| |
| |||||||
Log-Analyse und Auswertung: OTL Logfiles auswertenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.04.2013, 17:45
| #1 |
| |  OTL Logfiles auswerten Hi, hab seit heute ein problem mit meinen i-netbrowsern und zwar funktionieren alle von zeit zu zeit garnicht,dann wieder sehr langsam und manchmal sogar ganz normal obwohl die signalstärke immer fast gleich bleibt.habe jetzt, nachdem ich mich über ähnliche problem informiert und die meisten einfachen lösungen ohne erfolg probiert habe, einen OTL logefile erstellt und bräuchte dringend hilfe bei der auswertung und tipps was zu tun ist. freu mich auf eure antworten P.S.:habe leider nicht sehr viel ahnung,deshalb wären einfach erklärung tollOTL Extras logfile Extras.Txt: created on: 07.04.2013 17:26:53 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PC-Deppin\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 65,78% Memory free 6,71 Gb Paging File | 5,43 Gb Available in Paging File | 80,94% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 576,17 Gb Total Space | 366,80 Gb Free Space | 63,66% Space Free | Partition Type: NTFS Drive D: | 19,99 Gb Total Space | 8,84 Gb Free Space | 44,23% Space Free | Partition Type: FAT32 Computer Name: PC-Deppin-PC | User Name: PC-Deppin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- Reg Error: Value error. https [open] -- Reg Error: Value error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02168D5F-1DC9-408B-BBD6-15413069EFA8}" = rport=445 | protocol=6 | dir=out | app=system | "{19D52958-82A0-49E5-A7D0-5B0ABB4D9BD5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{2D24BB1B-45DA-427F-8BB2-57038C6114AE}" = rport=137 | protocol=17 | dir=out | app=system | "{43A7A43F-31CC-44BD-9190-A147717D727B}" = lport=445 | protocol=6 | dir=in | app=system | "{7D00B4AD-588A-436A-8B79-12425B3025ED}" = lport=139 | protocol=6 | dir=in | app=system | "{8AC15729-7F19-4013-BC6E-CBD771A9C5CA}" = lport=138 | protocol=17 | dir=in | app=system | "{CEF1FEEE-D5DE-40AD-9C0E-44071CE655F7}" = lport=2869 | protocol=6 | dir=in | app=system | "{D2E63D72-AF82-42DC-A99B-3E929AECE6FF}" = rport=138 | protocol=17 | dir=out | app=system | "{E79498D0-5688-47EF-8A90-E78CADFE044B}" = lport=137 | protocol=17 | dir=in | app=system | "{FBB36426-C494-4349-9A18-F4FB5AD91145}" = rport=139 | protocol=6 | dir=out | app=system | "{FD64E035-E3FB-4751-874E-54DB333A668C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{FF648C95-EC9A-4D63-8B34-494CB8154996}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00D9E98B-B871-46B4-90C4-D19F0D55C735}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe | "{0BAB2950-412F-43AE-AE84-E6C26AE11CE2}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{12DCD4F3-CD80-4A35-A77C-8C1F1E538241}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{164E524F-7437-4FC1-A485-FEA4843C9E7A}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "{2275BD90-FA88-4537-A37D-67C7612742C1}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe | "{2608BE97-587F-4971-BF71-4472361FF0E4}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{2BAE5F6E-0B73-4494-9668-20F08C149BA1}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{2BC03353-B650-4090-BB6A-CCFB6B2C66C5}" = protocol=17 | dir=in | app=c:\users\PC-Deppin\appdata\roaming\dropbox\bin\dropbox.exe | "{2D579D75-20C4-44BB-8C6F-1338CEEFDF0E}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe | "{330176FD-B388-4FED-BDAB-7756D5024EEB}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{3657F464-3065-4B7A-A6E0-8F4479206C29}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe | "{3EA33FA0-8F85-4F64-B659-861BE73E07BB}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\uplaybrowser.exe | "{3FAE1CE8-A724-4227-AFC3-53D017ACB2D3}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe | "{4086EE3B-F2ED-4FDF-84FB-1D1FFA40FA28}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe | "{46ACF1FF-3036-4864-BC13-08C636C8077B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{48E20FFC-BECF-440E-9C90-74ACB12D211F}" = protocol=17 | dir=in | app=c:\program files\ea games\die schlacht um mittelerde(tm)\game.dat | "{4D1FD61C-458E-4590-A7D7-57397C88EE4E}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\uplaybrowser.exe | "{4EEE585D-A3F3-4C55-A403-83D1317138C0}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "{53E62C99-15A1-4BBB-BAE8-46D315787577}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe | "{594861A1-B4BA-45F4-82EC-A4A87F9D4293}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe | "{5A1DA4C6-DC33-46AB-8772-2135973C1887}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{74CBFDDA-61B2-4C29-B48D-9F59C8E58A72}" = protocol=6 | dir=in | app=c:\users\PC-Deppin\appdata\roaming\dropbox\bin\dropbox.exe | "{7A20AF99-1889-441D-BDAF-55DFACAF54F8}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe | "{8184CC0D-B4C7-4616-9023-504DDB81293D}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{8741CB46-CCB7-4577-AFBC-47D599AC19B6}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{877F8FE0-0182-4EBA-B208-137DFCB21D67}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreedii.exe | "{87F4EB7E-BE7A-4293-AB0F-A86DFD346F62}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{8EC1DECF-97F0-409B-AF04-EAC341794A62}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{8FCF42BB-913C-4422-9D0D-996090DAC2C7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{90CF06F2-0CCD-4280-BA87-3C0708B382B2}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe | "{91E7698F-9A1B-46C6-BA5C-2CBDDE1D0D06}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreediigame.exe | "{980CAB17-7B52-461D-95EA-B3414A34E542}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{A528F83C-5B82-45BF-9CF8-AE75C21E2973}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbsp.exe | "{ADDD1838-02E6-45C4-AC41-355D4A10D5D8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{B4D0BE4B-A043-4D6A-B453-2B6D87AB3D66}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | "{B73762FA-DF5A-4FBB-A1F2-07203AAB05D1}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\uplaybrowser.exe | "{B7F792A6-2640-4991-93F9-1C9AA41439D6}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreediigame.exe | "{BC4ED576-C008-474D-B260-39EDE5126F8D}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "{BE29A264-0900-4C94-AB3B-F39194970FE1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{BE8BE6EC-B2AF-43D5-AF99-8EE5D8874746}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed ii\assassinscreedii.exe | "{BF1553FE-0DFF-474C-B0FD-A9C1C3FA9CF2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{C795D4E0-893F-4117-8CEF-91D5435DE2A4}" = protocol=6 | dir=in | app=c:\program files\ea games\die schlacht um mittelerde(tm)\game.dat | "{C9BC4A36-F8E8-4151-A0A0-49210E76F5D9}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbsp.exe | "{D1D6A275-5A57-4E6B-92AF-E09A0EA6E040}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{D769AD58-E721-499D-8C70-BC4B15F40737}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{E29DC572-2E43-4479-B4E5-15071B991780}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe | "{E47E973E-8B18-4C71-B493-331E287AFF60}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\acbmp.exe | "{E68DB711-FD9C-42C0-8D5F-AB9DCAF1B73B}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe | "{F004DCED-08E8-4A61-8C9D-90CA14BB7440}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\uplaybrowser.exe | "{F1DD2037-6CEB-45B1-BFD4-22B6823B2F0C}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "{F290DC01-56C8-433D-8315-17149EE450DF}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed brotherhood\assassinscreedbrotherhood.exe | "TCP Query User{1E2C742C-2EEE-405D-8380-A71192166515}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe | "TCP Query User{2649653E-DF94-41ED-8513-6844F3AEE9D4}C:\program files\openvpn\bin\openvpn.exe" = protocol=6 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe | "TCP Query User{2DAEE4C1-EEBD-410C-9F6B-E9978C702B24}C:\users\PC-Deppin\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\PC-Deppin\appdata\roaming\dropbox\bin\dropbox.exe | "TCP Query User{2EA1AB65-8184-4E50-8CAB-7B1CAD7A5253}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{351DD992-7631-4915-BF70-2A3A2E24AE8D}C:\program files\openvpn\bin\openvpn.exe" = protocol=6 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe | "TCP Query User{85BCF0FD-2829-47D9-9FF2-5407513EE1E1}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | "UDP Query User{0AE0E533-BB59-4566-B59F-037FDFF0091B}C:\program files\openvpn\bin\openvpn.exe" = protocol=17 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe | "UDP Query User{29E3A60B-E85E-48A2-B5FD-731344617F1B}C:\program files\openvpn\bin\openvpn.exe" = protocol=17 | dir=in | app=c:\program files\openvpn\bin\openvpn.exe | "UDP Query User{6B7791EB-354B-429B-9EF6-A2320EB602C0}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{8A0A6A05-3881-408F-9F35-F7FCF41051A6}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe | "UDP Query User{B9EEDA72-C998-4A4D-9A6D-94FA6EEA1355}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | "UDP Query User{D8503FDE-CA7A-4531-8E90-DC1DD8D93971}C:\users\PC-Deppin\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\PC-Deppin\appdata\roaming\dropbox\bin\dropbox.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3 "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{00BADC8E-0A5A-1C41-A4C2-ADE2B26B78EF}" = CCC Help German "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth "{1E307673-A877-89FF-78DC-14EE9B90E36D}" = ATI Catalyst Install Manager "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{2A0EDB2D-F27C-DFDD-C17C-F2E4B05F503D}" = CCC Help French "{321F2647-25B9-2909-E2F4-AC2770A358B9}" = Catalyst Control Center Graphics Full New "{3429F980-7C10-BF80-84C0-06ACF39900CD}" = ccc-utility "{383A2E3F-A462-1C60-7627-EFA7D3B140E7}" = CCC Help Finnish "{398ED33A-6B97-9909-B91F-7A3ADEF08BEE}" = CCC Help Norwegian "{3A567E16-3E64-39BB-0C07-8083E81D56F0}" = CCC Help Spanish "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = Die Schlacht um Mittelerde(tm) "{3F64C088-9A45-41B3-8B99-71AFAB720A56}" = Sherlock Holmes jagt Jack the Ripper "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{437220AC-2A97-8338-E012-74B8DF30E9DA}" = Catalyst Control Center InstallProxy "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update "{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1 "{519EDA51-1048-2879-8005-5EF3F3EE4A99}" = CCC Help Japanese "{5235D305-3A25-35E0-C8F4-0D07325B5449}" = CCC Help Italian "{5383EF8A-150E-4EAB-2C1D-C3135DE70368}" = Catalyst Control Center Core Implementation "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail "{5E30BDEB-9307-11D4-9AE0-006067325E47}" = Baldur's Gate(TM) II - Schatten von Amn(TM) "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update "{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer "{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call "{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger "{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent "{849EF876-F6A3-B14F-7FBE-35264E4D84A0}" = Catalyst Control Center Graphics Previews Vista "{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync "{8CA7DA5E-B8BD-4E9F-A6F2-BAF53D503498}" = HP Deskjet 3050 J610 series - Grundlegende Software für das Gerät "{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9AA9FEE7-9F99-4E69-947A-49F7DA0DDA3A}" = Cisco AnyConnect Secure Mobility Client "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9FF070B4-7A62-FEB7-2673-68A58166C9D5}" = Catalyst Control Center Localization All "{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne "{A334F1BA-0A1D-4ED6-B4F9-4066157CA15D}" = DE "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.2 - Deutsch "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3 "{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU] "{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{DC507BF5-66C7-B876-F564-0E60CB91D0DF}" = Catalyst Control Center Graphics Full Existing "{DCB39D37-F1EC-EC0B-AC38-F3ECC9B5F55D}" = CCC Help Swedish "{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials "{E1CEE7F9-90EF-19B9-75DE-8F8F2AA18131}" = Catalyst Control Center Graphics Light "{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy "{E5DF3476-26A4-A39E-52E1-33FFD2D7FEED}" = CCC Help Danish "{E67038A6-1745-BFC1-65D5-01D833D8E932}" = ccc-core-static "{E7F088E0-6B7F-896B-4337-FC1617514152}" = CCC Help