| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: searchnu.com/406?... in IE Firefox und ChromeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.05.2013, 16:53
| #1 |
| |  searchnu.com/406?... in IE Firefox und Chrome Hallo liebe Experten, ich hab mir mit einen iLivid Download wohl was eingefangen. In allen neuen Tabs geht jetzt immer "searchnu.com/406?appid=484&tag=newtab" auf. Kann das aber nicht mehr ändern. Bitte um eure Hilfe Hier die Logs: OTL: Code:
ATTFilter OTL logfile created on: 15.05.2013 16:52:43 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Carina\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 72,00% Memory free 7,00 Gb Paging File | 5,90 Gb Available in Paging File | 84,28% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 596,17 Gb Total Space | 399,29 Gb Free Space | 66,98% Space Free | Partition Type: NTFS Drive F: | 1003,22 Mb Total Space | 972,19 Mb Free Space | 96,91% Space Free | Partition Type: FAT Computer Name: CARINA-PC | User Name: Carina | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.15 16:52:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Carina\Desktop\OTL.exe PRC - [2013.05.13 17:04:27 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.05.08 11:00:23 | 003,364,352 | ---- | M] (Bandoo Media Inc.) -- C:\Programme\Search Results Toolbar\Datamngr\DatamngrUI.exe PRC - [2013.05.08 11:00:19 | 003,022,848 | ---- | M] (Bandoo Media Inc.) -- C:\Programme\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe PRC - [2013.04.04 16:28:25 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2013.04.04 16:28:02 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2013.04.04 16:27:58 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe PRC - [2013.02.26 00:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013.01.18 16:21:02 | 000,873,248 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2013.01.18 16:21:00 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe PRC - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2012.08.17 14:55:26 | 006,212,096 | ---- | M] () -- C:\Programme\Polar\WebSync\WebSync.exe PRC - [2012.08.17 14:43:24 | 000,413,184 | ---- | M] () -- C:\Programme\Polar\Daemon\polard.exe PRC - [2012.07.03 10:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Common Files\Java\Java Update\jucheck.exe PRC - [2011.09.07 09:59:00 | 000,569,072 | ---- | M] (CrossLoop) -- C:\Users\Carina\AppData\Local\CrossLoop\CrossLoopService.exe PRC - [2011.04.13 15:03:38 | 001,298,320 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliType Pro\itype.exe PRC - [2011.04.13 15:02:34 | 001,808,784 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\ipoint.exe PRC - [2011.04.13 15:02:34 | 000,412,560 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\dpupdchk.exe PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011.01.11 01:25:06 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe PRC - [2010.12.08 23:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Programme\DivX\DivX Plus Web Player\DDMService.exe PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2010.05.11 14:35:56 | 000,020,480 | ---- | M] (Carl Zeiss) -- C:\Programme\Carl Zeiss\MTB 2004 - 1.8.0.7\MTB Server Console\MTBService.exe PRC - [2010.02.02 18:47:09 | 000,040,960 | ---- | M] () -- C:\Programme\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE PRC - [2009.09.18 17:02:30 | 001,708,032 | ---- | M] (D-Link Corp.) -- C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe PRC - [2009.08.21 09:27:24 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009.07.07 20:10:14 | 000,151,552 | ---- | M] () -- C:\Windows\System32\ANIWConnService.exe PRC - [2009.06.01 22:20:12 | 000,222,968 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe PRC - [2009.04.21 12:59:02 | 002,869,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\System32\hasplms.exe PRC - [2008.05.20 19:06:00 | 006,144,000 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe ========== Modules (No Company Name) ========== MOD - [2013.05.08 11:00:25 | 000,474,112 | ---- | M] () -- C:\Programme\Search Results Toolbar\Datamngr\apcrtldr.dll MOD - [2012.08.17 14:55:26 | 006,212,096 | ---- | M] () -- C:\Programme\Polar\WebSync\WebSync.exe MOD - [2012.08.17 14:43:40 | 000,104,448 | ---- | M] () -- C:\Programme\Polar\WebSync\PTransform.dll MOD - [2012.08.17 14:42:38 | 003,477,504 | ---- | M] () -- C:\Programme\Polar\WebSync\libpolar.dll MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.01.14 17:01:02 | 002,142,720 | ---- | M] () -- C:\Programme\Polar\WebSync\QtCore4.dll MOD - [2011.01.11 01:25:48 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011.01.11 01:25:06 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe MOD - [2010.03.15 12:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2010.02.10 19:45:48 | 000,025,600 | ---- | M] () -- C:\Programme\Polar\WebSync\imageformats\qgif4.dll MOD - [2010.02.10 19:45:40 | 000,119,808 | ---- | M] () -- C:\Programme\Polar\WebSync\imageformats\qjpeg4.dll MOD - [2010.02.10 17:22:16 | 007,971,840 | ---- | M] () -- C:\Programme\Polar\WebSync\QtGui4.dll MOD - [2010.02.10 17:07:32 | 000,929,280 | ---- | M] () -- C:\Programme\Polar\WebSync\QtNetwork4.dll MOD - [2010.02.10 17:06:06 | 000,334,848 | ---- | M] () -- C:\Programme\Polar\WebSync\QtXml4.dll MOD - [2010.02.02 18:47:09 | 000,040,960 | ---- | M] () -- C:\Programme\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE MOD - [2009.07.07 18:50:04 | 000,258,048 | ---- | M] () -- C:\Windows\System32\wlanapp.dll MOD - [2009.06.01 14:23:24 | 000,315,392 | ---- | M] () -- C:\Programme\D-Link\DWL-G122_DWA-110\ANIOApi.dll MOD - [2009.06.01 14:23:24 | 000,315,392 | ---- | M] () -- C:\Programme\ANI\ANIWZCS2 Service\ANIOApi.dll ========== Services (SafeList) ========== SRV - File not found [Auto | Running] -- C:\Program Files\Carl Zeiss\MTB 2004 -- (MTBService_1.8.0.7) SRV - [2013.05.15 16:29:12 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.08 11:00:19 | 003,022,848 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Programme\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe -- (DatamngrCoordinator) SRV - [2013.04.04 16:28:25 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.04.04 16:27:58 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2013.02.26 00:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.09.10 20:43:52 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.08.17 14:43:24 | 000,413,184 | ---- | M] () [Auto | Running] -- C:\Programme\Polar\Daemon\polard.exe -- (Polar Daemon) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011.09.07 09:59:00 | 000,569,072 | ---- | M] (CrossLoop) [Auto | Running] -- C:\Users\Carina\AppData\Local\CrossLoop\CrossLoopService.exe -- (CrossLoopService) SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2010.07.21 08:50:26 | 000,814,080 | ---- | M] (GlavSoft LLC.) [On_Demand | Stopped] -- C:\Users\Carina\AppData\Local\CrossLoop\tvnserver.exe -- (tvnserver) SRV - [2010.05.24 22:46:58 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.07.07 20:10:14 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ANIWConnService.exe -- (ANIWConnService) SRV - [2009.06.01 22:20:12 | 000,222,968 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2009.04.21 12:59:02 | 002,869,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Running] -- C:\Windows\System32\hasplms.exe -- (hasplms) SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - [2013.04.04 16:28:33 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2013.04.04 16:28:33 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013.04.04 16:28:33 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013.04.04 16:28:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2013.02.26 00:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011.04.12 13:01:38 | 000,045,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009.11.02 13:23:15 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009.08.23 23:04:28 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2009.08.23 23:04:27 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2009.08.05 21:59:30 | 000,750,592 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Dnetr28u.sys -- (netr28u) DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009.07.09 14:18:56 | 000,587,776 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (hardlock) DRV - [2009.03.06 18:09:52 | 000,012,800 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\anodlwf.sys -- (anodlwf) DRV - [2009.01.16 12:42:28 | 000,352,256 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aksfridge.sys -- (aksfridge) DRV - [2008.08.06 10:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007.08.17 16:14:44 | 000,891,392 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb) DRV - [2006.10.19 05:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_uid=7914834164344115&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.pgv.at/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchnu.com/406?appid=484 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=484&systemid=406&apn_uid=7914834164344115&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search Results" FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.selectedEngine: "Search Results" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/406?appid=484" FF - prefs.js..extensions.enabledAddons: {C4A4F5A0-4B89-4392-AFAC-D58010E349AF}:5.0.0.7254 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: toolbar@gmx.net:1.5.3 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Carina\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Carina\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.01.31 13:05:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.01.31 13:05:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ [2012.12.19 21:46:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.19 22:56:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.25 12:19:35 | 000,000,000 | ---D | M] [2009.10.29 14:45:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carina\AppData\Roaming\mozilla\Extensions [2013.05.15 16:13:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Carina\AppData\Roaming\mozilla\Firefox\Profiles\1eak1nx7.default\extensions [2013.05.15 16:13:08 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Users\Carina\AppData\Roaming\mozilla\Firefox\Profiles\1eak1nx7.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0} [2013.05.15 16:13:04 | 000,000,000 | ---D | M] (New Tab) -- C:\Users\Carina\AppData\Roaming\mozilla\Firefox\Profiles\1eak1nx7.