![]() |
|
Log-Analyse und Auswertung: Hotmail-Account verschickt eigenständig Spam-Mails an KontakteWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
| ![]() Hotmail-Account verschickt eigenständig Spam-Mails an Kontakte Hallo, von meinem (eigentlich gelöschten) Hotmail-Account werden Spam Mails an meine Kontakte versendet (Betreff ist leer, Mail enthält nur einen Link). Würde mich freuen wenn ihr mich bei der Suche nach der Ursache unterstützt. Hier der Header der Spam-Mail: Code:
ATTFilter Return-Path: dummy***0@hotmail.de Received: from bay0-omc2-s1.bay0.hotmail.com ([65.54.190.76]) by mx-ha.gmx.net (mxgmx105) with ESMTP (Nemesis) id 0M3dPh-1Ulloi47BR-00rDTl for <dummy***1@gmx.de>; Mon, 22 Apr 2013 13:27:10 +0200 Received: from BAY002-M81 ([65.54.190.125]) by bay0-omc2-s1.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Mon, 22 Apr 2013 04:27:08 -0700 X-EIP: [Eh1Ve7NqIsXUlE3V934ZL8LY0FKcgoJQ] X-Originating-Email: [dummy***0@hotmail.de] Message-ID: <BAY002-M811225F3B2379E91F87B4BDFCB0@phx.gbl> Content-Type: multipart/alternative; boundary=_00916399-9806-41fe-876e-9ba278eb9ae6_ From: dummy***0@hotmail.de To: *** Subject: Date: Mon, 22 Apr 2013 13:27:08 +0200 Importance: Normal MIME-Version: 1.0 X-OriginalArrivalTime: 22 Apr 2013 11:27:08.0625 (UTC) FILETIME=[53332C10:01CE3F4C] Envelope-To: <dummy***1@gmx.de> X-GMX-Antispam: 6 (nemesis text pattern profiler); Detail=V3; X-GMX-Antivirus: 0 (no virus found) Hier die Log-Files der initialen Scans: OTL.txt Code:
ATTFilter OTL logfile created on: 26.04.2013 11:22:51 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sylvi\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,99 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 56,31% Memory free 6,21 Gb Paging File | 4,77 Gb Available in Paging File | 76,83% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 144,09 Gb Total Space | 82,97 Gb Free Space | 57,59% Space Free | Partition Type: NTFS Drive D: | 144,00 Gb Total Space | 143,91 Gb Free Space | 99,94% Space Free | Partition Type: NTFS Computer Name: ***-LAPTOP | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_TATIH3E.EXE (SEIKO EPSON CORPORATION) PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia) PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia) PRC - C:\Programme\Ask.com\Updater\Updater.exe (Ask) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.) PRC - C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics) PRC - C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Samsung Electronics Co., Ltd.) PRC - C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe (SAMSUNG Electronics co., LTD.) PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\Programme\Samsung\Samsung Update Plus\SLUTrayNotifier.exe () PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Programme\Lexmark 8300 Series\ezprint.exe (Lexmark International Inc.) PRC - C:\Programme\Lexmark 8300 Series\lxcjmon.exe (Lexmark International, Inc.) PRC - C:\Windows\System32\lxcjcoms.exe ( ) PRC - C:\Windows\Samsung\PanelMgr\SSMMgr.exe () ========== Modules (No Company Name) ========== MOD - C:\Programme\Nokia\Nokia Suite\phonon4.dll () MOD - C:\Programme\Nokia\Nokia Suite\QtXmlPatterns4.dll () MOD - C:\Programme\Nokia\Nokia Suite\QtXml4.dll () MOD - C:\Programme\Nokia\Nokia Suite\QtWebKit4.dll () MOD - C:\Programme\Nokia\Nokia Suite\QtSql4.dll () MOD - C:\Programme\Nokia\Nokia Suite\QtScript4.dll () MOD - C:\Programme\Nokia\Nokia Suite\QtOpenGL4.dll () MOD - C:\Programme\Nokia\Nokia Suite\QtGui4.dll () MOD - C:\Programme\Nokia\Nokia Suite\QtNetwork4.dll () MOD - C:\Programme\Nokia\Nokia Suite\QtMultimediaKit1.dll () MOD - C:\Programme\Nokia\Nokia Suite\QtDeclarative4.dll () MOD - C:\Programme\Nokia\Nokia Suite\QtCore4.dll () MOD - C:\Programme\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll () MOD - C:\Programme\Nokia\Nokia Suite\Imageformats\qjpeg4.dll () MOD - C:\Programme\Nokia\Nokia Suite\Imageformats\qico4.dll () MOD - C:\Programme\Nokia\Nokia Suite\Imageformats\qgif4.dll () MOD - C:\Programme\Nokia\Nokia Suite\NService.dll () MOD - C:\Programme\Nokia\Nokia Suite\CommonUpdateChecker.dll () MOD - C:\Programme\Nokia\Nokia Suite\ssoengine.dll () MOD - C:\Programme\Nokia\Nokia Suite\securestorage.dll () MOD - C:\Programme\Nokia\Nokia Suite\mediaservice\dsengine.dll () MOD - C:\Programme\Samsung\Samsung Update Plus\SLUTrayNotifier.exe () MOD - C:\Programme\Common Files\LightScribe\QtGui4.dll () MOD - C:\Programme\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll () MOD - C:\Programme\Common Files\LightScribe\QtCore4.dll () MOD - C:\Windows\Samsung\PanelMgr\SSMMgr.exe () MOD - C:\Programme\Samsung\Samsung Magic Doctor\HookDllPS2.dll () MOD - C:\Programme\Samsung\EasySpeedUpManager\HookDllPS2.dll () MOD - C:\Programme\Samsung\Easy Display Manager\HookDllPS2.dll () MOD - C:\Programme\Lexmark 8300 Series\lxcjdrec.dll () MOD - C:\Programme\Lexmark 8300 Series\iptk.dll () ========== Services (SafeList) ========== SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (Samsung Update Plus) -- C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe () SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (lxcj_device) -- C:\Windows\System32\lxcjcoms.exe ( ) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (MSSQL$MSSMLBIZ) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (VMC302) -- System32\Drivers\VMC302.sys File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (VMC326) -- C:\Windows\System32\drivers\VMC326.sys (Vimicro Corporation) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (NETw3v32) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation) DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.) DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics) DRV - (DgiVecp) -- C:\Windows\System32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\SearchScopes,DefaultScope = {9CE5FB8D-55DC-4925-BA38-97B53075E33A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{42B8115D-820C-4B25-A82A-D8BD1532396D}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=800e40be-98ba-4b07-99dc-f66361ff394e&apn_sauid=3108C686-0A1E-4796-BFAE-483F77516E0F IE - HKCU\..\SearchScopes\{9CE5FB8D-55DC-4925-BA38-97B53075E33A}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.01.08 19:59:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.06.11 18:03:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2011.06.11 18:03:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 8300 Series\ezprint.exe (Lexmark International Inc.) O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [LXCJCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCJtime.DLL (Lexmark International Inc.) O4 - HKLM..\Run: [lxcjmon.exe] C:\Program Files\Lexmark 8300 Series\lxcjmon.exe (Lexmark International, Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe () O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_TATIH3E.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [EPLTarget\P0000000000000001] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_TATIH3E.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{52F78981-3328-4EF4-8B22-47FFE3EDFE2B}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Sylvi\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Sylvi\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{a961b98f-9890-11de-ada0-001377f2336b}\Shell\AutoRun\command - "" = F:\Menu.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\InstallNavi.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.04.04 19:00:00 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.04.26 11:13:46 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.26 11:13:46 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.26 11:12:06 | 000,675,412 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.04.26 11:12:06 | 000,633,886 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.04.26 11:12:06 | 000,146,368 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.04.26 11:12:06 | 000,118,772 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.04.26 11:10:59 | 000,145,713 | ---- | M] () -- C:\ProgramData\nvModes.001 [2013.04.26 11:10:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.26 09:48:38 | 3215,572,992 | -HS- | M] () -- C:\hiberfil.sys [2013.04.16 19:24:04 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.05.08 13:54:52 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugs2l3.dll [2011.05.08 13:51:43 | 000,483,328 | ---- | C] () -- C:\Windows\ssndii.exe [2011.05.08 13:49:53 | 000,026,624 | ---- | C] () -- C:\Windows\System32\spd__l3.dll [2011.05.08 13:49:51 | 000,339,968 | ---- | C] () -- C:\Windows\System32\DscPnt1.dll [2011.05.08 13:49:51 | 000,233,472 | ---- | C] () -- C:\Windows\System32\DscPnt0.dll [2011.05.08 13:49:51 | 000,229,376 | ---- | C] () -- C:\Windows\System32\DscPnt.dll [2010.01.02 11:18:46 | 000,007,168 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.03.16 02:22:18 | 000,145,713 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009.03.16 02:22:11 | 000,145,713 | ---- | C] () -- C:\ProgramData\nvModes.dat ========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > Code:
