| |
| |||||||
Log-Analyse und Auswertung: Email-Anhang (.zip Datei) geöffnet; Gefälschte Email über MahngebührenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
| |
12.02.2013, 03:01
| #1 |
 |  Email-Anhang (.zip Datei) geöffnet; Gefälschte Email über Mahngebühren Hallo zusammen, ich hoffe ihr könnt mir bzw. meiner Freundin helfen. Folgendes ist meiner Freundin gestern dummerweise passiert: Meine Freundin hat eine Email mit einer Zahlungsaufforderung (Mahngebühren) erhalten, diese dummerweise nicht richtig gelesen und auf die Absender Mail-Adresse auch nicht geachtet und den Anhang (.zip Datei) geöffnet. Nachfolgend der Email-Text: Code:
ATTFilter -----Ursprüngliche Nachricht-----
Von: borisberresheim@aol.com [mailto:borisberresheim@aol.com]
Gesendet: Montag, 11. Februar 2013 22:18
An: ***
Betreff: 11.02.2013 *** Mahngebühren Ihrer Bestellung Nr. 0006408
Guten Tag ***,
wir bedanken uns für Ihren Einkauf bei Alternate.
Leider hat unsere Buchhaltung bei Ihnen eine nicht beglichene Zahlung festgestellt.
Wenn Sie den Rechnungsbetrag in den letzten Tagen überwiesen haben, betrachten Sie diese Mahnung als gegenstandslos.
Vielleicht ist Ihnen jedoch entgangen die Rechnung 1374759 für Ihre Bestellung 17595500 fristgerecht zu überweisen.
Rechnungsbetrag: 351,52 Euro
Bitte begleichen Sie die Zahlung bis zum 16.02.2013.
Rechnungseinzelheiten und Widerruf-Möglichkeiten finden Sie in beigefügtem Anhang.
Sollte auch diese Frist ohne eine Zahlung verstreichen, so müssen wir diese Angelegenheit an unsere Anwälte zur Einforderung leiten.
Freundlich grüßt Sie
Jonathan Lehmann Ihr Kundenservice
Haben Sie Fragen? Unser Kundendienst ist gerne für Sie da.
Sie erreichen uns von Montag bis Freitag in der Zeit von 9 bis 12 Uhr und von 13 bis 18 Uhr unter unserer Service-Rufnummer: +49(0)3882-63425-2
Schritte 1 bis 3 und die Diagnose mit Malwarebytes Anti-Malware hat sie bereits durchgeführt. Log-Datei Malwarebytes Anti-Malware: Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.02.11.10 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Esra :: ESRA-PC [Administrator] 12.02.2013 00:47:48 MBAM-log-2013-02-12 (01-01-01).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 224635 Laufzeit: 8 Minute(n), 22 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 2 HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Daten: http=127.0.0.1:52202 -> Keine Aktion durchgeführt. HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN|2600 (Trojan.Agent) -> Daten: C:\PROGRA~2\LOCALS~1\Temp\6805ffff.com -> Keine Aktion durchgeführt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Log-Datei OTL: OTL Logfile: Code:
ATTFilter OTL logfile created on: 12.02.2013 01:21:15 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Esra\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 64,77% Memory free 4,23 Gb Paging File | 3,34 Gb Available in Paging File | 78,89% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,78 Gb Total Space | 4,67 Gb Free Space | 6,69% Space Free | Partition Type: NTFS Drive D: | 69,51 Gb Total Space | 46,30 Gb Free Space | 66,61% Space Free | Partition Type: NTFS Computer Name: ESRA-PC | User Name: Esra | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.02.12 01:19:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Esra\Desktop\OTL.exe PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.09.14 13:32:52 | 001,869,152 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe PRC - [2012.09.14 13:32:52 | 001,699,168 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe PRC - [2012.08.09 18:17:45 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.02 00:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.05.01 23:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.04.24 01:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2010.08.17 22:31:30 | 000,726,288 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\iked.exe PRC - [2010.08.17 22:31:30 | 000,541,968 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\ipsecd.exe PRC - [2010.08.17 22:31:30 | 000,054,544 | ---- | M] () -- C:\Programme\ShrewSoft\VPN Client\dtpd.exe PRC - [2010.03.01 13:01:04 | 000,160,528 | R--- | M] (4G Systems GmbH & Co. KG) -- C:\Windows\starter4g.exe PRC - [2010.03.01 13:00:20 | 000,125,200 | R--- | M] (4G Systems GmbH & Co. KG) -- C:\Windows\service4g.exe PRC - [2010.01.09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE PRC - [2009.09.25 14:38:16 | 000,312,784 | ---- | M] () -- C:\Programme\XSManager\WTGService.exe PRC - [2009.09.15 11:20:30 | 000,188,736 | ---- | M] (Nitro PDF Software) -- C:\Programme\Nitro PDF\Professional\NitroPDFDriverService.exe PRC - [2009.09.15 11:17:16 | 000,061,760 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\ASTSRV.EXE PRC - [2009.08.18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009.08.18 10:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2007.04.24 18:17:34 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe PRC - [2007.04.03 15:18:08 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe PRC - [2007.03.22 17:21:52 | 000,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe PRC - [2007.02.06 23:04:26 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe PRC - [2007.01.31 17:18:42 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe PRC - [2007.01.26 13:24:42 | 000,050,688 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe PRC - [2007.01.02 08:33:24 | 000,135,168 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe PRC - [2006.12.22 13:43:18 | 000,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe PRC - [2006.11.24 11:57:54 | 000,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe PRC - [2006.10.26 12:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\mdm.exe ========== Modules (No Company Name) ========== MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2010.11.21 15:54:34 | 000,094,208 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll MOD - [2009.09.15 11:22:06 | 000,115,008 | ---- | M] () -- C:\Programme\Nitro PDF\Professional\NPShellExtension.dll MOD - [2007.09.20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2007.04.05 23:27:58 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll ========== Services (SafeList) ========== SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.09.20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2012.09.14 13:32:52 | 001,699,168 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2012.05.02 00:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.01 23:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2011.07.19 06:33:52 | 000,071,024 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Haufe\iDesk\iDeskService\ideskservice.exe -- (HRService) SRV - [2010.08.17 22:31:30 | 000,726,288 | ---- | M] () [Auto | Running] -- C:\Programme\ShrewSoft\VPN Client\iked.exe -- (iked) SRV - [2010.08.17 22:31:30 | 000,541,968 | ---- | M] () [Auto | Running] -- C:\Programme\ShrewSoft\VPN Client\ipsecd.exe -- (ipsecd) SRV - [2010.08.17 22:31:30 | 000,054,544 | ---- | M] () [Auto | Running] -- C:\Programme\ShrewSoft\VPN Client\dtpd.exe -- (dtpd) SRV - [2010.03.01 13:00:20 | 000,125,200 | R--- | M] (4G Systems GmbH & Co. KG) [Auto | Running] -- C:\Windows\service4g.exe -- (XS Stick Service) SRV - [2010.01.09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.09 20:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) SRV - [2009.09.25 14:38:16 | 000,312,784 | ---- | M] () [Auto | Running] -- C:\Programme\XSManager\WTGService.exe -- (WTGService) SRV - [2009.09.15 11:20:30 | 000,188,736 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Programme\Nitro PDF\Professional\NitroPDFDriverService.exe -- (NitroDriverReadSpool) SRV - [2009.09.15 11:17:16 | 000,061,760 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\ASTSRV.EXE -- (astcc) SRV - [2009.08.18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.04.07 17:21:00 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008.01.19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2007.04.24 18:17:34 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService) SRV - [2007.04.03 15:18:08 | 001,516,584 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND) SRV - [2007.03.22 17:21:52 | 000,131,072 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service) SRV - [2007.02.06 23:04:26 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service) SRV - [2007.01.31 17:18:42 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService) SRV - [2007.01.26 13:24:42 | 000,050,688 | ---- | M] () [Auto | Running] -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService) SRV - [2007.01.02 08:33:24 | 000,135,168 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService) SRV - [2006.12.22 13:43:18 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService) SRV - [2006.11.24 11:57:54 | 000,107,008 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService) SRV - [2006.10.26 12:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\mdm.exe -- (MDM) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\ZDPNDIS4.SYS -- (ZDPNDIS4) DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs) DRV - [2012.08.28 14:22:34 | 000,010,088 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2012.04.27 09:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.04.24 23:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.04.16 20:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2010.08.02 18:04:54 | 000,022,528 | ---- | M] (pBUS-167 Software - hxxp://www.pbus-167.com) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nhcDriver.sys -- (nhcDriverDevice) DRV - [2010.07.22 04:42:38 | 000,017,920 | ---- | M] (Shrew Soft Inc) [Kernel | System | Running] -- C:\Windows\System32\drivers\vfilter.sys -- (vflt) DRV - [2010.07.22 04:42:38 | 000,013,824 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\virtualnet.sys -- (vnet) DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.04.09 13:38:30 | 000,110,592 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnet.sys -- (ZTEusbnet) DRV - [2009.04.09 13:38:30 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zteusbvoice.sys -- (ZTEusbvoice) DRV - [2009.04.09 13:38:30 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2009.04.09 13:38:30 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2009.04.09 13:38:30 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2009.04.09 13:38:30 | 000,007,680 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter) DRV - [2008.10.31 15:19:38 | 000,103,424 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmnsusbser.sys -- (cmnsusbser) DRV - [2007.11.02 13:22:36 | 000,083,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s217bus.sys -- (s217bus) DRV - [2007.08.29 03:04:04 | 000,116,264 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SI3112r.sys -- (SI3112r) DRV - [2007.08.29 03:04:04 | 000,019,240 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SiWinAcc.sys -- (SiFilter) DRV - [2007.06.19 08:51:20 | 000,107,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816mdm.sys -- (s816mdm) DRV - [2007.06.19 08:51:18 | 000,099,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816mgmt.sys -- (s816mgmt) DRV - [2007.06.19 08:51:18 | 000,097,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816unic.sys -- (s816unic) DRV - [2007.06.19 08:51:18 | 000,097,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816obex.sys -- (s816obex) DRV - [2007.06.19 08:51:18 | 000,021,928 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816nd5.sys -- (s816nd5) DRV - [2007.06.19 08:51:18 | 000,013,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816mdfl.sys -- (s816mdfl) DRV - [2007.06.19 08:51:16 | 000,081,832 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816bus.sys -- (s816bus) DRV - [2007.04.25 13:32:42 | 000,031,232 | ---- | M] (SMSC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smscirda.sys -- (SMSCIRDA) DRV - [2007.04.20 21:31:14 | 000,870,400 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athru6.sys -- (athrusb6) DRV - [2007.04.05 23:36:16 | 002,464,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2007.04.05 23:36:16 | 002,464,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2007.04.03 15:17:08 | 000,306,295 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA) DRV - [2007.01.31 12:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE) DRV - [2007.01.18 13:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA) DRV - [2006.12.27 02:57:22 | 000,792,368 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BisonC07.sys -- (Cam5607) DRV - [2006.12.07 17:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15) DRV - [2006.11.21 07:24:02 | 000,062,464 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2006.11.02 14:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Programme\Launch Manager\DPortIO.sys -- (DritekPortIO) DRV - [2006.11.02 09:57:06 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irsir.sys -- (irsir) DRV - [2006.10.25 07:36:48 | 000,042,240 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESD7SK.sys -- (ESDCR) DRV - [2006.10.25 07:36:44 | 000,076,928 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESM7SK.sys -- (ESMCR) DRV - [2006.10.25 07:36:36 | 000,062,208 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EMS7SK.sys -- (EMSCR) DRV - [2006.08.05 01:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://de.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {C828B2F7-D0A0-4CF4-9A68-9CE0B74CE0A7} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=NRO&o=101917&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=EV&apn_dtid=YYYYYYYYDE&apn_uid=64458969-6CE6-4CD0-AD22-A0754405EFA3&apn_sauid=4133B492-AB14-4AF5-8684-42185E944903 IE - HKCU\..\SearchScopes\{65A8F361-45C5-4E5F-95C4-BCA3471AF9DF}: "URL" = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\..\SearchScopes\{C828B2F7-D0A0-4CF4-9A68-9CE0B74CE0A7}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.10 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 52202 FF - prefs.js..network.proxy.type: 4 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc;version=0.8.6e: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.09 15:24:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.09 15:24:17 | 000,000,000 | ---D | M] [2012.03.18 16:59:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Esra\AppData\Roaming\mozilla\Extensions [2012.03.18 16:59:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Esra\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de [2013.02.02 14:20:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Esra\AppData\Roaming\mozilla\Firefox\Profiles\5izqepya.default\extensions [2010.04.28 19:24:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Esra\AppData\Roaming\mozilla\Firefox\Profiles\5izqepya.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.12.20 12:17:41 | 000,036,139 | ---- | M] () (No name found) -- C:\Users\Esra\AppData\Roaming\mozilla\firefox\profiles\5izqepya.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2013.02.02 14:20:01 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\Esra\AppData\Roaming\mozilla\firefox\profiles\5izqepya.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.02.09 15:24:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.02.09 15:24:23 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.06.17 11:50:02 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.23 14:32:20 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.06.17 11:50:02 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.06.17 11:50:02 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.17 11:50:02 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.17 11:50:02 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.04.29 13:44:45 | 000,000,791 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKLM\..\Toolbar: (PROMT) - {892E81F6-EC63-4d13-8422-835A7A05D6EB} - C:\Programme\PRMT8\PRMTIE\prmtie.dll (PROMT Ltd.) O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found O8 - Extra context menu item: Automatically Determine Topic Template - C:\Programme\PRMT8\PRMTIE\aot.htm () O8 - Extra context menu item: Customize Translation Options - C:\Programme\PRMT8\PRMTIE\options.HTM () O8 - Extra context menu item: Free YouTube Download - C:\Users\Esra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Esra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Open Entry - C:\Programme\PRMT8\PRMTIE\addentry.HTM () O8 - Extra context menu item: Search the Web - C:\Programme\PRMT8\PRMTIE\search.HTM () O8 - Extra context menu item: Translate Page - C:\Programme\PRMT8\PRMTIE\page.HTM () O8 - Extra context menu item: Unknown Words - C:\Programme\PRMT8\PRMTIE\infopanel.HTM () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Customize Translation Options - {4034D172-4C52-49de-A6A1-E75F8F591FEC} - C:\Programme\PRMT8\PRMTIE\options.HTM () O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Translate - {A2DA13D5-AC77-43b7-963B-40445EBCB8E0} - C:\Programme\PRMT8\PRMTIE\Prmtie5.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{154256FC-86C7-4668-9292-6894213F8892}: DhcpNameServer = 129.143.2.1 129.143.2.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E598359-6257-400D-A047-2632BC607D23}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{678C72E0-58BE-41E6-AA6E-C5048663F9E7}: DhcpNameServer = 139.7.30.125 139.7.30.126 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC0E7D8A-39D8-4253-8D8D-1F03CAAC8FEA}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EDB73B4A-4339-4FD6-B44E-B945B8EDC51F}: DhcpNameServer = 91.89.91.89 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F208D33A-2ADE-47E5-BC0A-F4D8293DDE26}: Domain = ad.fh-albsig.de O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F208D33A-2ADE-47E5-BC0A-F4D8293DDE26}: NameServer = 141.87.114.200,141.87.129.200 O18 - Protocol\Handler\haufereader - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Public\Pictures\Strand_und_Meer_3.jpg O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Strand_und_Meer_3.