
"{2D7EB513-DFB3-46BB-AB9D-26C9AB2AD7BB}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{3097D33A-2001-4669-B97E-937181724DBB}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{30D9D567-B6A7-4113-8F40-C6E899041CE4}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{38212F2F-C530-464F-A2FA-211E04CBC478}" = protocol=17 | dir=in | app=c:\users\maik\appdata\roaming\dropbox\bin\dropbox.exe |
"{3C208A52-FB9A-4FBF-894D-D2CDCE60FCC3}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{47CDE574-A8C1-48F3-BD7E-8F72D016999C}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{4C3DE543-B759-4234-AA31-1ECF4D1BC5CA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4E368D31-5221-4C18-9403-709D85ECB00D}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{52070E22-C55A-4568-B01F-338DCC7703DD}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{5CDC7647-63B3-4844-B465-8A4A069BCD5A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{5D5CC1EC-642C-49F6-AAAF-6A2808343BA4}" = protocol=6 | dir=in | app=c:\users\maik\appdata\roaming\spotify\spotify.exe |
"{605E4C49-2E01-4099-A5D3-688715614121}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{62595E90-C346-4096-8108-E9230CCBD3B9}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{66F62239-73B6-4CA1-963A-C1EE2A1BB18C}" = protocol=17 | dir=in | app=c:\program files\tobit radio.fx\server\rfx-server.exe |
"{6D4A4784-DA64-4751-91BF-35D220619ADE}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{6D9EAF08-FF08-465E-8652-3312917B32B2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{70FCC29E-0449-4327-A023-B9178CB33E48}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{73AFFDA9-F71A-469E-8E2D-1ED236910727}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7617349D-1BB2-4EDA-A4ED-D3F085B63337}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{76939125-8A24-4527-B83E-1FC430D56AD5}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{79799078-695C-467F-A2FF-F03609CF9D64}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8040E519-CB35-44EF-8F13-9A6F3FB96ED6}" = protocol=6 | dir=out | app=system |
"{8049B4DD-E71F-4D32-98B7-0768A4BACA38}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{8BE75A45-116F-4299-8443-F15182E26BA7}" = protocol=6 | dir=in | app=c:\program files\tobit radio.fx\client\rfx-client.exe |
"{901E0D6A-14ED-4E50-833C-8427070193E7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{960A77FD-514F-4A45-B934-2F55BAB2658C}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{9A4CE18C-72AD-4317-AD25-BF1682C652EC}" = protocol=17 | dir=in | app=c:\program files\phonostar-player\phonostar.exe |
"{A00C48BC-4047-4E03-8C13-15E0683FA55A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B82A8525-CA2F-4E9C-B759-A7537EF0F6B5}" = protocol=17 | dir=in | app=c:\program files\tobit radio.fx\client\rfx-client.exe |
"{BA740B85-B3E9-47AC-B39B-A0A63EE28C9B}" = protocol=17 | dir=in | app=c:\users\maik\appdata\roaming\spotify\spotify.exe |
"{BFF2B489-25DC-44E8-B478-E454DCADF293}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{C10ADB8D-E88C-4073-A2B3-8557D04C7E50}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{C1BC7DF3-7F08-4052-BE11-8D150A150951}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C3DB9B85-65A2-4FF4-8FB2-FF176DE8856D}" = protocol=6 | dir=in | app=c:\program files\phonostar-player\phonostar.exe |
"{C64B0979-FD56-49A4-9EE2-9E1546A2DD5F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CDBADB6C-C476-4251-9794-3E8256DDEED1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CDC24F17-F230-426D-A6DE-31792454A343}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{D977F5DB-D223-4F10-ADF0-7716663EFB06}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E46949A2-2660-4D55-9A37-38F87D89D62A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EAE8F5D4-09BE-4824-A915-EA87ED32B866}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F1645387-F581-451A-8CB1-02A1EC8AC102}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F29B57A1-FAC2-4591-BF5E-827C2F3745A8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F7B0EF98-12F8-4559-8E9D-D0B98E220E16}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{01DA4821-4498-47B9-B1F5-B7D687C1E51E}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{3A67921A-E25F-48B9-9DB9-EA17ABF79FB5}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{84318DCA-18AD-4B28-9427-0D4D34232DAB}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{9816E7EE-09B0-400F-B8F0-87B3AE0439AA}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{D383FA5C-21AF-43B3-97D1-E7F316640F83}C:\program files\phonostar-player\phonostar.exe" = protocol=6 | dir=in | app=c:\program files\phonostar-player\phonostar.exe |