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF} [2010.10.21 11:27:34 | 000,010,567 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\gmx-suche.xml [2011.02.14 17:18:01 | 000,000,950 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-1.xml [2009.10.28 18:37:56 | 000,000,961 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-2.xml [2009.12.16 18:51:37 | 000,000,961 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-3.xml [2010.01.07 12:35:08 | 000,000,961 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-4.xml [2010.02.19 11:05:38 | 000,000,961 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-5.xml [2010.03.13 14:48:32 | 000,000,950 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin-6.xml [2009.10.22 20:24:42 | 000,000,955 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\icqplugin.xml [2013.05.15 16:13:03 | 000,002,646 | ---- | M] () -- C:\Users\Carina\AppData\Roaming\mozilla\firefox\profiles\1eak1nx7.default\searchplugins\Search_Results.xml [2013.03.13 12:37:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.10.29 14:41:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2012.09.10 20:43:52 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010.08.18 19:39:54 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2012.03.10 19:30:36 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.03 22:04:39 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.03.10 19:30:36 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.03.10 19:30:36 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2013.05.15 16:13:03 | 000,002,646 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml [2012.03.10 19:30:36 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.03.10 19:30:36 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Search Results () CHR - default_search_provider: search_url = hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=484&systemid=406&apn_uid=7914834164344115&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://www.searchnu.com/406?appid=484 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Carina\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Carina\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Carina\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: iLivid New Tabs = C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbajpeofkjjeiamcglnmldoboonfkiol\5.0.0.7254_0\ CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\ CHR - Extension: Google Mail = C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Programme\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Programme\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AutoEJCD_0ACE20FF] C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE () O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Search Results Toolbar\Datamngr\DatamngrUI.exe (Bandoo Media Inc.) O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [D-Link D-Link Wireless G DWL-G122_DWA-110] C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe (D-Link Corp.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [WZCSLDR2] C:\Program Files\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe File not found O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Carina\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{203359B1-567A-441C-99C6-9D3BC5C51AB0}: DhcpNameServer = 195.34.133.21 212.186.211.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82C712C0-9AE2-46F6-A0EE-896FAA65FBE4}: DhcpNameServer = 195.34.133.21 212.186.211.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF9D0D85-E383-4060-85D9-F202E52D71CE}: DhcpNameServer = 212.186.211.21 195.34.133.21 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~2\Wincert\WIN32C~1.DLL) - C:\ProgramData\Wincert\win32cert.dll () O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\Datamngr\mgrldr.dll) - C:\Programme\Search Results Toolbar\Datamngr\mgrldr.dll () O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{4433aa20-0fe5-11df-9aa4-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{4433aa20-0fe5-11df-9aa4-00261812d1fc}\Shell\AutoRun\command - "" = E:\Setup.exe O33 - MountPoints2\{5f3ff7e8-9018-11de-af32-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{5f3ff7e8-9018-11de-af32-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{5f3ff833-9018-11de-af32-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{5f3ff833-9018-11de-af32-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{6363c54f-c6d8-11de-9c3c-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{6363c54f-c6d8-11de-9c3c-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{6363c554-c6d8-11de-9c3c-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{6363c554-c6d8-11de-9c3c-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{a55721d6-c66c-11de-9d98-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{a55721d6-c66c-11de-9d98-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{a55721da-c66c-11de-9d98-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{a55721da-c66c-11de-9d98-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{ac0aebc2-c3e1-11de-9dfc-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{ac0aebc2-c3e1-11de-9dfc-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{da1b26c8-c7a1-11de-9249-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{da1b26c8-c7a1-11de-9249-00261812d1fc}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{da1b26ca-c7a1-11de-9249-00261812d1fc}\Shell - "" = AutoRun O33 - MountPoints2\{da1b26ca-c7a1-11de-9249-00261812d1fc}\Shell\AutoRun\command - "" = J:\AutoRun.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O36 - AppCertDlls: x86 - (C:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll) - C:\Programme\Search Results Toolbar\Datamngr\apcrtldr.dll () O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.15 16:52:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Carina\Desktop\OTL.exe [2013.05.15 16:24:34 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools [2013.05.15 16:22:06 | 000,202,280 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys [2013.05.15 16:22:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools [2013.05.15 16:21:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools [2013.05.15 16:21:48 | 000,000,000 | ---D | C] -- C:\Users\Carina\AppData\Roaming\TestApp [2013.05.15 16:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Wincert [2013.05.15 16:12:51 | 000,000,000 | ---D | C] -- C:\Program Files\Search Results Toolbar [2013.05.15 16:12:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Datamngr [2013.05.13 17:05:57 | 000,066,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avnetflt.sys [2013.04.24 17:04:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013.04.24 17:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013.04.24 17:03:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013.04.24 17:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.15 16:52:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Carina\Desktop\OTL.exe [2013.05.15 16:51:17 | 000,000,000 | ---- | M] () -- C:\Users\Carina\defogger_reenable [2013.05.15 16:49:45 | 000,050,477 | ---- | M] () -- C:\Users\Carina\Desktop\Defogger.exe [2013.05.15 16:44:58 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.15 16:44:58 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.15 16:37:33 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.15 16:37:31 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-Carina-Startup.job [2013.05.15 16:37:30 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.15 16:37:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.15 16:37:14 | 2817,875,968 | -HS- | M] () -- C:\hiberfil.sys [2013.05.15 16:23:49 | 001,971,463 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB [2013.05.15 16:21:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.15 16:17:02 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2893848681-61177469-2285255527-1000UA.job [2013.05.15 16:06:47 | 000,416,024 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.05.15 08:05:26 | 000,657,660 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.05.15 08:05:26 | 000,618,936 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.05.15 08:05:26 | 000,131,032 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.05.15 08:05:26 | 000,107,256 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.05.13 17:05:19 | 000,066,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avnetflt.sys [2013.04.24 17:04:26 | 000,001,759 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.04.24 16:35:49 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2893848681-61177469-2285255527-1000Core.job [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.15 16:51:17 | 000,000,000 | ---- | C] () -- C:\Users\Carina\defogger_reenable [2013.05.15 16:49:44 | 000,050,477 | ---- | C] () -- C:\Users\Carina\Desktop\Defogger.exe [2013.05.15 16:22:11 | 001,971,463 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB [2012.12.21 15:22:00 | 000,141,736 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2011.08.07 19:49:19 | 000,001,936 | ---- | C] () -- C:\Windows\System32\nethasp.ini [2011.02.27 14:48:41 | 000,004,096 | -H-- | C] () -- C:\Users\Carina\AppData\Local\keyfile3.drm [2010.10.19 16:30:20 | 000,000,253 | ---- | C] () -- C:\Users\Carina\AppData\Roaming\ANICONFIG_{82C712C0-9AE2-46F6-A0EE-896FAA65FBE4}.ini [2010.09.20 19:32:41 | 000,003,284 | ---- | C] () -- C:\Users\Carina\AppData\Roaming\ANIWZCS{82C712C0-9AE2-46F6-A0EE-896FAA65FBE4} [2010.05.18 20:52:35 | 000,000,017 | ---- | C] () -- C:\Users\Carina\AppData\Local\resmon.resmoncfg [2009.11.09 00:22:47 | 000,007,680 | ---- | C] () -- C:\Users\Carina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.09.08 23:26:16 | 000,153,157 | ---- | C] () -- C:\Users\Carina\AppData\Roaming\mdbu.bin ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2009.12.06 02:28:18 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Artweaver [2012.12.19 21:35:44 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Canon [2011.08.07 19:56:10 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Carl Zeiss [2012.12.19 21:46:49 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\DVDVideoSoft [2012.01.03 12:53:19 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\DVDVideoSoftIEHelpers [2010.08.18 19:40:52 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Foxit Software [2011.07.26 16:17:00 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\go [2009.10.29 14:45:30 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\ICQ [2011.01.31 13:05:07 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Local [2011.01.14 12:28:07 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\MAGIX [2011.11.27 00:55:33 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Need for Speed World [2011.02.19 23:45:00 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Opera [2009.10.29 14:45:38 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Program Files [2013.01.22 20:55:07 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\TeamViewer [2013.05.15 16:21:48 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\TestApp [2009.10.29 14:45:38 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Ubisoft [2010.07.06 16:23:01 | 000,000,000 | ---D | M] -- C:\Users\Carina\AppData\Roaming\Uniblue ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:C895616B @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84 @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report > Code:
ATTFilter OTL Extras logfile created on: 15.05.2013 16:52:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Carina\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,50 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 72,00% Memory free
7,00 Gb Paging File | 5,90 Gb Available in Paging File | 84,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,17 Gb Total Space | 399,29 Gb Free Space | 66,98% Space Free | Partition Type: NTFS
Drive F: | 1003,22 Mb Total Space | 972,19 Mb Free Space | 96,91% Space Free | Partition Type: FAT
Computer Name: CARINA-PC | User Name: Carina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [BIPA FotoShop] -- "C:\Program Files\BIPA\BIPA FotoShop\BIPA FotoShop.exe" "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\BIPA\BIPA FotoShop\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A674FA0-2CB3-4790-9E61-CAE0E15381B1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{1DAAA982-259B-4CB7-8723-D805EC1AE497}" = lport=137 | protocol=17 | dir=in | app=system |
"{241D5B35-DB2D-4FB6-BBFF-67D1FEEE4D4B}" = lport=10245 | protocol=6 | dir=in | app=system |
"{43E793D7-5991-466A-BE5D-86051A5F0EEA}" = lport=138 | protocol=17 | dir=in | app=system |
"{4900697D-B286-410D-842A-2289735EF935}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{53246178-B2CA-45EC-A9B8-1ED427189B24}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{63AE5D71-7FE3-4743-AB17-5BDB44C54EE5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6638069D-C8E5-4113-85C3-C7BCFD477D77}" = rport=139 | protocol=6 | dir=out | app=system |