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{0fcf36e0-d8d7-11de-a38e-001b382c7b03}\Shell\AutoRun\command - "" = RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\RemovableDrive.exe O33 - MountPoints2\{0fcf36e0-d8d7-11de-a38e-001b382c7b03}\Shell\open\command - "" = RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\RemovableDrive.exe O33 - MountPoints2\{939506c3-4cec-11e0-8e94-001b382c7b03}\Shell - "" = AutoRun O33 - MountPoints2\{939506c3-4cec-11e0-8e94-001b382c7b03}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{c0f92c76-28e2-11de-a80d-001b382c7b03}\Shell - "" = AutoRun O33 - MountPoints2\{c0f92c76-28e2-11de-a80d-001b382c7b03}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{c729163f-9e2f-11e0-ae37-001b382c7b03}\Shell - "" = AutoRun O33 - MountPoints2\{c729163f-9e2f-11e0-ae37-001b382c7b03}\Shell\AutoRun\command - "" = F:\autorun.exe O33 - MountPoints2\{eaa414d0-bcad-11dd-9f5f-001b382c7b03}\Shell\AutoRun\command - "" = F:\WDSetup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.02.12 01:19:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Esra\Desktop\OTL.exe [2013.02.12 00:46:46 | 000,000,000 | ---D | C] -- C:\Users\Esra\AppData\Roaming\Malwarebytes [2013.02.12 00:46:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.02.12 00:46:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.02.12 00:46:15 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013.02.12 00:46:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013.02.12 00:45:31 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Esra\Desktop\mbam-setup-1.70.0.1100.exe [2013.02.09 15:24:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox ========== Files - Modified Within 30 Days ========== [2013.02.12 01:19:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Esra\Desktop\OTL.exe [2013.02.12 01:18:27 | 000,000,000 | ---- | M] () -- C:\Users\Esra\defogger_reenable [2013.02.12 01:17:33 | 000,050,477 | ---- | M] () -- C:\Users\Esra\Desktop\Defogger.exe [2013.02.12 01:04:25 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.02.12 01:04:24 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.02.12 01:04:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.02.12 00:46:17 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.02.12 00:45:34 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Esra\Desktop\mbam-setup-1.70.0.1100.exe [2013.01.28 17:27:13 | 002,339,416 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.01.24 20:58:41 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2013.01.23 18:59:56 | 002,272,644 | ---- | M] () -- C:\Users\Esra\Desktop\Leitfaden.pdf ========== Files Created - No Company Name ========== [2013.02.12 01:18:27 | 000,000,000 | ---- | C] () -- C:\Users\Esra\defogger_reenable [2013.02.12 01:17:32 | 000,050,477 | ---- | C] () -- C:\Users\Esra\Desktop\Defogger.exe [2013.02.12 00:46:17 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.28 17:25:44 | 002,339,416 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2013.01.23 18:59:55 | 002,272,644 | ---- | C] () -- C:\Users\Esra\Desktop\Leitfaden.pdf [2011.05.17 20:39:16 | 000,140,520 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2010.10.01 14:14:56 | 000,038,451 | ---- | C] () -- C:\Users\Esra\AppData\Roaming\Kommagetrennte Werte (Windows).ADR [2009.08.25 22:36:38 | 000,038,478 | ---- | C] () -- C:\Users\Esra\AppData\Roaming\Microsoft Excel 97-2003.ADR [2008.07.22 16:58:31 | 000,000,680 | ---- | C] () -- C:\Users\Esra\AppData\Local\d3d9caps.dat [2008.04.06 19:59:22 | 000,233,984 | ---- | C] () -- C:\Users\Esra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.03.24 18:14:43 | 000,001,024 | ---- | C] () -- C:\Users\Esra\.rnd [2008.03.24 17:16:55 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html ========== ZeroAccess Check ========== [2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2011.11.10 19:38:07 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\64495 [2011.11.10 23:07:08 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\79316 [2009.02.12 22:45:25 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\Buhl Data Service [2011.06.27 18:42:01 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\Canneverbe Limited [2008.05.05 19:14:13 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\CoCreate [2009.11.11 14:40:00 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\Downloaded Installations [2012.06.17 12:18:53 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\DVDVideoSoft [2012.05.05 18:51:51 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\DVDVideoSoftIEHelpers [2011.11.10 21:05:57 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\FileZilla [2008.08.09 16:24:32 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\Haufe [2012.03.18 16:58:58 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\Haufe Mediengruppe [2012.07.07 13:34:21 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\Idiqw [2008.05.12 20:21:25 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\Leadertech [2008.08.09 15:34:22 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\Lexware [2011.03.09 16:19:49 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\MOBackup [2012.07.04 17:32:30 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\Mupou [2012.02.05 13:23:08 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\Nitro PDF [2012.07.07 20:37:15 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\Noto [2010.01.11 01:35:09 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\OpenOffice.org [2009.04.13 12:34:19 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\PRMT [2009.04.13 12:28:21 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\PROject MT [2010.04.18 17:22:05 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\ScanSoft [2011.08.10 21:03:27 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\TeamViewer [2008.07.21 19:13:51 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\Teleca [2012.10.05 20:43:56 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\TuneUp Software [2011.03.12 22:14:00 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\Vodafone [2011.06.24 10:29:07 | 000,000,000 | ---D | M] -- C:\Users\Esra\AppData\Roaming\XSManager ========== Purity Check ========== < End of report > [/CODE] Log-Datei OTL Extras: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 12.02.2013 01:21:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Esra\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 64,77% Memory free
4,23 Gb Paging File | 3,34 Gb Available in Paging File | 78,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,78 Gb Total Space | 4,67 Gb Free Space | 6,69% Space Free | Partition Type: NTFS
Drive D: | 69,51 Gb Total Space | 46,30 Gb Free Space | 66,61% Space Free | Partition Type: NTFS
Computer Name: ESRA-PC | User Name: Esra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2072690226-1356156960-1647667346-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 5
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0976A5E1-A1BD-41C3-A35E-2140B9FA4545}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0D607171-5340-4AF3-9ADF-9860E33405A3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2C5DC8A8-8079-46A3-8AC3-BB6440AB1A81}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3CE9C0BD-BFB1-40AF-B167-D0146DB06460}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4B5CC961-F6D3-4458-90DF-8BB439C8734D}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{64DBAEEC-6C25-4684-B55F-302CDF5F4309}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{8353F7A3-A293-438D-801C-478C35FF723B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{953025CC-FB5A-4967-AD43-E3B1A1809685}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{985B2ED5-1658-44C4-AF20-F2F8759D30F0}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A5F2BB2E-5CA2-4385-8607-02E6B7A15F3A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{B2D79D5A-6470-421A-AB44-16715A27B917}" = rport=2869 | protocol=6 | dir=out | app=system |
"{B86D3BBC-D748-4D7E-A891-46D7F52AB9CA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D81EFE77-46C7-419D-8600-DB5A5510D23E}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001845FD-18D2-41A5-A051-2F0EE5FBB20D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{00CB5EF8-B58D-4AA0-9A7A-40CA0D4E3287}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0363F056-A95A-445E-BEDA-7749774BC516}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{05A721EA-E783-48A8-91E2-620FFEB7CE37}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0724FF6A-592D-404A-B5AB-92E8BC774880}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{08117D7F-BACB-46B5-9AA1-6921EEB61F69}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{09B6FDE9-8935-48F5-ADEC-6EA948A333FB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{09C56964-8E4E-44FA-9CEB-0C7074FBB972}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{09FA24F0-4B6E-40A2-AE8A-BBCFA4DCC50D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0B8AF202-B172-4749-9E41-B796B6DB5FD7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{14159013-0B66-4663-B0AC-E5752987918D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1B1B7438-2E5C-438A-A5B2-59FBA2A775B9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1C883297-FE97-44D4-8A97-AB2E287E27C8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1DEE48A9-A161-42F0-9B11-1E65AAFF4BEA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1ECEF8B9-C58B-4582-ACDB-230511D4A8F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1F0483D2-77E9-4E6E-A71C-FF9E092C4C9E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21BED82F-9956-43AB-B4ED-6F6F16CDF5EB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{247A1EB7-A05B-4E55-9E17-98FA0162406E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{248EA4CC-912C-4D55-A6A8-D6A917F44B17}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{258FD1EC-93C9-4AB2-AC11-E73C8E5F14BC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{265D36EA-8189-44D3-A9A7-3A7EA49F89E7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{28C038F0-CD56-4885-8064-FC6D8ED29386}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2BE41E4B-7AF7-4F9E-AE50-F884AC6F0016}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C046995-50DD-4A0F-BC08-F37907B3904A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C1AF0DF-6EDF-41D2-B142-AA04856FB39A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E146FFA-D3C2-453F-897E-29DC7AFEEFB7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{331616E5-5F48-463A-ADB0-8A31E518E887}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{35962187-DE8C-45B0-9666-BCFC0B96051F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{35ECF20C-27AF-459F-9C6A-DFCAF38B0CC3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{36E3A1DE-6809-4A44-BB00-F0A3A345AB50}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3723DD23-2E29-415D-AFF5-9516A12EC166}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{37F73D83-DFE2-4DBE-84A1-1515ACEFF15A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3815EEC1-F8A1-4284-9731-0F00FACB906D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3AEF97BD-B715-40DA-8E90-4E2DCF11E4F8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3C618B69-D29B-4793-81F4-9206DC7F9E22}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3DB8A25F-7ACC-4CC0-8980-4DF8FF861626}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{40655590-C037-43E0-BE39-33BB2850840C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{43149B14-6EDB-4AA0-B854-48479DA4F667}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4539EC09-D5F4-43EA-9D47-1E3C99EFE2B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{453F4BB8-09D5-4ABC-B7DF-8C2410854B50}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4CE12602-2376-4519-8BC5-9B0982888F40}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4EAA5727-0A5C-41AA-80C9-DDB189391CDA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4F56BBEA-790F-4DBE-8175-DDC8AEA4B278}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{508D86EB-A343-4965-A554-BD0AFDA59449}" = protocol=6 | dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\mce deluxe suite.exe |