"TCP Query User{E11E0C58-B97F-4E53-8650-461993D30468}C:\users\maik\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\maik\appdata\roaming\spotify\spotify.exe |
"TCP Query User{F4C97BC5-72CF-41AB-A308-515049A736BB}C:\games\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=6 | dir=in | app=c:\games\firefly studios\stronghold crusader\stronghold crusader.exe |
"UDP Query User{28F00575-13CF-408A-9616-BD606A00771E}C:\games\firefly studios\stronghold crusader\stronghold crusader.exe" = protocol=17 | dir=in | app=c:\games\firefly studios\stronghold crusader\stronghold crusader.exe |
"UDP Query User{2B306031-E0D4-43AF-BC51-4FCBC1C6607D}C:\users\maik\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\maik\appdata\roaming\spotify\spotify.exe |
"UDP Query User{3335C837-0668-4B6D-A1C2-8441D09048D3}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{641CE1FD-1645-4125-A948-3BC1D484D2DA}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{B880465B-2D00-4021-B71B-C0F21F2D3622}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{C126564B-BEC7-45D6-B4F6-9F129B522CF1}C:\program files\phonostar-player\phonostar.exe" = protocol=17 | dir=in | app=c:\program files\phonostar-player\phonostar.exe |
"UDP Query User{F175A39E-3F6E-4037-8FC3-11E6B7A75FA4}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{044E78D2-8F54-4F6F-AD2B-A122F8111EDB}" = DriverBoost
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{097E024D-BE30-4D95-B5F3-B6AE9C1568D4}" = PowerXpressHybrid
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{1534483D-EB1B-ACF8-2472-7C68F87516D9}" = CCC Help French
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{1DE5C23D-29D2-43B7-05E3-1ACF799779C2}" = Catalyst Control Center Graphics Full New
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23236274-1FB3-7DB1-061B-32D349AF5DB8}" = CCC Help Chinese Traditional
"{25AA04C1-8D88-6124-71CE-EA67DBCD68EE}" = Catalyst Control Center Graphics Previews Common
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2C6B21B1-48D7-BDD8-B4C8-B289C9B61EA2}" = CCC Help Japanese
"{3004D82D-7D27-B373-71FC-E9CE7F1295A1}" = CCC Help Spanish
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{37171C81-9EFC-D36B-2295-3F898A4D9E12}" = CCC Help Polish
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62182F69-C225-5955-3EA0-02A927692F09}" = CCC Help Turkish
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{679A8F3C-4B1A-A459-7EE6-9F877D4B337A}" = CCC Help Greek
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder
"{6FEDB652-96FB-28EF-1583-A3773667136B}" = CCC Help English
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78370AE2-D852-90F9-2444-88DFED91EF4D}" = Catalyst Control Center Localization All
"{7C41022B-88D3-54E3-78BE-0182F390E640}" = Catalyst Control Center Graphics Previews Vista
"{82123B01-A183-A7DE-A61C-BF4BF65680C1}" = CCC Help Korean
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C202CD3-9427-D3E9-4295-61EB3249A90E}" = Catalyst Control Center Graphics Full Existing
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{8FA7E81D-6D99-4788-8BE4-D898B346AB2E}" = IndustrieGigant 2
"{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{90932C65-D68E-4257-AEE8-EBBFC36AC601}" = KENWOOD Music Editor Light
"{91B78AB4-3F74-17E2-85BA-C814F87B0FF1}" = CCC Help Finnish
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9958E1F2-AF56-B67E-4585-BA2066AA9601}" = CCC Help Hungarian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AD813AC-7D0E-F9FE-55E9-572AB783CA76}" = Catalyst Control Center Graphics Light
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D18475C-CA21-447A-6688-007243BBF1C8}" = ccc-core-static
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{A19EF447-CF86-C430-366A-469E5C0E3CCD}" = Catalyst Control Center Core Implementation
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6F580B5-7123-3DEE-A0BB-BBF9ED230BC1}" = CCC Help Portuguese
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB0139DA-1C8D-7DBD-F765-80211E11B8CB}" = CCC Help Chinese Standard
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.2 MUI