"{A2349B29-6BED-447C-BEB3-9E59C5ED5C10}" = rport=137 | protocol=17 | dir=out | app=system |
"{A9CBDC81-D807-4D61-ADA4-68A1ACF6E7BB}" = rport=138 | protocol=17 | dir=out | app=system |
"{AD38B7B9-E403-42B2-9A19-6953B3977E7A}" = lport=139 | protocol=6 | dir=in | app=system |
"{B7CCCE3B-6E57-48B4-9AF3-60794796CEBE}" = lport=445 | protocol=6 | dir=in | app=system |
"{C90BA560-D9FE-4240-9BA0-B70117E97D22}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4CD51F5-E50A-4500-8DDB-5D717B2B00BA}" = rport=445 | protocol=6 | dir=out | app=system |
"{F57F109A-BE28-4A6F-A381-F322C6359D26}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FF2C51D6-4885-4C72-B3DE-5B26CA3DA8B9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0055E993-3151-4C9E-8F4C-9A512DB5E341}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{0066FA10-ECF1-4866-ACF1-E9EF3606797D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{00902EF5-F485-452E-AE3B-55B44C18DD7A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{00FE3C0A-8AD3-4F8E-891C-5EDF08E343D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0295A833-0A31-4150-8915-AFABA70694E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0300931F-9A95-4F4E-BC5C-0682625F5230}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"{04CA7C12-ADE7-4D60-AB94-2859C935EBA4}" = protocol=6 | dir=in | app=c:\users\carina\appdata\local\crossloop\vncviewer.exe |
"{0599EF4E-D327-4FDF-ABC1-5F2EBA9115D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{05C4EC9D-3981-4B11-A0E0-AA786DE903C7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{07D04CF3-3FE3-418D-A33B-4CEE6BC6A53F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{09F3FCDD-97C8-4C1F-8453-F36D6CCB6637}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0A7E64A6-34AF-4659-AE7F-5ADC64633E80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0DA608B7-DCC0-4B22-B7F5-45394CE520E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0E4C447C-9951-4568-92A6-348784D44777}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F7BC9FB-186F-434D-8D86-CA772A90C34E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1216F52D-5DB5-4F0E-A383-B9FCE4639BC4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{122A02E1-F6B1-49B2-8782-93769DD91C93}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1388A37C-81BB-4DAB-ACEC-CAE6FC373A26}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{14342621-622F-4228-8B1B-48DAB66F7347}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{14EF03B7-5485-4D8D-8D15-E63DA5015B87}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{15F5E10F-C1E1-4B62-8321-CF866A04BAB4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1621DDC2-20C1-4652-A12F-25F94D661244}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{16FE85AC-A99C-4CF8-8F26-8316E2E6B350}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1787B378-1E7C-47E7-9B43-B01DF080DD24}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{17B2E263-64CC-4F42-BFDA-82E307208097}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{17D4375D-9AA1-4FC0-9165-54467803AE41}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{17F4C7F8-17CF-4BF3-A2B0-F045A12E7DE6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{18134A2E-0604-4A3F-B754-0C668638017F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{183F6D06-6EBE-4E4B-B846-310684BBA16B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{192AF08B-616B-4EBC-BDAA-10EBC15AA590}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{19830D02-09A8-4E5F-B810-2078D596F4C9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1A1A2219-CCB7-4BA7-ACBF-90FD8550A1D7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1AA71246-3D8D-4719-8E37-D773765E8425}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1C0B8EC5-C93B-48B6-AB2E-58586AC861D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1E4B8478-7EFB-496C-8AF3-8E7196C441F6}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avwsc.exe |
"{202BFE81-F290-4E3A-BB85-4847B8CC3F61}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{20AC3431-D754-4C04-BFC2-7E567F133471}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avgnt.exe |
"{211AB39D-5CB7-461B-B37F-990391226CBF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21CFBBD0-E417-4478-9174-4850A448F268}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{22748D2E-7F4F-40B7-A3EE-CDCF4AA48738}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{22DEF94D-6C78-4275-9D23-AF42479D65D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{238E5A4A-909C-4F0C-A53D-125CB1E371CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{23E7BE83-14CC-4426-A77F-1BD824BCB39F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24D84CB1-2940-4B8B-89C1-E665942C903F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24EA944C-ECD0-41F1-8BDD-09F4AEA56660}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25104C98-CEB7-4A7E-8ADE-B238F077D6D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{251D1122-2D40-45EA-B0DD-670DA78FFC9B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25408085-E7DD-41E8-8BCE-FDFA230948F3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{26FA7928-0754-4B48-8E37-B4D8E35AA43B}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avconfig.exe |
"{286E0660-D387-43D5-AE02-F324B833D1E8}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avwsc.exe |
"{28CB70A6-9CA2-4385-860C-2BA80228629A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{28D2AA3B-A24A-438A-867F-0A6ABA9322B8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{29207982-271F-4CA0-B7EE-9A7B75ACD827}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{292E6D74-87F5-4A61-B46D-92112FB676A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{29DA921F-6453-447F-A9DC-8C1D40AA333C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A84038D-C780-4631-8843-A9D4BEAF166A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2AA8FD77-C961-464F-BBAB-5826946D3B44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B6EC0F6-80C1-4454-A486-07ED49319EEB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2BC58168-2A08-4B30-80A4-DD1CB1FB00C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C2346B3-3B4C-49EA-B854-41F9C99369D0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C97F895-EF5C-48E0-93EE-63E3B6B2C5E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2D2C0EF8-F956-4DFD-90BD-B9907DA84682}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E5B56C3-848A-4394-8B23-9826A8300540}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E96C522-351E-4B53-AA0F-F1E94F455EA0}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avgnt.exe |
"{2FF80E26-2F5A-493D-820D-3A24EC82F13D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{316F4356-7278-48B8-A89F-9A2DF54B48F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{32D19503-AB0D-4E75-9F0C-BBC7B7F3B054}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{330126F9-4A37-4165-B26E-ACBD253374E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{33CF74E7-DAF1-4378-A1BB-895704E7F576}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3482A9C0-27DA-45AA-BB6B-22673B8943C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{34E9A520-6E3C-44F0-AFC3-1EFE33AC34C5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{352FCC43-34C6-415E-81F4-A39C103B34C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{353E0AC5-A6FB-41B1-B184-1A4B07722B44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3779FB99-2BCF-4F1F-B4E2-48F5EC3EF35B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{378DCAF7-A9BE-44DE-BAA2-4188E67A17AC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{38EC8E36-BFD6-466D-BDBC-D9DE6F918CAB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3A74C78B-72E2-46F7-834C-6962B0AC3911}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3A77CB52-CB85-49E3-BF99-616BEB421E0C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3A823DA2-B016-4BFF-8B26-FD07B922AF49}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E3BE273-E9D7-4B8C-85DA-CEE235644C8F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E776395-9214-4A30-B8E2-C120574693A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E9BF6F4-FE2C-4B4F-951F-0E62F6A66FA7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{40ADE1D0-AA11-4D0C-9970-4B08D6055EE9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4208B661-4614-4D8D-9076-85DD126F84BD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{42F4898D-6F42-44BE-A81D-05556328A64F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{430A99B1-051D-4500-9A34-13ACD1B480A6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{43222A06-75A2-4DFF-A416-1563EA2A08D0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{44C482F3-803A-4C0B-B3AC-7DA3ACEB2C84}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{45653639-7EF8-4914-B3F5-BE7E5295F46C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{46C97335-D828-4201-9E2C-308AD0AD487B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47A4D707-C0A1-4C30-850C-3E442A343490}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4855E7E8-5DF9-4081-B6DF-66D98C2CAC44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4875D198-FFB7-4496-A8FE-1229AE7D2334}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4AD1FCAC-7D08-4BF1-8FE1-76A645376CC3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4B0CFCA4-6910-4203-9A16-DB3B2647C486}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4B314D8F-C804-47C0-846B-803B61E0AACC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4B3C2232-4C84-44CD-98EC-3E31C6442573}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4B713531-E6E5-416A-B3FA-37F1EFBF9AA7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4C0ACBED-7965-4BD3-8A6D-8EFE516FDA80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4C6564A4-AE75-4E58-8B7C-864FC02349E6}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avadmin.exe |
"{4CCCC621-8EDB-4532-8B85-A9143C7B3C37}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4EC6D45C-E0FF-495C-A5A8-B3D05F29E34F}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{4F919B05-F6D1-495B-80B4-1F81C246ED25}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4FE4559A-03DA-4D6A-A3DC-4B3C404F7D84}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{517300F5-BEE1-4E3B-8E3E-FDB7777452F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{517D763B-F7AD-451F-BB3D-E66CBC61E342}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{519C1745-4AF1-403E-9984-9B3FBC8E2D74}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\update.exe |
"{51BDF980-9E12-4BA7-B4C4-B58D97F82028}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{525496F0-B375-4004-B289-44DC28CF858E}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{5255970B-2FFD-4283-BCF5-FF0328B8AC9E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5284E6AE-DDF6-4A30-9B4B-D49EF6231ED7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5358A823-717B-4222-9FBF-522B056734B4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{53A107A3-2BE4-47C6-AD35-479922F54C67}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\update.exe |