"{533EA3C6-577F-493A-9E58-61D8553B96F4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{583F7EF9-D50A-4647-A49B-A3E9C9B0C07F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{58573504-1215-42D6-A933-7EFDE7EB42F6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{58E1335F-2390-45C8-A046-0C4EC6F41104}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5CD19102-8ADC-4911-845A-3FAC04F5AEBA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5DBCAD57-B2F0-4443-90A2-BE63E7C924FB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{60B11F0B-7078-41ED-BB11-C7D962E9103C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{60F343D6-7022-46C7-9C46-D25E29D321FC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{633D9AA6-2C09-4465-8414-BA2FF36D414A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{63BA59CB-1F22-4888-9922-600D4B8FE672}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{689B31C4-48AF-478A-8BD0-B28FDD13841C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6A746CB1-4B5D-4398-B4FC-94E15870B180}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6E95D45C-AC1E-43A6-B418-86C681552988}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6F6F6DB8-18BE-487A-A3C8-F121C9B665AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{70318AF0-BBCF-4411-B11B-E3AA253DD664}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7172B256-7521-4B51-8566-4B932DB03A40}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7271F1C7-D689-4CC9-8A84-3EEEC813DA5A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{7595C155-9913-484C-904C-CA43BB9698D1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{765D7B4E-DB0B-4ADD-8870-CA4EC75949CC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7941F602-FA1E-461B-9B12-5F266C2F7B3F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7990F1AF-3C26-4B5B-A8F4-EEF4D88E5B54}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7AEF7B63-C7FB-4C26-95A3-F8CD8CF7E84E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7B5302F4-FBC1-43DB-8C5C-032C3886CC80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8168AFFB-DF60-4211-A1EB-C9F04B322101}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{817206CE-41E9-4B19-A86C-E20BEF89A2B9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8255F92B-7467-49FC-BEBA-1F14B8C7041E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{86C892F4-9934-4551-AD83-6CF25384DE99}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{89681256-E2FA-4386-8704-88AD9B302CFB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8FA98D2C-0EEB-488C-AD95-F7A67EDA915A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8FD0B854-5B05-4D0B-B176-79B30EABECA9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{91A94446-3540-4839-A235-F7620206A2B0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{91D45BBF-65F4-4174-A99F-8724FA7D7D8F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9381E12A-B101-470F-80FA-048B15A1C20C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{93BFD0FB-9AD1-4F42-8965-2923DB12E865}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{94586FF0-5AFF-4D04-A951-151D1463652B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{949D498B-7AEA-4F89-98F8-01671495A21E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{951C2286-916B-4CB4-A6D2-0B243036253C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9929E989-3304-4978-9F82-444A248BCF81}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9D3BFB87-2395-41D5-97FE-741AB5B6CBEE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9E804BD0-7F3D-4365-B35E-9C153C5C4E87}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A4510E44-0E9B-490D-B635-5CF94F2F4792}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A51D6EE6-A804-4146-AE70-F0F564473E30}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A6C4012D-6B7D-4B9B-A3B4-3409A2D1B0EF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A6DA5F93-1DF3-417D-B7F8-A08B9333B355}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A78E8BDE-DF3F-4AB9-B4A7-A178C87E9B2A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A832F579-7030-4A04-8ED3-D380312404E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AC101859-F5A0-493D-BE80-2A0CAA610812}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AC46D9BD-FB3E-436F-87B1-4E4F2D8908B9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AD788203-8171-4425-965D-4ADB4C2C4A64}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE895DFE-3648-45D2-A45E-D20D4AA6EC41}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AF97A67A-EF13-4AFC-A317-CEB168943B37}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFF2D62F-0B09-48A8-91AD-CB5568A888C6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B14C9B5E-F7AA-4061-B7A9-CC7F669FC63B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B526F511-FFA0-4CCE-8785-B8BD39C37E92}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B659A635-BCD9-494C-83F9-FCF3C03052EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B8101977-E579-45E5-8112-ECF664EAB045}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B92E7555-E04F-4412-89EB-EB4E2894B5CB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{BBB9DC4B-C8D1-4058-8FBC-248DF2E0AEF1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BC7FF43C-