English "{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}" = ANNO 1503 "{EF3D2EED-053B-9A14-B270-B62FB987EBC5}" = CCC Help Dutch "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager "{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform "{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Hilfe "{F98A9659-65D5-856C-A163-1304D8355F72}" = Skins "5513-1208-7298-9440" = JDownloader 0.9 "AC3Filter_is1" = AC3Filter 1.63b "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Angebote ALDI SÜD" = Angebote ALDI SÜD Bildschirmschoner "Avira AntiVir Desktop" = Avira Free Antivirus "CCleaner" = CCleaner "Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client "conduitEngine" = Conduit Engine "DAEMON Tools Lite" = DAEMON Tools Lite "DivX Setup.divx.com" = DivX-Setup "DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar "facemoods" = Facemoods Toolbar "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.1.320 "Google Updater" = Google Updater "ICQToolbar" = ICQ Toolbar "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Office14.SingleImage" = Microsoft Office Home and Student 2010 "OpenVPN" = OpenVPN 2.2.2-gui-1.0.3 "Picasa 3" = Picasa 3 "PunkBusterSvc" = PunkBuster Services "Rockstar Games Social Club" = Rockstar Games Social Club "VLC media player" = VLC media player 1.1.11 "Warcraft III" = Warcraft III "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.01 (32-Bit) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "Warcraft III" = Warcraft III: All Products ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 06.04.2013 05:23:11 | Computer Name = PC-Deppin-PC | Source = WinMgmt | ID = 10 Description = Error - 07.04.2013 04:14:26 | Computer Name = PC-Deppin-PC | Source = WinMgmt | ID = 10 Description = Error - 07.04.2013 04:31:00 | Computer Name = PC-Deppin-PC | Source = Application Hang | ID = 1002 Description = Programm iexplore.exe, Version 7.0.6002.18005 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: 1620 Anfangszeit: 01ce336a16ceee97 Zeitpunkt der Beendigung: 16 Error - 07.04.2013 04:37:07 | Computer Name = PC-Deppin-PC | Source = WinMgmt | ID = 10 Description = Error - 07.04.2013 05:14:32 | Computer Name = PC-Deppin-PC | Source = Application Hang | ID = 1002 Description = Programm iexplore.exe, Version 7.0.6002.18005 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: 167c Anfangszeit: 01ce337033dc2f52 Zeitpunkt der Beendigung: 0 Error - 07.04.2013 05:30:32 | Computer Name = PC-Deppin-PC | Source = WinMgmt | ID = 10 Description = Error - 07.04.2013 06:01:00 | Computer Name = PC-Deppin-PC | Source = Application Hang | ID = 1002 Description = Programm CCleaner.exe, Version 3.7.0.1457 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: c1c Anfangszeit: 01ce3376287fc67d Zeitpunkt der Beendigung: 0 Error - 07.04.2013 06:07:43 | Computer Name = PC-Deppin-PC | Source = WinMgmt | ID = 10 Description = Error - 07.04.2013 06:43:39 | Computer Name = PC-Deppin-PC | Source = Application Hang | ID = 1002 Description = Programm iexplore.exe, Version 7.0.6002.18005 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen. Prozess-ID: 4ac Anfangszeit: 01ce337c3f626472 Zeitpunkt der Beendigung: 9 Error - 07.04.2013 10:07:08 | Computer Name = PC-Deppin-PC | Source = VSS | ID = 12289 Description = [ Cisco AnyConnect Secure Mobility Client Events ] Error - 07.04.2013 06:26:27 | Computer Name = PC-Deppin-PC | Source = acvpnagent | ID = 67108866 Description = Function: CSocketTransport::OnTimerExpired File: .\IPC\SocketTransport.cpp Line: 1655 Invoked Function: CSocketTransport:  ostConnectProcessing Return Code: -31588316(0xFE1E0024) Description: SOCKETTRANSPORT_ERROR_CONNECT_TIMEOUT Error - 07.04.2013 06:26:27 | Computer Name = PC-Deppin-PC | Source = acvpnagent | ID = 67108866 Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp Line: 1323 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28966899 (0xFE46000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target Error - 07.04.2013 06:26:27 | Computer Name = PC-Deppin-PC | Source = acvpnagent | ID = 67108866 Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line: 772 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28966899 (0xFE46000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target Error - 07.04.2013 06:26:27 | Computer Name = PC-Deppin-PC | Source = acvpnagent | ID = 67108866 Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line: 225 Invoked Function: CNetEnvironment::testNetwork Return Code: -28966899 (0xFE46000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target Error - 07.04.2013 10:26:16 | Computer Name = PC-Deppin-PC | Source = acvpnagent | ID = 67108866 Description = Function: CSocketTransport::callbackHandler File: .\IPC\SocketTransport.cpp Line: 1790 Invoked Function: ::WSAGetOverlappedResult Return Code: 10054 (0x00002746) Description: Eine vorhandene Verbindung wurde vom Remotehost geschlossen. Error - 07.04.2013 10:26:16 | Computer Name = PC-Deppin-PC | Source = acvpnagent | ID = 67108866 Description = Function: CSocketTransport::callbackHandler File: .\IPC\SocketTransport.cpp Line: 1791 Invoked Function: ::WSARecv/::WSARecvFrom Return Code: 0 (0x00000000) Description: unknown Error - 07.04.2013 10:26:16 | Computer Name = PC-Deppin-PC | Source = acvpnagent | ID = 67108866 Description = Function: CIpcTransport::OnSocketReadComplete File: .\IPC\IPCTransport.cpp Line: 895 Invoked Function: CSocketTransport::readSocket Return Code: -31588312 (0xFE1E0028) Description: SOCKETTRANSPORT_ERROR_GET_RESULT_FAILURE:The system get result call for the socket failed. Error - 07.04.2013 10:26:16 | Computer Name = PC-Deppin-PC | Source = acvpnagent | ID = 67108866 Description = Function: CIpcDepot::OnIpcMessageReceived File: .\IPC\IPCDepot.cpp Line: 1047 Invoked Function: CIpcTransport::OnSocketReadComplete Return Code: -31588312 (0xFE1E0028) Description: SOCKETTRANSPORT_ERROR_GET_RESULT_FAILURE:The system get result call for the socket failed. Error - 07.04.2013 10:26:16 | Computer Name = PC-Deppin-PC | Source = acvpnagent | ID = 67108866 Description = Function: CTcpTransport::writeSocketBlocking File: .