"{AFF77101-460F-55A0-19FD-CABCFC11C8B0}" = CCC Help Thai
"{B025146A-1687-9076-6E43-8A36DA2E15FD}" = CCC Help Czech
"{B362DC31-BC97-49E3-1E83-5603F01C5769}" = CCC Help Dutch
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C08F9290-C0A6-A310-2901-9E25373B6DCD}" = CCC Help Norwegian
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6111BC3-3EB5-5D43-C1C8-A825F12737D5}" = Catalyst Control Center InstallProxy
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D76D5FC8-4655-0E6D-6D74-C944E08290CA}" = ATI Catalyst Install Manager
"{D7F70031-2AE0-D959-40A6-F7C91CBD540F}" = CCC Help German
"{DA0B78ED-4274-C842-D9B9-3C2F85FDBDDC}" = CCC Help Danish
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{EA76784A-8127-25C6-908A-E5175566FF0A}" = CCC Help Russian
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F53C1A29-3980-CFB8-EA37-10357922D0B1}" = CCC Help Swedish
"{F6A6DFF9-F71C-4BA6-B437-F18872866D3D}" = Bing Bar
"{F6BC885F-F971-31DD-2F2B-086A9C2F1A93}" = CCC Help Italian
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FA886756-403E-5C8A-6039-1323D196B929}" = ccc-utility
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Ashampoo Burning Studio_is1" = Ashampoo Burning Studio
"Ashampoo Photo Commander_is1" = Ashampoo Photo Commander
"Ashampoo Snap_is1" = Ashampoo Snap
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BFGC" = Big Fish Games: Game Manager
"BFG-Diner Dash" = Diner Dash
"Diner Dash" = Diner Dash
"ElsterFormular für Privatanwender 12.2.1.6570p" = ElsterFormular für Privatanwender
"FastImageResizer" = FastImageResizer (remove only)
"FreePDF_XP" = FreePDF (Remove only)
"GameSpy Arcade" = GameSpy Arcade
"GPL Ghostscript 9.00" = GPL Ghostscript 9.00
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"Mozilla Thunderbird 12.0.1 (x86 de)" = Mozilla Thunderbird 12.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.49b
"No23 Recorder" = No23 Recorder
"Norton PC Checkup_is1" = Norton PC Checkup
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Opera 12.11.1661" = Opera 12.11
"phonostar3RadioPlayer_is1" = phonostar-Player Version 3.02.2
"Picasa 3" = Picasa 3
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SCHLECKER Fotobuch und mehr ..._is1" = SCHLECKER Fotobuch und mehr ... 4.2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tobit Radio.fx Server" = Radio.fx
"VLC media player" = VLC media player 2.0.2
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"Xvid_is1" = Xvid 1.2.2 final uninstall
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1809649647-3722367740-903643459-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Diner Dash 2 Deluxe" = Diner Dash 2 Deluxe
"Dropbox" = Dropbox
"Spotify" = Spotify
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20.11.2012 14:17:40 | Computer Name = Maik-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 26.11.2012 14:13:48 | Computer Name = Maik-PC | Source = Windows Backup | ID = 4104
Description =
Error - 27.11.2012 14:17:59 | Computer Name = Maik-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 02.12.2012 14:04:51 | Computer Name = Maik-PC | Source = Windows Backup | ID = 4104
Description =
Error - 03.12.2012 03:46:14 | Computer Name = Maik-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe_LanmanServer, Version:
6.1.7600.16385, Zeitstempel: 0x4a5bc100 Name des fehlerhaften Moduls: msvcrt.dll,
Version: 7.0.7601.17744, Zeitstempel: 0x4eeaf722 Ausnahmecode: 0xc0000005 Fehleroffset:
0x00009c56 ID des fehlerhaften Prozesses: 0x3e4 Startzeit der fehlerhaften Anwendung:
0x01cdd12a1cc3d5a8 Pfad der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\msvcrt.dll Berichtskennung: 82b33b83-3d1d-11e2-a46a-406186afb080
Error - 04.12.2012 06:14:56 | Computer Name = Maik-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 07.12.2012 09:52:55 | Computer Name = Maik-PC | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 07.12.2012 15:29:04 | Computer Name = Maik-PC | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 09.12.2012 08:58:18 | Computer Name = Maik-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 09.12.2012 14:03:58 | Computer Name = Maik-PC | Source = Windows Backup | ID = 4104
Description =
[ System Events ]
Error - 06.01.2013 15:10:53 | Computer Name = Maik-PC | Source = bowser | ID = 8003
Description =
Error - 07.01.2013 12:37:15 | Computer Name = Maik-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Search erreicht.