"{5484CC9D-5251-43FE-BDD9-5F953492AD34}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{55D84FF3-E1F5-4B9A-BE1D-DAB504E1D47F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{565BED5C-741E-4B94-9B88-0CB6CD4AD9ED}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{5772B82D-F84E-4B05-AC81-BC43D17A3D7E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{59350AF3-B47B-44BA-B645-FC532A09895D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A2817A6-0E6C-4120-8D74-B923C3C0A727}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A39F03B-B7DA-4D98-B782-238C642D18D5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A8D1980-74C7-4013-97E3-2BBDBD290B30}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A9C8D18-E392-4A12-818A-BD0D45871808}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B41DED6-0319-4C56-8CEE-7714905710D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B7C9111-E680-409C-BEF0-DA37071EBDCF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C03DA7B-B420-429E-9572-2B612BCB2B4F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5CFDF149-AC61-4BBA-ABAC-1F72793F2AA5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5D0FC86A-C34E-49FD-B28C-424CBC892200}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5E789807-1F18-4326-B355-D82E97404D2A}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avnotify.exe |
"{5EC75C26-FDC7-484A-8FE4-658E2E79F71C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5F09312A-3FD8-4205-AF95-0625EAB6F76D}" = protocol=6 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{5F284DA6-12C2-4335-8144-2C145744E635}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6117CFB4-8682-4C71-84C2-7A98239E9D2E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{61546535-769C-4BF7-9B6C-25CCC08A9F9C}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avcenter.exe |
"{64211715-536E-4854-9819-9880120B12DA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{656B9DA3-5976-494F-ABFB-77CF6FA62B17}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{65B04F0D-27E4-4C0B-99BE-E6B5D5BE7289}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{672AF4D4-94C9-4828-8DE0-70F7E9301200}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{673E807E-D11B-4FDD-A7FA-C8D96D326BE4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{676F4BB8-30EA-434A-9930-DEE4B8FF8BF3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{67CF4C29-C48A-4F8C-BE9D-0F4242177937}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{680570CD-F772-44A8-8762-01A7BFE651E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{683BDCA7-0F80-4FC2-9F06-926DB068F941}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{688F7904-E2EF-43B4-978F-9D28953820C8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6AE7EB59-9AC5-43F1-91AC-ED773371BB16}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6BCE47BE-E88A-4251-883B-84B5156F1EC6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6CED7DB6-5D1D-45D4-8595-A75B294A56AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6D894EDB-529D-4499-B454-DB75E90195F9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6E36326D-8651-41FC-8618-8E35522D3531}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{6E814916-09E4-410A-8469-AB2738D4137B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6E9557E0-6589-4CC7-86F5-0CE6E15AC6E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7084D282-E9C9-4D72-8D37-3F322175F311}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{71D0C10B-B6A6-4CD2-8450-ABA841224464}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7526F5FD-0222-4396-B288-48E1747C0338}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{78A47DBA-C959-4D45-A5EC-3F5A7FDB95F8}" = protocol=17 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{78C62DA8-AEC4-4B9F-A375-8FD2FD422423}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{78F3EFB5-0D6D-4E66-A8D8-A1F6FDDA1DD4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7A152564-7435-431F-981A-078851FA984F}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\wsctool.exe |
"{7D083521-B7AE-4040-AF5B-E2F7301F6D32}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7ECC2243-E41D-432E-BABC-E62C016BD6C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7F5E5DBA-EE6D-46C7-A4DC-B12E8CF399D1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{80F0F764-11F1-4FF3-A28B-A0F5066645A8}" = protocol=17 | dir=in | app=c:\windows\system32\hasplms.exe |
"{80F63964-A01D-40CE-85A7-FBB86D960AD0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8131910B-D167-4845-B3C1-F9C4DA804450}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{814B1953-9142-4E30-864A-BDD58CA62AE8}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avnotify.exe |
"{81AC29F5-A991-4339-9013-EDFCB18CE989}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{81D0D65D-04F5-4CB2-A53E-4C8EEF89668A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{81ECD401-6E23-491D-BDCD-94B926C0BBB3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{81F9BAA8-61C9-423A-B1E9-3BA007DF9285}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8349D6C6-1A13-4971-BAD2-CDE89BC088B0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{84AC363E-95E2-4425-B582-1C8CD0F0EA0D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{857EBEAA-CC55-4C10-BED4-97A5B9F624BC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8599F8BB-33DB-4C9C-8C6E-DD1F3FF519EE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{85D5E65E-CF64-4288-9983-F13BB465DB2D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{86AEF994-1355-4704-BA35-A8A39E8EE71D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{86EFBDC4-4FBC-4381-B2BE-9EDF39FF8CDD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{86F8F91D-6EDA-481F-BBCF-EEF834D442BF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{87F0F8D8-470F-4637-9C50-941C48AF8956}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8989AB21-2B3E-4D72-BB2A-83444F18F4A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A436F83-96FB-426F-B824-C53AAE268A29}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A44861C-ABFD-491D-833B-3A8D53CCA978}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8B4E8596-0814-403D-9A71-6D847224604D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8B50ACA6-E4FB-47E9-BBA8-A3DBB1679A46}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8DEAE656-BA92-4D40-808B-CD8034870CA2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8EAEE59C-FA47-4E30-9884-64E39E744D04}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8F64A7A9-0C29-49BD-B49A-ABED491ADF39}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8FA5D648-6745-4DB7-89B5-47FD0604BE0D}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{8FE15D00-EAB5-4955-9E0A-F5FD2046449F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90600480-45E5-4254-A2F6-7F6FFE3D95C6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90BD3FDC-1E4E-4623-93E3-905F39D77F5A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90F4B81F-E86E-4164-AF22-D369ED341543}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{91A6B1E7-395E-4C64-961D-5EFDDAFEE6F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{920518AB-BF44-4B63-A3F1-1CC87180979C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{93747CEC-A83A-4652-8146-7BC2B71BF50C}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{94F0523A-A87E-401E-840A-C41869897D25}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avadmin.exe |
"{94F118D9-5EE5-47D7-9EB9-92795D3FC83F}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{95C820C8-7610-4E24-B44C-40E76CE1FD0C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96E75D12-AFBF-48E2-A25C-7BD73E364DA3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{976B6EB1-5468-4A31-BEDF-B9A99B4E168F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9844BE0E-4C55-4856-AA8A-06C9576BA59A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{999D164B-8977-472D-859C-9B266291F1C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9A86F506-08D5-438A-8C8B-DCA59F5B75CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9AB1DC3B-D4E6-40C5-AECA-8D0A55D559FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9B698944-6B3F-456E-B398-56FC0C31E4D4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9CABC77E-0E23-4F71-9012-C344999C2DE3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9CF0C686-6330-421A-9E75-AC25FE419D9E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9D75FF5F-C5E3-4404-B096-C8A27B2F54C8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9DD17C98-BFC5-441C-9152-212654D3E356}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9E738746-8324-481F-BAC6-15CE9223950C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A0CC4871-4C8C-4A83-B610-71455693AA93}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A15C5149-EA8B-49C0-A96C-33A09ACC47F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A2F96852-52C3-40B2-AB31-9C8C6B8164AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A325C812-8E52-4954-9C0A-78607EBDDE62}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A44C0A6B-DA06-4843-B4D4-93AF433BE459}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A5FFDC9C-71F0-4498-956A-B3B724370AED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A618C747-FA6C-408C-A621-38667A9B5300}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A7CFE538-8E6F-4A41-B807-839B21023CA7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A8351F9D-23D3-48D9-94D3-BB1875D71A7F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A8D09748-0909-41D7-AF0E-98A0DF829A2B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{A9319D45-80C6-4DBC-9324-7484FF5D82C6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AA755479-752B-4799-9ADE-98284FB55229}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB4A6D17-2086-4DB0-8E71-63068969028D}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\avconfig.exe |
"{AC0B4FA2-60E1-43A2-8FE8-7AA409E080DB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ACB88B41-6396-4DCD-BE93-A58154681327}" = protocol=6 | dir=in | app=c:\users\carina\appdata\local\crossloop\tvnserver.exe |
"{AE3976A0-9923-4747-B41C-9CF93BB79982}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE4E3828-0E1B-40CE-9AEE-2B4AEDF16952}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AF547FFD-8363-42EF-84B1-92E74A38BBE6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFEA6517-409A-41A1-BD0A-D9AB2B070EA8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFF3DA96-5DC2-450F-932A-22D14928293E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B20898B0-A82E-40B1-8B49-7D56B702D69D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B33794BE-99BF-4A96-A9C9-6CEF581EAA9A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B34D5974-AC2B-4412-8DCF-1C4CA39DDAAA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B4A2C8C2-AA8E-4E15-AB43-88B7A54BBE63}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B5F4B6A1-5FDC-4EAD-8144-FEC1C00D3C97}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B8F348F2-A3F0-46E2-AC82-057C80D9CC41}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B9F2C234-AC1F-4710-B977-8B7EEC2E588A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB35EF20-C1B8-4F0C-83B2-869A4FC0A2D1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB692082-E15D-4953-A7A6-D9F302602D2F}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\avcenter.exe |
"{BBC90554-C0A7-4D3C-857E-BA1E85476C9D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BC74279A-805B-4A0E-8493-35B96CFF32E2}" = protocol=17 | dir=in | app=c:\users\carina\appdata\local\crossloop\tvnserver.exe |
"{BCCD581C-9136-49B3-AE2F-2A930827C799}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD9DC12C-3595-455F-A7F4-DD9E595C923F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BF76E66D-4E85-41AC-ABFE-37BE3397D3AD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BFCDB868-973A-47AE-9F7D-B4678D9472EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C014EC5F-2830-4CE4-BB3E-362F89F0E9E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C0EDE5E7-E9E5-4069-990F-1D94250F18AA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C1E2D1ED-0E0A-4D5E-96CC-D000DC9AA2F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C22A0AB0-1023-4AE7-9F8E-B62EDC979696}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C38BB0A1-4BA8-4801-A86F-9E7B0713EA95}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C447F085-6412-43F4-A609-C52B6855900F}" = protocol=17 | dir=in | app=c:\users\carina\appdata\local\crossloop\vncviewer.exe |