\IPC\UdpTcpTransports_win.cpp Line: 311 Invoked Function: ::WSASend Return Code: 10054 (0x00002746) Description: Eine vorhandene Verbindung wurde vom Remotehost geschlossen. Error - 07.04.2013 10:26:16 | Computer Name = PC-Deppin-PC | Source = acvpnagent | ID = 67108866 Description = Function: CIpcTransport::terminateIpcConnection File: .\IPC\IPCTransport.cpp Line: 404 Invoked Function: CSocketTransport::writeSocketBlocking Return Code: -31588341 (0xFE1E000B) Description: SOCKETTRANSPORT_ERROR_WRITE [ System Events ] Error - 07.04.2013 06:02:11 | Computer Name = PC-Deppin-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 07.04.2013 06:02:11 | Computer Name = PC-Deppin-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 07.04.2013 06:02:13 | Computer Name = PC-Deppin-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 07.04.2013 06:02:13 | Computer Name = PC-Deppin-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 07.04.2013 06:02:13 | Computer Name = PC-Deppin-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 07.04.2013 06:02:13 | Computer Name = PC-Deppin-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 07.04.2013 06:02:13 | Computer Name = PC-Deppin-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = Error - 07.04.2013 06:02:14 | Computer Name = PC-Deppin-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Error - 07.04.2013 10:07:37 | Computer Name = PC-Deppin-PC | Source = Microsoft-Windows-Servicing | ID = 4385 Description = Error - 07.04.2013 10:07:38 | Computer Name = PC-Deppin-PC | Source = Microsoft-Windows-Servicing | ID = 4375 Description = < End of report > OTL.Txt: OTL logfile created on: 07.04.2013 17:26:53 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\PC-Deppin\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 65,78% Memory free 6,71 Gb Paging File | 5,43 Gb Available in Paging File | 80,94% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 576,17 Gb Total Space | 366,80 Gb Free Space | 63,66% Space Free | Partition Type: NTFS Drive D: | 19,99 Gb Total Space | 8,84 Gb Free Space | 44,23% Space Free | Partition Type: FAT32 Computer Name: PC-Deppin-PC | User Name: PC-Deppin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\PC-Deppin\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Users\PC-Deppin\Desktop\HiJackThis204.exe (Trend Micro Inc.) PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe (Adobe Systems, Inc.) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Windows\System32\PSIService.exe () ========== Modules (No Company Name) ========== MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_180.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Windows\System32\atitmmxx.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (vpnagent) -- C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe () ========== Driver Services (SafeList) ========== DRV - (Trufos) -- C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\trufos.sys File not found DRV - (Profos) -- C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (vpnva) -- C:\Windows\System32\drivers\vpnva.sys (Cisco Systems, Inc.) DRV - (acsmux) -- C:\Windows\System32\drivers\acsmux.sys (Cisco Systems, Inc.) DRV - (acsint) -- C:\Windows\System32\drivers\acsint.sys (Cisco Systems, Inc.) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project) DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (ahcix86s) -- C:\Windows\System32\drivers\ahcix86s.sys (Advanced Micro Devices, Inc) DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (ATI Technologies Inc.) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (amdide) -- C:\Windows\System32\drivers\amdide.sys (Advanced Micro Devices) DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi-sued.de/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi-sued.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDC_deDE338 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q=" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/firefox?client=firefox-a&rls=org.mozilla:de  fficial"FF - prefs.js..extensions.enabledAddons: %7B800b5000-a755-47e1-992b-48a1c1357f07%7D:1.5.3 FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9 FF - prefs.js..extensions.enabledAddons: %7B872b5b88-9db5-4310-bdd0-ac189557e5f5%7D:3.18.0.7 FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.02.17 22:51:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.02.17 22:51:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.08 11:48:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.08 11:48:08 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Ltd\BullGuard\antispam\tbspamfilter [2009.08.13 10:52:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\Extensions [2013.04.06 13:30:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\Firefox\Profiles\pfrv7rgi.default\extensions [2010.06.27 18:28:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\Firefox\Profiles\pfrv7rgi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.08.07 11:28:28 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\Firefox\Profiles\pfrv7rgi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2013.02.08 01:01:50 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\Firefox\Profiles\pfrv7rgi.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.04.05 19:12:05 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\Firefox\Profiles\pfrv7rgi.default\extensions\engine@conduit.com [2011.11.21 22:47:36 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\Firefox\Profiles\pfrv7rgi.default\extensions\ffxtlbr@Facemoods.com [2013.04.06 13:30:32 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\Firefox\Profiles\pfrv7rgi.default\extensions\ich@maltegoetz.de [2012.12.12 12:10:52 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2013.04.02 17:28:08 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-1.xml [2011.07.29 14:13:14 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-10.xml [2011.08.20 15:25:58 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-11.xml [2011.08.27 15:04:33 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-12.xml [2011.09.05 15:23:13 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-13.xml [2011.09.13 15:22:14 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-14.xml [2011.10.05 16:53:08 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-15.xml [2011.10.23 