1045-487B-8E6E-46458443499E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BFB18CB1-9EC6-4090-80AC-D1A3D1F7B97C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C3E5E32D-25F8-41A5-A78B-1B82552047B2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C41ABBFA-DACB-4FA6-AD9F-A95B0A2775E4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C581726B-B01D-48DB-8337-EBF580E38AF6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C74E24DA-7C54-430C-A9AD-2BE9E850E04C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CB253AF0-C441-4881-8951-27B89B645DED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CC5B8491-95BE-4C7B-9FDB-BDBF5960F4A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D32FDAAD-EE91-4C78-BB9E-2B7D2AE0C3B6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D3C79D2A-8594-454E-9B25-A204596A0E0E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D72FC01B-55A6-45C0-BC04-0F8C58499E52}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D8BB1BC6-84E1-49E2-BBCA-B60CFAC5E07D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DC6E0D9F-F1E7-455E-870B-5F4A97B0C1E6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DD18A148-0363-4B84-BABF-5313D194FB1F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{DD2E4638-689B-4B6C-BD24-B691FE570793}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{DD40AD3F-25E6-4394-9881-3C8EEBEA2C3E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DF3CB1F9-5D97-4727-8D09-3DC3441481E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E082A49C-207F-438C-8694-A4674EBA80A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E399E497-62FB-4563-8509-1CAECD1ACC00}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E83D6655-1D54-4F10-985F-AB69327872C8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E9ACBDD7-A5B6-422E-AE99-5D0232F93CA9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EA2945CA-3919-44BD-B6E3-06006CD98087}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ED192C30-D3BC-4313-B52A-74CA31212EF6}" = protocol=17 | dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\mce deluxe suite.exe |
"{EDD88028-F2EE-47D7-B584-3EBE1B69AE49}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F0BCE4BF-F638-48C0-9606-95DA858FF091}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F1C1A719-1577-4364-A3C5-9FBF50AA66FB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F32C1447-83F2-4102-BE85-92E4239D9FE3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F6AF2A06-5C9E-4BFA-96D5-5FE01B289540}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F85E63EE-61B9-4841-A6AE-580F74AEA24A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F8C62857-18F0-4009-B0F6-BEC9B82BA644}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F8E15497-4E85-4836-8585-899AD3DC2705}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FAB495F4-B718-457E-991D-36059318FCC1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB7CF5F9-51DA-429C-91D5-69F515F0B8BE}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{FC9C45D7-CEE3-4A43-8978-5E80C039C21E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FCD16DD9-9A97-46C2-9E51-C7D34EF60BE5}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{FD41849E-B6FD-4968-9F41-7D40D791B589}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FEDC281D-7BA7-4D6C-AC9F-74CAADCB6CB0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{048401E2-F780-42E1-879A-D6C113EA00A5}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{39782464-51F9-4963-8FDB-65B6BDCA9588}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{3E75047D-70A4-4F88-8F52-BFCFEAA8C8FB}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{4BA0CA6C-3595-4F92-8897-D3EF56AEB45F}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{6532A551-10D1-403A-9FF1-CF366BA9E3AD}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{C5E55AB4-D42A-455E-9D5B-73939DEE350F}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{CF757C67-A56A-4B06-B31B-4C2241F63C56}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{DA2FB945-EBB6-4C0E-BB02-66B65B657D34}C:\program files\java\jre1.6.0_02\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_02\bin\javaw.exe |
"UDP Query User{00FC7FB3-9698-4FB4-86F5-FCCDED85B7F0}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{093E9FC8-79E2-4BBE-8E6E-B26624437E14}C:\program files\java\jre1.6.0_02\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_02\bin\javaw.exe |
"UDP Query User{1C808F2B-5FCA-4A99-BAE5-E964EF0CD853}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{5ECC7151-D077-44F7-A42A-415520F441CF}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{921058A1-1470-47F6-93EF-0788A059EDD8}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{B6E732D9-B5F6-4CC7-9623-CED96DF54BDF}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{C4AA7145-B0A5-429F-A46E-5FAB854FC33B}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{EF4E72D3-78B9-4261-B626-9389BDEAEEAB}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}" = iCloud
"{0F32914F-A633-4516-B531-7084C8F19F93}" = Haufe iDesk-Browser
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1D081AB0-B1CC-11E0-80C0-005056B12123}" = Haufe iDesk-Service
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{26A24AE4-039D-4CA4-87B4-2F83217002FF}" = Java(TM) 7 Update 2
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}" = Brother MFL-Pro Suite MFC-250C
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4BB1DCED-84D3-47F9-B718-5947E904593E}" = Acer OrbiCam
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5C5B0836-9648-4057-8044-2DF181E073E2}" = TAXMAN 2010
"{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari
"{5EE6E987-1B79-4A93-832B-27472C7D1579}" = WPF Toolkit February 2010 (Version 3.5.50211.1)
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{67A67432-9B34-11DE-9CAF-D9A555D89593}" = Nitro PDF Professional