"{C5789609-2985-42BA-A4CC-8C9CB9D387EA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C65324D3-2173-409F-B9B2-9EAFB9BC7C85}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C688B505-13DE-4584-A115-6D8FE0F0521F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C84B7748-7FF2-4616-8ACC-4D58E1D868FC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C99DE429-1681-4C96-9A21-608815D76334}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C9BAD5CF-5D55-46A2-B3C1-C30DAD4332B1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CAD1F7DB-255F-4CC9-B25A-FC5CE070ACD7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CBD9DCF6-0DB8-41E3-99D4-82D6DDB476B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CC1E0228-F2C7-46F3-9888-ECFD3E07CEF3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD042056-2A99-4BEC-B6E3-B5784ECACCDA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CF18AA71-E583-4A97-8257-FD90876FA02F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CFA000AD-4471-4C43-89DB-C383E999FC6B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D04E7D16-BF87-4B36-9815-C7B52607B877}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D2E59F70-8065-4FA8-BC77-9D8808088DA3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D361B41C-8285-4C1A-A564-F22CAEC8235F}" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"{D4384AB6-9253-4749-B865-E3E6F5CE41D6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4BF1575-501F-44D4-A0DD-021A7A0C3796}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4D69EB0-4718-4FBC-920D-13930CEA41C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4F11F0B-7627-44B7-A9F4-37A4C467D295}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D51960D7-4430-4C98-9B1B-798CD3CDE756}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5871AEC-6649-4468-BE8B-FAC42D740DB6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5F1B9D9-3685-48DB-AB72-D8172208FC75}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe |
"{D719AEC1-4DAF-423F-826A-869447A3FAE1}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\wsctool.exe |
"{D7324767-CB19-4FE1-A508-9979E9D86340}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D86D77DF-16F0-422C-AF14-5D5FB8274CAB}" = protocol=6 | dir=in | app=c:\windows\system32\hasplms.exe |
"{D91816AC-3692-4C1B-8CA6-BD2527A58088}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D953AC39-D431-4902-ADA7-2424B163856C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DA64409D-7BDD-41A8-9A7A-3E257262B0CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DCA2DF3C-9C62-44AA-B6E6-BD16382D07E2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DCE32E5E-58D5-49B6-9D14-1950C4DA6D05}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DD7406FC-D436-46D3-A370-FE701B58DABF}" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"{DD9B18EF-E7D0-42AE-B328-FA653606F846}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DDAACEC5-160C-43E0-AB96-F385ECA00E5A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DE11A0A4-D448-4A27-9BD8-080B93A67A1F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DE34EDD9-11FA-4A7B-B40F-BA7D9393CC4C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DF9C28CE-5290-4FA0-A558-709837F61024}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe |
"{DFCC54CA-E166-438F-911F-37745FBF2413}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E4780CEC-EBD9-46A6-A116-7092934C59E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E5DC6218-E861-4F30-98E6-3D4349F13B0F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E63C76CA-1B69-4F12-9B3E-7153A7D6E78D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EB00DF19-B60F-4922-9180-16B8B1BE0FB7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EF7E42CF-2472-4939-AFC6-2E73E499D567}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EF8F44A1-75F0-4731-A2B8-F65D268863CE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F02F7A42-F695-45DA-A647-FADEFBD44668}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F0AADB0D-2C4E-4669-95AD-5A6FFAE84341}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F0C612DB-2DDF-4064-97C6-6F94150231E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F417D31F-EF8D-4E0D-8DFA-0ECE3CB87DA1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F4CDE4ED-77F3-46ED-9457-BC70989E682F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F646C45C-53A1-412E-A271-ECBF30ED66A7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F7E95C23-16E6-417F-8A0A-7AC44D66CDDE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F80DBEF5-4C33-4BBA-BDC9-9DE401CA119D}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe |
"{FB2889FC-0612-44DE-B800-10EFA48D3A46}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FD40217F-34B1-4C53-B95A-D21236EF2BA6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FDEC9A9E-0A69-413A-A6AE-AC7D3D43C02C}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{FE6D4125-9524-411A-A59C-A85184AAC94D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FED21B9F-C613-4738-A20B-C5782F6DB01D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FF3E28AA-D4F1-49E6-AC49-3BE9A9126D6E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FF9DCA66-F4CE-4FB6-8007-3A29A800130C}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"TCP Query User{4CF20855-4AE1-4676-812B-77E4BF34E0BB}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{52146F77-6A0A-43E3-9F5E-B3A826CFE536}C:\users\carina\appdata\local\crossloop\crossloopconnect.exe" = protocol=6 | dir=in | app=c:\users\carina\appdata\local\crossloop\crossloopconnect.exe |
"TCP Query User{54EB5727-E238-44CC-B80F-3C731CA98943}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{65E06B44-6FF2-48C0-A6A1-11F98EA47DB8}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{74D2C53C-91E2-4A1C-8DD2-13DA2297DEB3}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{EB38ABBE-3029-4297-A505-D8FDC190A11E}C:\users\carina\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\carina\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{7EF970AD-4BB1-4FD9-BF14-586025D48CF8}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{94178D2D-CAEB-48F7-AC20-0DDAB2E47407}C:\users\carina\appdata\local\crossloop\crossloopconnect.exe" = protocol=17 | dir=in | app=c:\users\carina\appdata\local\crossloop\crossloopconnect.exe |
"UDP Query User{9C2E54DE-F01F-41FD-8E7D-683663434B17}C:\users\carina\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\carina\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{9ED703EC-1F42-4E0B-BA00-82D2DB095998}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{A65CA608-39C9-4965-AE47-17D826173196}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{C0BE0C38-343B-446C-8E6D-C4F844CB79AE}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4100_series" = Canon MG4100 series MP Drivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2BA9320D-E061-4C71-ACCB-AC0E9D4FC82B}" = Polar Daemon
"{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}" = MAGIX Foto Designer 7
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{41D4A454-9DF4-4299-8C30-1BBA753E83E1}" = Polar WebSync
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F753314-628E-4C13-B8AE-BFA7FD514CBE}" = D-Link Wireless G DWL-G122_DWA-110
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_PROPLUS_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_PROPLUS_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_PROPLUS_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{925F1DB6-E86E-4378-9091-D1F68B0583C9}" = iCloud
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96056420-DDF3-46A7-AA8D-BC2D1AE5290B}" = Microsoft IntelliType Pro 8.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2F9B2C-1585-43AD-9EF9-48AAD60DFC04}" = Microsoft IntelliPoint 8.1
"{A025CFB8-64E7-4432-824F-11E7C5ED2ECE}_is1" = Artweaver 1.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7904C62-0B90-4830-AA5D-5192F88FD6EB}" = Carl Zeiss AxioVision Rel. 4.8.2
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint 2.0
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CC}" = WinZip 16.0
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = GMX Softwareaktualisierung
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"BIPA FotoShop" = BIPA FotoShop
"CrossLoop_is1" = CrossLoop 2.81
"DivX Setup.divx.com" = DivX-Setup
"Foxit Reader" = Foxit Reader
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"GetASFStream" = GetASFStream
"HappyFoto-Designer_is1" = HappyFoto-Designer
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"ilividtoolbargaw" = Search-Results Toolbar
"MAGIX_MSI_FotoDesigner7_silver" = MAGIX Foto Designer 7
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1
"Microsoft IntelliType Pro 8.1" = Microsoft IntelliType Pro 8.1
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.10.1652" = Opera 12.10
"PhotoScape" = PhotoScape
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"PROPLUS" = Microsoft Office Professional Plus 2007
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"TeamViewer 8" = TeamViewer 8
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"Google Chrome" = Google Chrome
"START2" = START2
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.05.2013 13:37:09 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 02.05.2013 13:54:31 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.05.2013 01:39:01 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.05.2013 09:47:14 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.05.2013 11:00:30 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 14.05.2013 13:21:26 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.05.2013 01:47:45 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.05.2013 10:07:36 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.05.2013 10:36:04 | Computer Name = Carina-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: pctsSvc.exe, Version: 9.1.0.2894,
Zeitstempel: 0x509054e5 Name des fehlerhaften Moduls: rtl100.bpl, Version: 11.0.2902.10471,
Zeitstempel: 0x475fc385 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000a264 ID des fehlerhaften
Prozesses: 0xe08 Startzeit der fehlerhaften Anwendung: 0x01ce51781e68d30f Pfad der
fehlerhaften Anwendung: C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\PC Tools\PC Tools Security\rtl100.bpl
Berichtskennung:
c54c35fa-bd6c-11e2-b38d-00261812d1fc
Error - 15.05.2013 10:38:59 | Computer Name = Carina-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 04.02.2010 03:33:56 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 08:33:49 - Fehler beim Herstellen der Internetverbindung. 08:33:49
- Serververbindung konnte nicht hergestellt werden..
Error - 04.02.2010 16:23:53 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 21:23:52 - Fehler beim Herstellen der Internetverbindung. 21:23:52
- Serververbindung konnte nicht hergestellt werden..
Error - 05.02.2010 04:59:32 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 09:59:29 - Fehler beim Herstellen der Internetverbindung. 09:59:29
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2010 18:27:20 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 23:27:19 - Fehler beim Herstellen der Internetverbindung. 23:27:19
- Serververbindung konnte nicht hergestellt werden..
Error - 13.02.2010 18:27:28 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 23:27:25 - Fehler beim Herstellen der Internetverbindung. 23:27:25
- Serververbindung konnte nicht hergestellt werden..
Error - 16.02.2010 06:08:07 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 11:08:04 - Fehler beim Herstellen der Internetverbindung. 11:08:04
- Serververbindung konnte nicht hergestellt werden..