21:01:51 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-16.xml [2011.11.14 22:51:17 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-17.xml [2011.11.15 19:12:50 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-18.xml [2012.02.23 18:38:14 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-19.xml [2010.12.11 16:43:49 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-2.xml [2012.04.18 11:19:50 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-20.xml [2012.04.23 20:00:40 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-21.xml [2012.04.24 23:12:01 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-22.xml [2012.05.09 17:10:53 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-23.xml [2012.07.17 17:25:33 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-24.xml [2012.08.15 19:06:50 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-25.xml [2012.08.22 18:08:04 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-26.xml [2012.09.25 13:39:05 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-27.xml [2012.11.22 18:56:58 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-28.xml [2013.01.09 11:25:10 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-29.xml [2011.03.05 09:14:50 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-3.xml [2013.01.23 18:01:27 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-30.xml [2013.02.08 01:02:04 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-31.xml [2013.03.08 20:00:31 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-32.xml [2013.03.25 16:32:48 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-33.xml [2011.03.08 16:47:54 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-4.xml [2011.03.28 16:59:08 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-5.xml [2011.05.01 19:15:38 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-6.xml [2011.05.01 19:20:34 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-7.xml [2011.06.11 13:39:56 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-8.xml [2011.06.24 12:42:16 | 000,000,950 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin-9.xml [2010.10.27 16:11:48 | 000,001,056 | ---- | M] () -- C:\Users\PC-Deppin\AppData\Roaming\mozilla\firefox\profiles\pfrv7rgi.default\searchplugins\icqplugin.xml [2013.03.08 11:47:45 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.03.08 11:48:09 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.12.13 19:13:31 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.12.13 19:13:31 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.12.13 19:13:31 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.11.21 22:47:37 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml [2012.12.13 19:13:31 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.12.13 19:13:31 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.12.13 19:13:31 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Programme\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Programme\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\PC-Deppin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A1D29D1-18BE-4AD8-8867-254121595745}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA4C24FD-3FA1-490B-830F-BD829E6D0232}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4DFD377-3817-4CB5-8136-896AB5B18539}: DhcpNameServer = 131.246.9.116 131.246.1.116 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\PC-Deppin\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\PC-Deppin\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{2a814241-112b-11e1-aae0-002421b91162}\Shell - "" = AutoRun O33 - MountPoints2\{2a814241-112b-11e1-aae0-002421b91162}\Shell\AutoRun\command - "" = I:\LANLauncher.exe O33 - MountPoints2\{791bf76f-15d1-11e1-b0ad-002421b91162}\Shell - "" = AutoRun O33 - MountPoints2\{791bf76f-15d1-11e1-b0ad-002421b91162}\Shell\AutoRun\command - "" = J:\LANLauncher.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.04.07 16:17:14 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\PC-Deppin\Desktop\HiJackThis204.exe [2013.04.07 16:04:53 | 000,000,000 | ---D | C] -- C:\Windows\pss [2013.04.06 15:11:53 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft [2013.04.06 15:11:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2013.03.26 13:12:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco [2013.03.26 13:12:39 | 000,000,000 | ---D | C] -- C:\Users\PC-Deppin\AppData\Local\Cisco [2013.03.26 13:12:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco [2013.03.26 13:12:39 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco ========== Files - Modified Within 30 Days ========== [2013.04.07 17:29:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.04.07 16:19:16 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\PC-Deppin\Desktop\HiJackThis204.exe [2013.04.07 15:53:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.07 12:14:06 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.04.07 12:14:06 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.04.07 12:14:06 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.04.07 12:14:06 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.04.07 12:07:07 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.07 12:07:07 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.07 12:06:21 | 3487,883,264 | -HS- | M] () -- C:\hiberfil.sys [2013.04.07 11:56:58 | 000,052,236 | ---- | M] () -- C:\Users\PC-Deppin\Documents\cc_20130407_115645.reg [2013.04.07 10:16:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2013.04.05 15:37:33 | 000,142,074 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0131.pdf [2013.04.05 15:36:54 | 000,259,639 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0130.pdf [2013.04.05 15:36:20 | 000,352,068 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0129.pdf [2013.04.05 15:35:37 | 000,221,698 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0128.pdf [2013.04.05 15:35:01 | 000,212,242 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0127.pdf [2013.04.05 15:34:17 | 000,300,873 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0126.pdf [2013.04.05 15:33:43 | 000,311,915 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0125.pdf [2013.04.05 15:33:03 | 000,327,949 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0124.pdf [2013.04.05 15:32:25 | 000,368,559 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0123.pdf [2013.04.05 15:31:40 | 000,237,658 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0122.pdf [2013.04.05 15:31:05 | 000,401,972 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0121.pdf [2013.04.05 15:30:20 | 000,324,513 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0120.pdf [2013.04.05 15:29:42 | 000,308,509 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0119.pdf [2013.04.05 15:29:00 | 000,404,903 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0118.pdf [2013.04.05 15:28:20 | 000,578,761 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0117.pdf [2013.04.05 15:26:37 | 000,286,759 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0116.pdf [2013.04.05 15:26:05 | 000,281,500 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0115.pdf [2013.04.05 15:25:15 | 000,317,190 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0114.pdf [2013.04.05 15:24:44 | 000,331,335 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0113.pdf [2013.04.05 15:24:03 | 000,742,022 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0112.pdf [2013.04.05 15:23:31 | 000,521,289 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0111.pdf [2013.04.05 15:22:46 | 000,390,075 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0110.pdf [2013.04.05 15:22:09 | 000,276,284 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0109.pdf [2013.04.05 15:21:24 | 000,250,780 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0108.pdf [2013.04.05 15:20:42 | 000,300,209 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0107.pdf [2013.04.05 15:20:01 | 000,292,309 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0106.pdf [2013.04.05 15:19:26 | 000,302,231 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0105.pdf [2013.04.05 15:18:46 | 000,191,749 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0104.pdf [2013.04.05 15:18:13 | 000,219,277 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0103.pdf [2013.04.05 15:17:26 | 000,246,332 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0102.pdf [2013.04.05 15:16:52 | 000,284,573 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0101.pdf [2013.04.05 15:15:58 | 000,253,890 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0100.pdf [2013.04.05 15:15:24 | 000,290,713 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0099.pdf [2013.04.05 15:14:42 | 000,307,771 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0098.pdf [2013.04.05 15:14:08 | 000,303,331 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0097.pdf [2013.04.05 15:13:30 | 000,309,192 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0096.pdf [2013.04.05 15:12:47 | 000,295,682 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0095.pdf [2013.04.05 15:11:57 | 000,306,261 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0094.pdf [2013.04.05 15:11:17 | 000,253,852 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0093.pdf [2013.04.05 15:02:14 | 000,322,196 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0092.pdf [2013.04.05 15:01:26 | 000,277,162 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0091.pdf [2013.04.05 15:00:43 | 000,291,679 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0090.pdf [2013.04.05 15:00:06 | 000,277,238 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0089.pdf [2013.04.05 14:59:28 | 000,301,218 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0088.pdf [2013.04.05 14:58:43 | 000,281,088 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0087.pdf [2013.04.05 14:58:07 | 000,271,190 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0086.pdf [2013.04.05 14:57:32 | 000,257,454 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0085.pdf [2013.04.05 14:56:56 | 000,227,312 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0084.pdf [2013.04.05 14:56:20 | 000,277,704 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0083.pdf [2013.04.05 14:55:41 | 000,273,169 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0082.pdf [2013.04.05 14:54:56 | 000,365,125 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0081.pdf [2013.04.05 14:54:20 | 000,316,777 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0080.pdf [2013.04.05 14:53:35 | 000,472,307 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0079.pdf [2013.04.05 14:53:00 | 000,459,992 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0078.pdf [2013.04.05 14:52:08 | 000,501,250 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0077.pdf [2013.04.05 14:51:12 | 000,482,240 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0076.pdf [2013.04.05 14:50:25 | 000,276,589 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0075.pdf [2013.04.05 14:49:46 | 000,396,084 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0074.pdf [2013.04.05 14:49:10 | 000,272,698 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0073.pdf [2013.04.05 14:48:19 | 000,432,834 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0072.pdf [2013.04.05 14:47:41 | 000,234,398 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0071.pdf [2013.04.05 14:46:56 | 000,269,128 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0070.pdf [2013.04.05 14:46:09 | 000,214,239 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0069.pdf [2013.04.05 14:45:33 | 000,209,988 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0068.pdf [2013.04.05 14:44:54 | 000,441,193 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0067.pdf [2013.04.05 14:44:13 | 000,547,435 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0066.pdf [2013.04.05 14:43:38 | 000,400,257 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0065.pdf [2013.04.05 14:42:37 | 000,359,335 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0064.pdf [2013.04.05 14:41:56 | 000,204,058 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0063.pdf [2013.04.05 14:40:16 | 000,292,328 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0062.pdf [2013.04.05 14:39:32 | 000,422,998 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0061.pdf [2013.04.05 14:38:42 | 000,251,430 