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PRJPRO_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PRJPRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PRJPRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PRJPRO_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PRJPRO_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2007
"{90120000-00B4-0407-0000-0000000FF1CE}_PRJPRO_{C8D442F2-CF33-486E-8079-A704A2E80A39}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5CBE2E8-10AD-4786-A7C4-4B7E86525F50}" = Steuer Update 15.09
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}" = Lexware Info Service
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA3FDB06-3368-4579-B2F2-5AE8AD6E7871}" = TAXMAN 2012
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"FileZilla Client" = FileZilla Client 3.3.5.1
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.24.608
"InfoRapid Wizard Writer" = InfoRapid Wizard Writer
"IsoBuster_is1" = IsoBuster 2.7
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MOBackup-DatensicherungfürOutlook" = MOBackup - Datensicherung für Outlook (Vollversion)
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"Notebook Hardware Control" = Notebook Hardware Control 2.0 Pre-Release-06 Bugfix
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PRJPRO" = Microsoft Office Project Professional 2007
"Shrew Soft VPN Client" = Shrew Soft VPN Client
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"WinLiveSuite_Wave3" = Windows Live Essentials
"XSManager" = XSManager
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 04.02.2013 14:41:07 | Computer Name = Esra-PC | Source = LoadPerf | ID = 3002
Description =
Error - 08.02.2013 06:20:41 | Computer Name = Esra-PC | Source = LoadPerf | ID = 3002
Description =
Error - 08.02.2013 06:29:55 | Computer Name = Esra-PC | Source = LoadPerf | ID = 3002
Description =
Error - 09.02.2013 08:16:48 | Computer Name = Esra-PC | Source = LoadPerf | ID = 3002
Description =
Error - 09.02.2013 09:47:48 | Computer Name = Esra-PC | Source = LoadPerf | ID = 3002
Description =
Error - 10.02.2013 09:32:27 | Computer Name = Esra-PC | Source = LoadPerf | ID = 3002
Description =
Error - 10.02.2013 14:52:14 | Computer Name = Esra-PC | Source = LoadPerf | ID = 3002
Description =
Error - 11.02.2013 07:02:25 | Computer Name = Esra-PC | Source = LoadPerf | ID = 3002
Description =
Error - 11.02.2013 07:22:48 | Computer Name = Esra-PC | Source = LoadPerf | ID = 3002
Description =
Error - 11.02.2013 20:08:55 | Computer Name = Esra-PC | Source = LoadPerf | ID = 3002
Description =
[ OSession Events ]
Error - 03.11.2008 14:03:26 | Computer Name = Esra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 16, Application Name: Microsoft Office Groove, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 08.02.2009 10:26:51 | Computer Name = Esra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 16, Application Name: Microsoft Office Groove, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 18.02.2009 14:10:38 | Computer Name = Esra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 18.02.2009 14:33:39 | Computer Name = Esra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 288
seconds with 180 seconds of active time. This session ended with a crash.
Error - 18.02.2009 14:36:18 | Computer Name = Esra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.
Error - 19.07.2009 13:08:09 | Computer Name = Esra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1887
seconds with 240 seconds of active time. This session ended with a crash.
Error - 08.10.2009 10:51:29 | Computer Name = Esra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1857
seconds with 720 seconds of active time. This session ended with a crash.
Error - 09.09.2010 14:31:03 | Computer Name = Esra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 09.02.2013 16:05:31 | Computer Name = Esra-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 10.02.2013 09:28:00 | Computer Name = Esra-PC | Source = Print | ID = 19
Description = Der Druckspooler konnte den Drucker Adobe PDF Converter nicht unter
dem Namen Adobe PDF Converter freigeben. Fehler: 2114. Der Drucker kann nicht von
anderen Benutzern im Netzwerk verwendet werden.
Error - 10.02.2013 09:28:16 | Computer Name = Esra-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11.02.2013 06:58:07 | Computer Name = Esra-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11.02.2013 06:59:52 | Computer Name = Esra-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
Error - 11.02.2013 07:01:05 | Computer Name = Esra-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
Error - 11.02.2013 07:02:25 | Computer Name = Esra-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
Error - 11.02.2013 07:03:04 | Computer Name = Esra-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
Error - 11.02.2013 07:04:10 | Computer Name = Esra-PC | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
Error - 11.02.2013 20:04:42 | Computer Name = Esra-PC | Source = Service Control Manager | ID = 7000
Description =
[ TuneUp Events ]
Error - 31.07.2010 16:48:16 | Computer Name = Esra-PC | Source = TuneUp Program Statistics | ID = 131840
Description =
< End of report >
[/CODE] Log-Datei Gmer: Code:
ATTFilter GMER Logfile: Die Email samt Anhang habe ich konvertiert, mit 7zip gepackt und euch per Email gesendet. Vielen Dank im Voraus. Ich freue mich über eine hoffentlich positive Nachricht. Gruß Joe Geändert von Joe_Da (12.02.2013 um 03:24 Uhr) |
| Themen zu Email-Anhang (.zip Datei) geöffnet; Gefälschte Email über Mahngebühren |
| .zip datei, adobe after effects, antivir, avira, bho, bonjour, converter, email, error, fake; email-anhang geöffnet;, februar 2013, fehler, firefox, flash player, frage, home, hängen, iexplore.exe, install.exe, jdownloader, kunde, logfile, mp3, netzwerk, office 2007, plug-in, realtek, registry, rundll, search the web, senden, software, stick, svchost.exe, third party, vista |
Baum-Darstellung