Error - 16.02.2010 17:34:46 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 22:34:46 - Fehler beim Herstellen der Internetverbindung. 22:34:46
- Serververbindung konnte nicht hergestellt werden..
Error - 16.02.2010 17:34:54 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 22:34:51 - Fehler beim Herstellen der Internetverbindung. 22:34:51
- Serververbindung konnte nicht hergestellt werden..
Error - 16.02.2010 18:50:08 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 23:50:08 - Fehler beim Herstellen der Internetverbindung. 23:50:08
- Serververbindung konnte nicht hergestellt werden..
Error - 16.02.2010 18:50:14 | Computer Name = Carina-PC | Source = MCUpdate | ID = 0
Description = 23:50:13 - Fehler beim Herstellen der Internetverbindung. 23:50:13
- Serververbindung konnte nicht hergestellt werden..
[ OSession Events ]
Error - 27.02.2011 08:39:21 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 27.02.2011 10:29:18 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 01.04.2011 03:31:12 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 01.05.2011 14:41:15 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 01.05.2011 16:24:06 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 29.07.2011 07:31:42 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2820
seconds with 2640 seconds of active time. This session ended with a crash.
Error - 31.07.2011 16:59:34 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1285
seconds with 1140 seconds of active time. This session ended with a crash.
Error - 29.12.2011 11:30:09 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 30.03.2012 08:20:09 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6362
seconds with 0 seconds of active time. This session ended with a crash.
Error - 03.04.2012 17:20:10 | Computer Name = Carina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16657
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 13.05.2013 11:56:30 | Computer Name = Carina-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "System" den Befehl "chkdsk" aus.
Error - 13.05.2013 11:56:42 | Computer Name = Carina-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 13.05.2013 11:56:49 | Computer Name = Carina-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 13.05.2013 11:57:02 | Computer Name = Carina-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "System" den Befehl "chkdsk" aus.
Error - 13.05.2013 11:57:14 | Computer Name = Carina-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 13.05.2013 11:57:21 | Computer Name = Carina-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 13.05.2013 11:57:34 | Computer Name = Carina-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "System" den Befehl "chkdsk" aus.
Error - 15.05.2013 10:13:12 | Computer Name = Carina-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "Datamngr Coordinator" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 15.05.2013 10:26:27 | Computer Name = Carina-PC | Source = PCTCore | ID = 327960
Description =
Error - 15.05.2013 10:26:27 | Computer Name = Carina-PC | Source = PCTCore | ID = 327960
Description =
< End of report >
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-05-15 17:36:36
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD6400AAKS-65A7B2 rev.01.03B01 596,17GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Carina\AppData\Local\Temp\awlirpod.sys
---- System - GMER 2.1 ----
SSDT 912882A6 ZwCreateSection
SSDT 912882B0 ZwRequestWaitReplyPort
SSDT 912882AB ZwSetContextThread
SSDT 912882B5 ZwSetSecurityObject
SSDT 912882BA ZwSystemDebugControl
SSDT 91288247 ZwTerminateProcess
SSDT \SystemRoot\system32\ntkrnlpa.exe ZwCreateKey [0x83041FEC]
SSDT \SystemRoot\system32\ntkrnlpa.exe[unknown section] [83041FEC] ZwCreateKey [0x83041FEC]
SSDT \SystemRoot\system32\ntkrnlpa.exe ZwOpenKey [0x83041FF1]
SSDT \SystemRoot\system32\ntkrnlpa.exe[unknown section] [83041FF1] ZwOpenKey [0x83041FF1]
INT 0x03 \SystemRoot\system32\ntkrnlpa.exe[unknown section] 83041FF6
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 8307EA09 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 830B81F2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11BF 830BF314 3 Bytes [EC, 1F, 04]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 830BF34C 4 Bytes [A6, 82, 28, 91] {CMPSB ; SUB BYTE [EAX], 0x91}
.text ntkrnlpa.exe!KeRemoveQueueEx + 137F 830BF4D4 3 Bytes [F1, 1F, 04]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1553 830BF6A8 4 Bytes [B0, 82, 28, 91]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1597 830BF6EC 4 Bytes [AB, 82, 28, 91] {STOSD ; SUB BYTE [EAX], 0x91}
.text ...
.text C:\Windows\system32\drivers\aksfridge.sys section is writeable [0xA4206000, 0x47E35, 0xE0000020]
.init C:\Windows\system32\drivers\aksfridge.sys entry point in ".init" section [0xA425A224]
.init C:\Windows\system32\drivers\aksfridge.sys unknown last code section [0xA425A000, 0x4000, 0xE20000E0]
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0xA425E300, 0x3B6D8, 0xE8000020]
.text C:\Windows\system32\drivers\hardlock.sys section is writeable [0xA42A1400, 0x6E6E2, 0xE8000020]
.protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xA432B820] C:\Windows\system32\drivers\hardlock.sys entry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xA432B820]
.protectÿÿÿÿhardlockunknown last code section [0xA432B600, 0x512A, 0xE0000020] C:\Windows\system32\drivers\hardlock.sys unknown last code section [0xA432B600, 0x512A, 0xE0000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0xA4331300, 0x1BEE, 0xE8000020]
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- EOF - GMER 2.1 ----
LG Richard |
|
15.05.2013, 17:09
| #2 |
| /// TB-Ausbilder  | searchnu.com/406?... in IE Firefox und Chrome!! Hinweis an Mitlesende !! Dieses Thema und die Anweisungen sind nur für diesen speziellen Fall gedacht. Sie könnten andere Computer schwer beschädigen. Öffnet bitte euer eigenes Thema.  Ich werde dir bei deinem Problem helfen. Die Bereinigung funktioniert nur, wenn du dich an die folgenden Regeln hälst:  Bitte lesen:Regeln für die Bereinigung
Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!) Deinstallation von Programmen
Schritt 2: AdwCleaner: Werbeprogramme suchen und löschen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3: Scan mit DDS+ (mit attach) Downloade dir bitte DDS (von sUBs) und speichere die Datei auf deinem Desktop.
__________________ |
|
15.05.2013, 17:47
| #3 |
| | searchnu.com/406?... in IE Firefox und Chrome So, hab alle Schritte durchgeführt:
__________________Schritt 1: alles gelöscht was irgendwie nach Toolbar aussah + Programme aus der Liste durchforstet Schritt 2: adwcleaner.exe ausgeführt und hier das Ergebnis: Code:
ATTFilter # AdwCleaner v2.300 - Datei am 15/05/2013 um 18:32:29 erstellt
# Aktualisiert am 28/04/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : Carina - CARINA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Carina\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Users\Carina\AppData\Roaming\Mozilla\Firefox\Profiles\1eak1nx7.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\Carina\AppData\Roaming\Mozilla\Firefox\Profiles\1eak1nx7.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\Carina\AppData\Roaming\Mozilla\Firefox\Profiles\1eak1nx7.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\Carina\AppData\Roaming\Mozilla\Firefox\Profiles\1eak1nx7.default\searchplugins\icqplugin-3.xml
Datei Gelöscht : C:\Users\Carina\AppData\Roaming\Mozilla\Firefox\Profiles\1eak1nx7.default\searchplugins\Search_Results.xml
Gelöscht mit Neustart : C:\Users\Carina\AppData\Local\Temp\Zynga
Ordner Gelöscht : C:\Program Files\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files\ICQ6Toolbar
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Users\Carina\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Carina\AppData\LocalLow\searchresultstb
Ordner Gelöscht : C:\Users\Carina\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Carina\AppData\Roaming\Mozilla\Firefox\Profiles\1eak1nx7.default\Conduit
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\iLividSRTB
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16576
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchnu.com/406?appid=484 --> hxxp://www.google.com
-\\ Mozilla Firefox v15.0.1 (de)
Datei : C:\Users\Carina\AppData\Roaming\Mozilla\Firefox\Profiles\1eak1nx7.default\prefs.js
Gelöscht : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2438727.CTID", "CT2438727");
Gelöscht : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0");
Gelöscht : user_pref("CT2438727.CurrentServerDate", "20-2-2011");
Gelöscht : user_pref("CT2438727.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2438727.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2438727.FirstServerDate", "20-2-2011");
Gelöscht : user_pref("CT2438727.FirstTime", true);
Gelöscht : user_pref("CT2438727.FirstTimeFF3", true);
Gelöscht : user_pref("CT2438727.FirstTimeSettingsDone", true);
Gelöscht : user_pref("CT2438727.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2438727.GroupingInvalidateCache", false);
Gelöscht : user_pref("CT2438727.GroupingLastCheckTime", "0");
Gelöscht : user_pref("CT2438727.GroupingLastServerUpdateTime", "0");
Gelöscht : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2438727.Initialize", true);
Gelöscht : user_pref("CT2438727.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2438727.InstallationAndCookieDataSentCount", 2);
Gelöscht : user_pref("CT2438727.InstalledDate", "Sat Feb 19 2011 22:41:09 GMT+0100");
Gelöscht : user_pref("CT2438727.InvalidateCache", false);
Gelöscht : user_pref("CT2438727.IsGrouping", false);
Gelöscht : user_pref("CT2438727.IsMulticommunity", false);
Gelöscht : user_pref("CT2438727.IsOpenThankYouPage", true);
Gelöscht : user_pref("CT2438727.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2438727.LanguagePackLastCheckTime", "Sat Feb 19 2011 22:41:09 GMT+0100");
Gelöscht : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2438727.LastLogin_2.7.1.3", "Sun Feb 20 2011 10:31:32 GMT+0100");
Gelöscht : user_pref("CT2438727.LatestVersion", "2.7.1.3");
Gelöscht : user_pref("CT2438727.Locale", "en");
Gelöscht : user_pref("CT2438727.LoginCache", 4);
Gelöscht : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2438727.MCDetectTooltipShow", false);
Gelöscht : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2438727.RadioLastCheckTime", "0");
Gelöscht : user_pref("CT2438727.RadioLastUpdateIPServer", "0");
Gelöscht : user_pref("CT2438727.RadioLastUpdateServer", "0");
Gelöscht : user_pref("CT2438727.SearchBoxWidth", 100);
Gelöscht : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gelöscht : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Gelöscht : user_pref("CT2438727.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Sat Feb 19 2011 22:41:13 GMT+0100");
Gelöscht : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2438727.SearchInNewTabUserEnabled", false);
Gelöscht : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Gelöscht : user_pref("CT2438727.SettingsLastCheckTime", "Sun Feb 20 2011 12:36:09 GMT+0100");
Gelöscht : user_pref("CT2438727.SettingsLastUpdate", "1298199977");
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Sat Feb 19 2011 22:41:08 GMT+0100");
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1246790578");
Gelöscht : user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Gelöscht : user_pref("CT2438727.UserID", "UN41013196444286604");
Gelöscht : user_pref("CT2438727.ValidationData_Toolbar", 2);
Gelöscht : user_pref("CT2438727.alertChannelId", "832836");
Gelöscht : user_pref("CT2438727.backendstorage.currentgame", "6661726D");
Gelöscht : user_pref("CT2438727.clientLogIsEnabled", true);
Gelöscht : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gelöscht : user_pref("CT2438727.myStuffEnabled", true);
Gelöscht : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://go.gmx.net/tb/mff_keyurl_search/?[...]