Error - 07.01.2013 12:37:16 | Computer Name = Maik-PC | Source = DCOM | ID = 10005
Description =
Error - 07.01.2013 12:37:16 | Computer Name = Maik-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 07.01.2013 14:10:56 | Computer Name = Maik-PC | Source = ACPI | ID = 327690
Description = ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich
(0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 08.01.2013 13:47:56 | Computer Name = Maik-PC | Source = DCOM | ID = 10005
Description =
Error - 08.01.2013 13:47:55 | Computer Name = Maik-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Search erreicht.
Error - 08.01.2013 13:47:56 | Computer Name = Maik-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 08.01.2013 14:08:32 | Computer Name = Maik-PC | Source = ACPI | ID = 327690
Description = ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich
(0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 08.01.2013 14:14:07 | Computer Name = Maik-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AMD External Events Utility" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
< End of report >
|
|
08.01.2013, 21:13
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | EVU Trojaner - Bitte um Hilfe Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren
__________________Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ |
|
09.01.2013, 19:04
| #19 |
| | EVU Trojaner - Bitte um Hilfe sieht gut aus Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.08.12 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Maik :: MAIK-PC [Administrator] 08.01.2013 21:30:52 mbam-log-2013-01-08 (21-30-52).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 209223 Laufzeit: 5 Minute(n), 13 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=d9293a6c2f81494399d030dbcbe0a599
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-01-09 06:41:50
# local_time=2013-01-09 07:41:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1797 16775165 100 94 48320 94250566 42715 0
# compatibility_mode=5893 16776574 100 94 45771174 109344901 0 0
# scanned=177971
# found=3
# cleaned=0
# scan_time=35921
D:\MAIK-PC\Backup Set 2011-04-17 190000\Backup Files 2011-06-26 190001\Backup files 1.zip HTML/ScrInject.B.Gen virus (unable to clean) 40A815A1CD3B104C5A2FEAA2E96B7D5946D54DC0 I
D:\MAIK-PC\Backup Set 2011-04-17 190000\Backup Files 2011-08-01 170624\Backup files 1.zip HTML/ScrInject.B.Gen virus (unable to clean) 0F5973855ABCF862A3E11B09146D95F928015FA4 I
D:\MAIK-PC\Backup Set 2012-10-07 190000\Backup Files 2012-12-30 221305\Backup files 1.zip Win32/Reveton.M trojan (unable to clean) 7A1A2A9326131F70EB29DD6439A6999B68C4A4EB I
|
|
09.01.2013, 23:54
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | EVU Trojaner - Bitte um Hilfe Sieht soweit ok aus, die Funde in den älteren Backups-Sets kannst du vernachlässigen Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.01.2013, 11:15
| #21 |
| | EVU Trojaner - Bitte um Hilfe Vielen Dank für deine Hilfe, Ich konnte keine weiteren Probleme feststellen. Im Moment läuft alles wieder bestens  Werd mich noch mit ner kleinen Spende beim Board bedanken und dann hoff ich mal das es ne Weile so bleibt Findest du FreeAntiVir & Windows (7) Firewall als Basisschutz ausreichend oder sollte man doch noch über weitere Maßnahmen nachdenken? (Außer natürlich immer die akutellen Updates vom System&AV&Browser etc. installieren) Den MVPS HostFile habe ich erstmal installiert. |
|
12.01.2013, 15:47
| #22 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | EVU Trojaner - Bitte um HilfeZitat:
Dann wären wir durch!  Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Combofix entfernen: Start/Ausführen (Tastenkombination WIN+R), dort den Befehl combofix /uninstall eintippen und ausführen Mit Hilfe von OTL kannst du auch viele andere Tools entfernen: Starte dazu einfach OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Start, Systemsteuerung, Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks findest du hier => Browsers and Plugins - FilePony.de Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu EVU Trojaner - Bitte um Hilfe |
| antivir, avira, bho, bildschirm, bingbar, computer, error, erste mal, failed, festplatte, firefox, flash player, frage, geld, gruppe, home, install.exe, microsoft office starter 2010, mozilla, ntdll.dll, plug-in, realtek, registry, richtlinie, scan, security, server, spotify web helper, starten, svchost.exe, symantec, trojaner, windows, wlan verbindung, wrapper |
Linear-Darstellung