ATTFilter OTL Extras logfile created on: 26.04.2013 11:22:51 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,99 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 56,31% Memory free 6,21 Gb Paging File | 4,77 Gb Available in Paging File | 76,83% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 144,09 Gb Total Space | 82,97 Gb Free Space | 57,59% Space Free | Partition Type: NTFS Drive D: | 144,00 Gb Total Space | 143,91 Gb Free Space | 99,94% Space Free | Partition Type: NTFS Computer Name: ***-LAPTOP | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [CEWE FOTOSCHAU] -- "C:\Program Files\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [dm-Fotowelt] -- "C:\Program Files\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-331587386-2610647910-3138478596-1003] "EnableNotifications" = 0 "EnableNotificationsRef" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00F54C23-0D9D-4BC0-8B7F-FCA560C405A1}" = lport=445 | protocol=6 | dir=in | app=system | "{1B2497C2-9244-4CE8-A7C7-51FE7E92B2A5}" = rport=139 | protocol=6 | dir=out | app=system | "{35FF2FE6-3A5C-47AA-9A64-2A909085B362}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe | "{4A2B3146-08CE-40B8-BDF4-85836A8148BB}" = rport=445 | protocol=6 | dir=out | app=system | "{5053E717-6EBF-4A12-B98A-0AB7AEAEB59A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{50C73B9D-C87F-49A7-8C66-51513B24B85A}" = rport=138 | protocol=17 | dir=out | app=system | "{53CA2DE1-2EED-48F1-851F-E0402AE3D608}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe | "{5AB6E35A-B403-4BA9-8C8F-CDAEBFFD21B5}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe | "{5E182C44-84CC-4D3C-BF28-EE7C73C7B247}" = lport=139 | protocol=6 | dir=in | app=system | "{663AC32B-516A-418A-B91D-030082CDB9ED}" = rport=137 | protocol=17 | dir=out | app=system | "{68121BFD-7B52-43F1-B027-08CB466590EA}" = lport=138 | protocol=17 | dir=in | app=system | "{696CF346-7160-48D2-887E-77509FD20CC2}" = lport=1701 | protocol=17 | dir=in | app=system | "{6E08B818-19DB-4788-A55A-4166023DA869}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe | "{711EFCDD-5798-4CBF-805E-1348617AC339}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe | "{7602E6F3-3FA1-4A49-95F0-B7356C6FE12A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{765B43BB-3454-4545-A177-D8131450FD1E}" = rport=1723 | protocol=6 | dir=out | app=system | "{77F9C8D6-8731-4178-9F50-1D16ABF5BAA1}" = lport=445 | protocol=6 | dir=in | app=system | "{7804D55B-3E5A-4AFF-9011-6C28CCC144A2}" = lport=443 | protocol=6 | dir=in | app=system | "{7A54809C-C236-4C60-BD8F-456EBB252CAF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe | "{7F751F53-15C3-4651-BE84-B56EC28A0D40}" = lport=2869 | protocol=6 | dir=in | app=system | "{A813F6C9-C1DD-43D1-8E07-9261B2303440}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe | "{A8850717-4E47-4132-BA21-6210BE815250}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{AB8A0AF9-A2F0-45A1-918D-876154EE2847}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{BDEB2330-DE96-4E51-B0C7-69794F1C8AE9}" = rport=1701 | protocol=17 | dir=out | app=system | "{DD71F75F-2F5E-4E68-A599-451D0625E117}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{E5D415F8-2CD3-468C-B1B4-6536D7DE7E1A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{EC19A95D-C3AF-49CB-9FBF-EFC00A0DAD56}" = lport=1723 | protocol=6 | dir=in | app=system | "{F09ACBD6-A8A7-4FE8-881F-F24D647B4812}" = lport=137 | protocol=17 | dir=in | app=system | "{F5C925CD-AA26-41A9-A77B-7808701F05F3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{F734CC29-D501-42D5-8505-C82035F01FBA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{F760D1E4-0B50-4E51-B7A6-EB686E3976EF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{F7B36F81-2FF4-479D-BD74-62762FA093AF}" = lport=162 | protocol=17 | dir=in | svc=snmptrap | app=c:\windows\system32\snmptrap.exe | "{FF2983FB-5B5B-45C8-A212-20733FBA363C}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1875C557-E160-4582-8BCB-D581EC7FC011}" = protocol=6 | dir=in | app=e:\network\epsonnetsetup\eneasyapp.exe | "{39C3A882-2EDD-4D76-9299-C7CAA9486F02}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{3BFB8E91-B6C6-4875-931E-BEFD24B22E93}" = protocol=17 | dir=in | app=c:\windows\system32\lxcjcoms.exe | "{3E740CEA-7484-441D-A42B-E8D40E8BF3DA}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{60A5DA3A-79C4-47E4-B7DF-67654BC4581E}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe | "{6B76AC50-6CFF-41D1-B598-C0831F9F0CBF}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{7B942282-C231-4B4E-B8FC-FF173651B04E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{82F4D083-D7EE-4B48-BB56-10AF43B79669}" = protocol=17 | dir=in | app=e:\network\epsonnetsetup\eneasyapp.exe | "{8841B10D-6865-4EF9-BB36-CC2FF031ABB1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{92892DD7-429B-4ED1-B60F-F0179729E46D}" = protocol=6 | dir=out | app=system | "{957CE3C8-960C-439B-A702-673FAA00B4BE}" = protocol=6 | dir=in | app=c:\windows\system32\supdsvc.exe | "{AA69C5CF-12F5-42EC-B2C5-08A89854E447}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{AD57DC4D-359C-4E54-8D0D-29317AD3C4CF}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxcjpswx.exe | "{B3B6485B-2510-4D0B-9C2B-403E2B19075E}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxcjpswx.exe | "{B48A66D2-FC0B-4F1B-A130-227C8B9BD017}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{BA7A9EDA-9D0E-4FFC-A9E8-2FE4DA8AFBA5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{BF3F31B0-F1B1-43CF-845F-937F01849CD3}" = protocol=17 | dir=in | app=c:\windows\system32\supdsvc.exe | "{C12D34D6-4DD0-4227-B089-86CDC0EDFABC}" = protocol=17 | dir=in | app=c:\program files\epson software\ecprintersetup\enpapp.exe | "{C64658BF-020A-4291-98F3-F09531E2A0B2}" = protocol=6 | dir=in | app=c:\program files\epson software\ecprintersetup\enpapp.exe | "{D872E124-E477-4C05-A62A-F76462D21B90}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | "{DA7DD00D-18C6-4240-807B-D844DB8BA9C1}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe | "{E15BABEA-16FD-4591-BF86-C3D4C55FB693}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe | "{EFAE9A45-D4EF-4320-9539-E01CD8B5A6D5}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe | "{F2C91E37-56A1-4CF9-9FDC-16A57917ECF1}" = protocol=6 | dir=in | app=c:\windows\system32\lxcjcoms.exe | "{F8428E31-51B5-4738-A2CA-EC2E9248B9FD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "TCP Query User{1E147243-FFAC-4228-A9BB-B805B9629497}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe | "UDP Query User{731F9092-6DE3-4BA6-87B9-53EDE2BD0842}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1 "{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300 "{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client "{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) "{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility "{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III "{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}" = Microsoft SQL Server VSS Writer "{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor "{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2 "{3B69A712-4CBC-40B1-AE55-0203075FD093}" = Nokia Suite "{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 "{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0 "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}" = Microsoft SQL Server Native Client "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager "{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera "{71A51B59-E7D3-11DB-A386-005056C00008}" = Namuga 1.3M Webcam "{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution "{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung "{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch "{AED53CDF-1046-4C6B-B5E2-C195125ECDA0}" = Intel(R) PROSet/Wireless WiFi-Software "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer "{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup "{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86 "{E728441A-7820-4B1C-87C9-DE7BE37B2953}" = Download Navigator "{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Agere Systems Soft Modem" = Agere Systems HDA Modem "Avira AntiVir Desktop" = Avira Free Antivirus "Business Contact Manager für Outlook 2007" = Business Contact Manager für Outlook 2007 "dm-Fotowelt" = dm-Fotowelt "EPSON PC-FAX Driver 2" = Epson PC-FAX Driver "EPSON Scanner" = EPSON Scan "EPSON WP-4535 Series" = EPSON WP-4535 Series Printer Uninstall "EPSON WP-4535 Series Netg" = Netzwerkhandbuch EPSON WP-4535 Series "EPSON WP-4535 Series Useg" = Benutzerhandbuch EPSON WP-4535 Series "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}" = Easy Network