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2438727");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727");
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Feb 20 2011 10:33:44 GMT+0100");
Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Feb 19 2011 22:41:08 GMT+0100");
Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", true);
Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.alert.userId", "{b293320d-f0f1-4a47-abe1-20de4352b7b4}");
Gelöscht : user_pref("browser.search.defaultenginename", "Search Results");
Gelöscht : user_pref("browser.search.order.1", "Search Results");
Gelöscht : user_pref("browser.search.selectedEngine", "Search Results");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.searchnu.com/406?appid=484");
Gelöscht : user_pref("icqtoolbar.allowSendURL", false);
Gelöscht : user_pref("icqtoolbar.engineVerified", true);
Gelöscht : user_pref("icqtoolbar.hiddenElements", "itb_options");
Gelöscht : user_pref("icqtoolbar.history", "e-mails%20anrede||e-mails%20begr%C3%BC%C3%9Fung||e-mails%20begr%C3%[...]
Gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
Gelöscht : user_pref("icqtoolbar.previousFFVersion", "3.5.8");
Gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
Gelöscht : user_pref("icqtoolbar.suggestions", false);
Gelöscht : user_pref("icqtoolbar.uninstStatSent", true);
Gelöscht : user_pref("icqtoolbar.uniqueID", "125105197912510519721251063546467");
Gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1268326245);
Gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");
-\\ Google Chrome v26.0.1410.64
Datei : C:\Users\Carina\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.64] : search_url = "hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=484&systemid=406&apn_uid=[...]
Gelöscht [l.2259] : homepage = "hxxp://www.searchnu.com/406?appid=484",
Gelöscht [l.2849] : urls_to_restore_on_startup = [ "hxxp://www.searchnu.com/406?appid=484" ]
-\\ Opera v12.10.1652.0
Datei : C:\Users\Carina\AppData\Roaming\Opera\Opera\operaprefs.ini
Gelöscht : Home URL=hxxp://www.searchnu.com/406?appid=484
*************************
AdwCleaner[S1].txt - [12607 octets] - [15/05/2013 18:32:29]
########## EOF - C:\AdwCleaner[S1].txt - [12668 octets] ##########
DDS ausgeführt und die Ergebnisse: DDS Logfile: DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16576
Run by Carina at 18:39:10 on 2013-05-15
#Option MBR scan is disabled.
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.3583.2292 [GMT 2:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\ANIWConnService.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\DWL-G122_DWA-110\AirGCFG.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Polar\WebSync\WebSync.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Users\Carina\AppData\Local\CrossLoop\CrossLoopService.exe
C:\Windows\system32\hasplms.exe
C:\Program Files\Carl Zeiss\MTB 2004 - 1.8.0.7\MTB Server Console\MTBService.exe
C:\Program Files\Polar\Daemon\polard.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.pgv.at/
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Google Update] "c:\users\carina\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [AutoEJCD_0ACE20FF] c:\program files\autoinstall\zd1211b_auto_install_cd_only_gen_0ace20ff\AutoEJCD.EXE /VID=0ACE /PID=20FF
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [ANIWZCS2Service] c:\program files\ani\aniwzcs2 service\WZCSLDR2.exe
mRun: [D-Link D-Link Wireless G DWL-G122_DWA-110] c:\program files\d-link\dwl-g122_dwa-110\AirGCFG.exe
mRun: [WZCSLDR2] c:\program files\d-link\dwl-g122_dwa-110\WZCSLDR2.exe
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\polarw~1.lnk - c:\program files\polar\websync\WebSync.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:3
IE: Free YouTube to MP3 Converter - c:\users\carina\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6.5\ICQ.exe
IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\pokerstars.net\PokerStarsUpdate.exe
TCP: NameServer = 212.186.211.21 195.34.133.21
TCP: Interfaces\{203359B1-567A-441C-99C6-9D3BC5C51AB0} : DHCPNameServer = 195.34.133.21 212.186.211.21
TCP: Interfaces\{82C712C0-9AE2-46F6-A0EE-896FAA65FBE4} : DHCPNameServer = 195.34.133.21 212.186.211.21
TCP: Interfaces\{BF9D0D85-E383-4060-85D9-F202E52D71CE} : DHCPNameServer = 212.186.211.21 195.34.133.21
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
AppInit_DLLs=
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\carina\appdata\roaming\mozilla\firefox\profiles\1eak1nx7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\users\carina\appdata\local\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\drivers\anodlwf.sys [2010-9-20 12800]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2013-4-4 37352]
R2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [2010-9-20 151552]
R2 AntiVirSchedulerService;Avira Planer;c:\program files\avira\antivir desktop\sched.exe [2013-4-4 86752]
R2 AntiVirService;Avira Echtzeit-Scanner;c:\program files\avira\antivir desktop\avguard.exe [2013-4-4 110816]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2013-4-4 84744]
R2 CrossLoopService;CrossLoop Service;c:\users\carina\appdata\local\crossloop\CrossLoopService.exe [2012-4-6 569072]
R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
R2 MTBService_1.8.0.7;MTB2004 Server (1.8.0.7);c:\program files\carl zeiss\mtb 2004 - 1.8.0.7\mtb server console\MTBService.exe [2010-5-11 20480]
R2 Polar Daemon;Polar Daemon;c:\program files\polar\daemon\polard.exe [2012-8-17 413184]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2013-1-18 383264]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-1-13 3560288]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\drivers\athrusb.sys [2007-1-8 891392]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 netr28u;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;c:\windows\system32\drivers\Dnetr28u.sys [2010-9-20 750592]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-10 52224]
S3 tvnserver;TightVNC Server;c:\users\carina\appdata\local\crossloop\tvnserver.exe [2012-4-6 814080]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-24 1343400]
.
=============== Created Last 30 ================
.
2013-05-15 14:24:34 -------- d-----w- c:\program files\PC Tools
2013-05-15 14:22:06 202280 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2013-05-15 14:22:06 -------- d-----w- c:\program files\common files\PC Tools
2013-05-15 14:21:49 -------- d-----w- c:\programdata\PC Tools
2013-05-15 14:21:48 -------- d-----w- c:\users\carina\appdata\roaming\TestApp
2013-05-15 14:15:35 7016152 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{471311cb-ca00-4948-b316-9a789ce24363}\mpengine.dll
2013-05-15 05:56:49 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 05:56:49 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 05:56:48 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 05:56:27 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-05-15 05:56:27 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 05:56:27 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-15 05:56:19 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 05:56:19 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-13 15:05:57 66656 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-04-29 14:37:19 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-24 15:03:07 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-04-24 15:03:07 -------- d-----w- c:\program files\iTunes
2013-04-24 15:03:07 -------- d-----w- c:\program files\iPod
.
==================== Find3M ====================
.
2013-05-15 16:29:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-15 16:29:52 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-02 00:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 04:45:16 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-05 05:28:24 1767424 ----a-w- c:\windows\system32\wininet.dll
2013-04-05 05:26:26 2877440 ----a-w- c:\windows\system32\jscript9.dll
2013-04-05 05:26:21 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-04-05 05:26:21 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-04-05 04:29:45 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-04-05 03:38:25 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-04-05 00:50:27 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-04 14:28:33 84744 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-04-04 14:28:33 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-03-19 05:04:13 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48:45 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49:16 69632 ----a-w- c:\windows\system32\smss.exe
2013-03-13 10:37:21 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-13 10:37:21 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-25 22:22:36 1985824 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-02-25 22:22:36 1017120 ----a-w- c:\windows\system32\nvdispco32.dll
2013-02-25 22:22:34 6262608 ----a-w- c:\windows\system32\nvopencl.dll
2013-02-25 22:22:32 892704 ----a-w- c:\windows\system32\nvdispgenco32.dll
2013-02-25 22:22:32 2505144 ----a-w- c:\windows\system32\nvapi.dll
2013-02-25 22:22:32 12641992 ----a-w- c:\windows\system32\nvwgf2um.dll
2013-02-25 22:22:30 15129960 ----a-w- c:\windows\system32\nvd3dum.dll
2013-02-25 22:22:26 7932256 ----a-w- c:\windows\system32\nvcuda.dll
2013-02-25 22:22:22 17560352 ----a-w- c:\windows\system32\nvcompiler.dll
2013-02-25 22:22:08 20449056 ----a-w- c:\windows\system32\nvoglv32.dll
2013-02-25 22:22:06 8939296 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-02-25 22:22:06 2720544 ----a-w- c:\windows\system32\nvcuvid.dll
2013-02-15 04:37:10 3217408 ----a-w- c:\windows\system32\mstscax.dll
2013-02-15 04:34:10 131584 ----a-w- c:\windows\system32\aaclient.dll
2013-02-15 03:25:51 36864 ----a-w- c:\windows\system32\tsgqec.dll
.