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0060.pdf [2013.04.05 14:38:07 | 000,328,191 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0059.pdf [2013.04.05 14:37:13 | 000,251,346 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0058.pdf [2013.04.05 14:36:34 | 000,277,667 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0057.pdf [2013.04.05 14:35:44 | 000,197,279 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0056.pdf [2013.04.05 14:34:50 | 000,324,477 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0055.pdf [2013.04.05 14:33:55 | 000,290,613 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0054.pdf [2013.04.05 14:33:11 | 000,344,201 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0053.pdf [2013.04.05 14:32:09 | 000,288,389 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0052.pdf [2013.04.05 14:31:06 | 000,313,576 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0051.pdf [2013.04.05 14:29:34 | 000,328,825 | ---- | M] () -- C:\Users\PC-Deppin\Documents\Scan0050.pdf [2013.03.26 12:11:49 | 000,000,953 | ---- | M] () -- C:\Users\PC-Deppin\Desktop\Dropbox.lnk [2013.03.26 11:43:21 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.03.26 11:43:21 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.03.12 17:41:20 | 000,048,722 | ---- | M] () -- C:\Users\PC-Deppin\Desktop\542726_133785890133010_2078696797_n.jpg [2013.03.12 17:39:06 | 000,252,540 | ---- | M] () -- C:\Users\PC-Deppin\Desktop\Theoriefragen & Lösungen.pdf ========== Files Created - No Company Name ========== [2013.04.07 11:56:53 | 000,052,236 | ---- | C] () -- C:\Users\PC-Deppin\Documents\cc_20130407_115645.reg [2013.04.05 15:37:33 | 000,142,074 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0131.pdf [2013.04.05 15:36:54 | 000,259,639 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0130.pdf [2013.04.05 15:36:19 | 000,352,068 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0129.pdf [2013.04.05 15:35:36 | 000,221,698 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0128.pdf [2013.04.05 15:35:01 | 000,212,242 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0127.pdf [2013.04.05 15:34:16 | 000,300,873 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0126.pdf [2013.04.05 15:33:43 | 000,311,915 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0125.pdf [2013.04.05 15:33:02 | 000,327,949 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0124.pdf [2013.04.05 15:32:25 | 000,368,559 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0123.pdf [2013.04.05 15:31:39 | 000,237,658 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0122.pdf [2013.04.05 15:31:05 | 000,401,972 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0121.pdf [2013.04.05 15:30:19 | 000,324,513 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0120.pdf [2013.04.05 15:29:42 | 000,308,509 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0119.pdf [2013.04.05 15:28:59 | 000,404,903 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0118.pdf [2013.04.05 15:28:20 | 000,578,761 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0117.pdf [2013.04.05 15:26:37 | 000,286,759 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0116.pdf [2013.04.05 15:26:05 | 000,281,500 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0115.pdf [2013.04.05 15:25:14 | 000,317,190 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0114.pdf [2013.04.05 15:24:43 | 000,331,335 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0113.pdf [2013.04.05 15:24:02 | 000,742,022 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0112.pdf [2013.04.05 15:23:30 | 000,521,289 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0111.pdf [2013.04.05 15:22:45 | 000,390,075 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0110.pdf [2013.04.05 15:22:08 | 000,276,284 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0109.pdf [2013.04.05 15:21:24 | 000,250,780 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0108.pdf [2013.04.05 15:20:42 | 000,300,209 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0107.pdf [2013.04.05 15:20:01 | 000,292,309 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0106.pdf [2013.04.05 15:19:26 | 000,302,231 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0105.pdf [2013.04.05 15:18:45 | 000,191,749 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0104.pdf [2013.04.05 15:18:12 | 000,219,277 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0103.pdf [2013.04.05 15:17:25 | 000,246,332 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0102.pdf [2013.04.05 15:16:52 | 000,284,573 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0101.pdf [2013.04.05 15:15:58 | 000,253,890 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0100.pdf [2013.04.05 15:15:24 | 000,290,713 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0099.pdf [2013.04.05 15:14:42 | 000,307,771 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0098.pdf [2013.04.05 15:14:08 | 000,303,331 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0097.pdf [2013.04.05 15:13:29 | 000,309,192 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0096.pdf [2013.04.05 15:12:46 | 000,295,682 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0095.pdf [2013.04.05 15:11:56 | 000,306,261 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0094.pdf [2013.04.05 15:11:16 | 000,253,852 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0093.pdf [2013.04.05 15:02:13 | 000,322,196 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0092.pdf [2013.04.05 15:01:25 | 000,277,162 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0091.pdf [2013.04.05 15:00:42 | 000,291,679 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0090.pdf [2013.04.05 15:00:06 | 000,277,238 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0089.pdf [2013.04.05 14:59:28 | 000,301,218 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0088.pdf [2013.04.05 14:58:43 | 000,281,088 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0087.pdf [2013.04.05 14:58:07 | 000,271,190 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0086.pdf [2013.04.05 14:57:32 | 000,257,454 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0085.pdf [2013.04.05 14:56:55 | 000,227,312 