Manager 3.0 "InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus "InstallShield_{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}" = Play Camera "Lexmark 8300 Series" = Lexmark 8300 Series "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Thunderbird 9.0.1 (x86 de)" = Mozilla Thunderbird 9.0.1 (x86 de) "Nokia Suite" = Nokia Suite "NVIDIA Drivers" = NVIDIA Drivers "PROHYBRIDR" = 2007 Microsoft Office system "ProInst" = Intel PROSet Wireless "Samsung ML-2010 Series" = Samsung ML-2010 Series "SynTPDeinstKey" = Synaptics Pointing Device Driver ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 17.01.2013 13:24:43 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 17826 Description = Aufgrund eines internen Fehlers in einer Netzwerkbibliothek konnte die Netzwerkbibliothek nicht gestartet werden. Überprüfen Sie zum Bestimmen der Ursache die diesem Fehler unmittelbar vorhergehenden Fehler im Fehlerprotokoll. Error - 17.01.2013 13:24:43 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 17120 Description = SQL Server konnte den Thread FRunCM nicht erzeugen. Suchen Sie im SQL Server-Fehlerprotokoll und in den Windows-Ereignisprotokollen nach Informationen zu möglichen verwandten Problemen. Error - 17.01.2013 13:25:39 | Computer Name = ***-Laptop | Source = WinMgmt | ID = 10 Description = Error - 23.01.2013 14:32:34 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 17190 Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 4. Error - 23.01.2013 14:32:34 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 26015 Description = Das vom Benutzer angegebene Zertifikat kann nicht geladen werden. Da die Verbindungsverschlüsselung erforderlich ist, wird vom Server keine Verbindung akzeptiert. Überprüfen Sie, ob das Zertifikat richtig installiert ist. Lesen Sie 'Konfigurieren eines Zertifikats zur Verwendung durch SSL' in der Onlinedokumentation. Error - 23.01.2013 14:32:34 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 17182 Description = Fehler bei der TDSSNIClient-Initialisierung. Fehler 0x80092004, Statuscode 0x80. Error - 23.01.2013 14:32:34 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 17182 Description = Fehler bei der TDSSNIClient-Initialisierung. Fehler 0x80092004, Statuscode 0x1. Error - 23.01.2013 14:32:34 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 17826 Description = Aufgrund eines internen Fehlers in einer Netzwerkbibliothek konnte die Netzwerkbibliothek nicht gestartet werden. Überprüfen Sie zum Bestimmen der Ursache die diesem Fehler unmittelbar vorhergehenden Fehler im Fehlerprotokoll. Error - 23.01.2013 14:32:34 | Computer Name = ***-Laptop | Source = MSSQL$MSSMLBIZ | ID = 17120 Description = SQL Server konnte den Thread FRunCM nicht erzeugen. Suchen Sie im SQL Server-Fehlerprotokoll und in den Windows-Ereignisprotokollen nach Informationen zu möglichen verwandten Problemen. Error - 23.01.2013 14:33:24 | Computer Name = ***-Laptop | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 07.01.2010 11:03:27 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7000 Description = Error - 07.01.2010 15:07:31 | Computer Name = ***-Laptop | Source = HTTP | ID = 15016 Description = Error - 07.01.2010 15:08:02 | Computer Name = ***-Laptop | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 07.01.2010 15:09:12 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7000 Description = Error - 08.01.2010 12:41:43 | Computer Name = ***-Laptop | Source = HTTP | ID = 15016 Description = Error - 08.01.2010 12:42:20 | Computer Name = ***-Laptop | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 08.01.2010 12:43:21 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7000 Description = Error - 09.01.2010 10:42:34 | Computer Name = ***-Laptop | Source = HTTP | ID = 15016 Description = Error - 09.01.2010 10:43:10 | Computer Name = ***-Laptop | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 09.01.2010 10:44:12 | Computer Name = ***-Laptop | Source = Service Control Manager | ID = 7000 Description = < End of report > Vielen Dank und beste Grüße... |
Themen zu Hotmail-Account verschickt eigenständig Spam-Mails an Kontakte |
autorun, avg, avira, avira searchfree toolbar, bho, defender, desktop, error, firefox, flash player, format, gmx.de, home, iexplore.exe, install.exe, logfile, mail.de, microsoft office 2003, nemesis, office 2007, realtek, registry, rundll, security, senden, server, software, spam, svchost.exe, udp, vista, wlan |