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0084.pdf [2013.04.05 14:56:20 | 000,277,704 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0083.pdf [2013.04.05 14:55:40 | 000,273,169 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0082.pdf [2013.04.05 14:54:55 | 000,365,125 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0081.pdf [2013.04.05 14:54:19 | 000,316,777 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0080.pdf [2013.04.05 14:53:35 | 000,472,307 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0079.pdf [2013.04.05 14:53:00 | 000,459,992 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0078.pdf [2013.04.05 14:52:07 | 000,501,250 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0077.pdf [2013.04.05 14:51:12 | 000,482,240 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0076.pdf [2013.04.05 14:50:25 | 000,276,589 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0075.pdf [2013.04.05 14:49:45 | 000,396,084 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0074.pdf [2013.04.05 14:49:10 | 000,272,698 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0073.pdf [2013.04.05 14:48:19 | 000,432,834 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0072.pdf [2013.04.05 14:47:41 | 000,234,398 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0071.pdf [2013.04.05 14:46:56 | 000,269,128 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0070.pdf [2013.04.05 14:46:09 | 000,214,239 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0069.pdf [2013.04.05 14:45:33 | 000,209,988 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0068.pdf [2013.04.05 14:44:53 | 000,441,193 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0067.pdf [2013.04.05 14:44:12 | 000,547,435 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0066.pdf [2013.04.05 14:43:37 | 000,400,257 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0065.pdf [2013.04.05 14:42:36 | 000,359,335 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0064.pdf [2013.04.05 14:41:56 | 000,204,058 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0063.pdf [2013.04.05 14:40:16 | 000,292,328 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0062.pdf [2013.04.05 14:39:32 | 000,422,998 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0061.pdf [2013.04.05 14:38:42 | 000,251,430 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0060.pdf [2013.04.05 14:38:07 | 000,328,191 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0059.pdf [2013.04.05 14:37:12 | 000,251,346 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0058.pdf [2013.04.05 14:36:34 | 000,277,667 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0057.pdf [2013.04.05 14:35:43 | 000,197,279 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0056.pdf [2013.04.05 14:34:50 | 000,324,477 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0055.pdf [2013.04.05 14:33:55 | 000,290,613 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0054.pdf [2013.04.05 14:33:11 | 000,344,201 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0053.pdf [2013.04.05 14:32:09 | 000,288,389 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0052.pdf [2013.04.05 14:31:05 | 000,313,576 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0051.pdf [2013.04.05 14:29:34 | 000,328,825 | ---- | C] () -- C:\Users\PC-Deppin\Documents\Scan0050.pdf [2013.03.12 20:24:13 | 000,252,540 | ---- | C] () -- C:\Users\PC-Deppin\Desktop\Theoriefragen & Lösungen.pdf [2013.03.12 20:23:47 | 000,048,722 | ---- | C] () -- C:\Users\PC-Deppin\Desktop\542726_133785890133010_2078696797_n.jpg [2011.12.05 19:05:42 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011.12.05 19:05:40 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2009.07.24 10:29:04 | 000,185,344 | ---- | C] () -- C:\Users\PC-Deppin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.07.23 18:39:30 | 000,000,184 | ---- | C] () -- C:\Users\PC-Deppin\AppData\Roaming\wklnhst.dat ========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 18:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.10 23:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.10 23:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2011.11.17 20:37:04 | 000,000,000 | ---D | M] -- C:\Users\PC-Deppin\AppData\Roaming\DAEMON Tools Lite [2013.04.07 15:56:34 | 000,000,000 | ---D | M] -- C:\Users\PC-Deppin\AppData\Roaming\Dropbox [2013.04.06 15:12:04 | 000,000,000 | ---D | M] -- C:\Users\PC-Deppin\AppData\Roaming\DVDVideoSoft [2011.01.31 20:11:41 | 000,000,000 | ---D | M] -- C:\Users\PC-Deppin\AppData\Roaming\DVDVideoSoftIEHelpers [2010.12.24 20:40:53 | 000,000,000 | ---D | M] -- C:\Users\PC-Deppin\AppData\Roaming\Games [2012.07.20 13:24:02 | 000,000,000 | ---D | M] -- C:\Users\PC-Deppin\AppData\Roaming\ICQ [2011.02.13 14:08:04 | 000,000,000 | ---D | M] -- C:\Users\PC-Deppin\AppData\Roaming\Meine Die Schlacht um Mittelerde-Dateien [2011.12.05 19:05:38 | 000,000,000 | ---D | M] -- C:\Users\PC-Deppin\AppData\Roaming\PunkBuster [2009.07.23 18:40:02 | 000,000,000 | ---D | M] -- C:\Users\PC-Deppin\AppData\Roaming\Template [2010.08.16 15:29:12 | 000,000,000 | ---D | M] -- C:\Users\PC-Deppin\AppData\Roaming\Ubisoft ========== Purity Check ========== < End of report > |
|
07.04.2013, 17:49
| #2 |
| | OTL Logfiles auswerten Ok war ein bisschen doof wollte die logfiles eigentlich als anhänge anfügen und nicht im text.
__________________sorry |
|
22.04.2013, 17:21
| #3 |
| /// Helfer-Team  | OTL Logfiles auswerten Leider hast du mit deiner Antwort das Thema vergraben. Besteht das Problem immer noch?
__________________ |
|
29.04.2013, 14:07
| #4 |
| | OTL Logfiles auswerten Hab es einfach mal mit HijackThis probiert und es ist schon deutlich besser,hoffe es bleibt dabei.melde mich ansonsten nochmal und danke für die antwort. |
|
29.04.2013, 14:41
| #5 |
| /// Helfer-Team | OTL Logfiles auswerten Alles klar. |
|
| Themen zu OTL Logfiles auswerten |
| auswerten, avira, browser, converter, desktop, dringend, error, excel, flash player, google, hijack, hijackthis, home, iexplore.exe, install.exe, jdownloader, langsam, log auswerten, logfile, mp3, picasa, plug-in, problem, realtek, scan, security, sehr langsam, senden, server, software |
Linear-Darstellung