============= FINISH: 18:40:03,61 ===============
--- --- --- Code:
ATTFilter . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 29.10.2009 14:02:50 System Uptime: 15.05.2013 18:34:05 (0 hours ago) . Motherboard: ASUSTeK Computer INC. | | P5QL-ASUS-SE Processor: Intel(R) Core(TM)2 Duo CPU E8500 @ 3.16GHz | LGA775 | 3166/333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 596 GiB total, 400,54 GiB free. D: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable J: is Removable K: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP461: 10.09.2012 20:33:13 - Windows-Sicherung RP462: 12.09.2012 00:37:22 - Windows Update RP463: 13.09.2012 17:06:14 - Windows Update RP465: 24.09.2012 20:22:36 - Installiert Medieval II Total War RP467: 24.09.2012 20:41:38 - DirectX wurde installiert RP469: 24.09.2012 20:46:06 - Installiert Medieval II Total War : Kingdoms : Americas RP471: 24.09.2012 20:50:25 - Installiert Medieval II Total War : Kingdoms : Britannia RP473: 24.09.2012 20:52:43 - Installiert Medieval II Total War : Kingdoms : Crusades RP475: 24.09.2012 20:56:16 - Installiert Medieval II Total War : Kingdoms : Teutonic RP476: 24.09.2012 23:11:28 - Windows Update RP477: 26.09.2012 18:22:12 - Windows Update RP478: 04.10.2012 18:58:06 - Geplanter Prüfpunkt RP479: 16.10.2012 00:58:29 - Windows Update RP480: 16.10.2012 22:37:13 - Windows-Sicherung RP481: 16.10.2012 22:46:59 - Windows-Sicherung RP482: 27.10.2012 21:49:55 - Geplanter Prüfpunkt RP483: 29.10.2012 00:05:32 - Installed Java(TM) 6 Update 37 RP484: 11.11.2012 23:26:41 - Geplanter Prüfpunkt RP485: 14.11.2012 02:20:50 - Windows Update RP486: 19.11.2012 00:59:04 - Windows Update RP487: 27.11.2012 19:59:32 - Windows Update RP488: 05.12.2012 21:05:25 - Windows-Sicherung RP489: 14.12.2012 08:27:01 - Windows Update RP490: 19.12.2012 20:37:22 - Removed Bonjour RP491: 19.12.2012 20:44:35 - Windows Update RP492: 21.12.2012 08:09:11 - Windows Update RP493: 10.01.2013 17:55:45 - Windows-Sicherung RP494: 10.01.2013 18:47:38 - Windows Update RP495: 03.02.2013 21:31:41 - Geplanter Prüfpunkt RP496: 11.02.2013 21:21:08 - Geplanter Prüfpunkt RP497: 15.02.2013 10:11:21 - Windows Update RP498: 13.03.2013 11:36:11 - Removed Java(TM) 6 Update 37 RP499: 13.03.2013 11:37:05 - Installed Java 7 Update 17 RP500: 15.03.2013 22:53:01 - Windows Update RP501: 28.03.2013 20:19:15 - Windows Update RP502: 04.04.2013 16:30:25 - Windows Update RP503: 05.04.2013 02:48:15 - Windows Update RP504: 10.04.2013 23:25:23 - Windows Update RP505: 10.04.2013 23:37:36 - Windows Update RP506: 18.04.2013 22:38:22 - Windows Update RP507: 18.04.2013 23:28:51 - Windows Update RP508: 24.04.2013 16:39:42 - Windows Update RP509: 29.04.2013 16:34:35 - Windows Update RP510: 29.04.2013 17:23:23 - Windows Update RP511: 04.05.2013 07:42:21 - Windows Update RP512: 13.05.2013 17:03:25 - Windows Update RP513: 15.05.2013 08:00:54 - Windows Update RP514: 15.05.2013 18:16:00 - Removed Foxit Toolbar. RP515: 15.05.2013 18:17:43 - Removed Foxit Toolbar. RP516: 15.05.2013 18:31:00 - Removed Java 7 Update 17 . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.6) - Deutsch ANIWZCS2 Service ANNO 1404 Apple Application Support Apple Mobile Device Support Apple Software Update Artweaver 1.0 Avira Free Antivirus BIPA FotoShop Bonjour Canon MG4100 series MP Drivers Carl Zeiss AxioVision Rel. 4.8.2 CrossLoop 2.81 D-Link Wireless G DWL-G122_DWA-110 DivX-Setup DVD Suite EasyBits GO Foxit Reader Free YouTube to MP3 Converter version 3.11.37.1212 GetASFStream GMX Softwareaktualisierung Google Chrome Google Earth Google Update Helper HappyFoto-Designer iCloud ICQ6.5 iPhone-Konfigurationsprogramm iTunes LabelPrint 2.0 MAGIX Foto Designer 7 MediaShow 3.0 Medieval II Total War Medieval II Total War : Kingdoms : Americas Medieval II Total War : Kingdoms : Britannia Medieval II Total War : Kingdoms : Crusades Medieval II Total War : Kingdoms : Teutonic Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Application Error Reporting Microsoft IntelliPoint 8.1 Microsoft IntelliType Pro 8.1 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (German) 2007 Microsoft Office Excel MUI (German) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office InfoPath MUI (German) 2007 Microsoft Office Live Add-in 1.5 Microsoft Office OneNote MUI (German) 2007 Microsoft Office Outlook MUI (German) 2007 Microsoft Office PowerPoint MUI (German) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Italian) 2007 Microsoft Office Proofing (German) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (German) 2007 Microsoft Office Shared MUI (German) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (German) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MobileMe Control Panel Mozilla Firefox 15.0.1 (x86 de) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) neroxml NVIDIA 3D Vision Treiber 311.06 NVIDIA Grafiktreiber 311.06 NVIDIA Install Application NVIDIA PhysX NVIDIA Stereoscopic 3D Driver NVIDIA Systemsteuerung 311.06 NVIDIA Update 1.11.3 NVIDIA Update Components OGA Notifier 2.0.0048.0 Opera 12.10 PhotoNow! 1.0 PhotoScape Polar Daemon Polar WebSync Power2Go 5.0 PowerDirector Express PowerDVD PowerProducer PVSonyDll QuickTime Realtek AC'97 Audio Realtek High Definition Audio Driver Safari SAMSUNG CDMA Modem Driver Set SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung PC Studio 3 USB Driver Installer Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Skype™ 5.10 Spelling Dictionaries Support For Adobe Reader 8 START2 TeamViewer 8 Update für Microsoft Office Excel 2007 Help (KB963678) Update für Microsoft Office Outlook 2007 Help (KB963677) Update für Microsoft Office Powerpoint 2007 Help (KB963669) Update für Microsoft Office Word 2007 Help (KB963665) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition VC80CRTRedist - 8.0.50727.4053 Windows Live ID-Anmelde-Assistent Windows Media Player Firefox Plugin WinRAR WinZip 16.0 . ==== End Of File =========================== LG |
|
15.05.2013, 18:01
| #4 |
| /// TB-Ausbilder | searchnu.com/406?... in IE Firefox und Chrome Ja gut soweit! Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!) Pokerstars noch entfernen. Schritt 2: Windows-Defender abschalten Da du einen anderen Virenscanner benutzt solltest du dringend den windowseigenen Scanner abschalten:
Mehr zu den Hintergründen und einer tieferen Deaktivierung: LINK Schritt 3: Scan mit Combofix
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
15.05.2013, 18:35
| #5 |
| | searchnu.com/406?... in IE Firefox und Chrome Hui, das erste Problem... Schritt 1: Ich finde von Pokerstars nirgends mehr wo was... Hab ich schon bei den ersten Anweisungen deinstalliert... Schritt 2: ausgeführt, auch die tiefere Deaktivierung Schritt 3: noch nicht erledigt wegen unvollendeten Schritt 1... LG |
|
15.05.2013, 18:43
| #6 |
| /// TB-Ausbilder | searchnu.com/406?... in IE Firefox und Chrome Wir killen die Reste mach einfach weiter.
__________________ --> searchnu.com/406?... in IE Firefox und Chrome |
|
15.05.2013, 19:08
| #7 |
| | searchnu.com/406?... in IE Firefox und Chrome Schritt 3: Check. Log: Code:
ATTFilter ComboFix 13-05-15.01 - Carina 15.05.2013 19:50:36.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.3583.2454 [GMT 2:00]
ausgeführt von:: c:\users\Carina\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Carina\AppData\Roaming\Local
c:\users\Carina\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Carina\AppData\Roaming\Local\Temp\DDM\Settings\1.ddi
c:\users\Carina\AppData\Roaming\Local\Temp\DDM\Settings\c2d1e364840d815d4c984e943307c79c.ddr
c:\users\Carina\AppData\Roaming\Local\Temp\DDM\Settings\f6c0fad55b0abc9e399c868ae159586a.ddr
c:\users\Carina\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Carina\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\c2d1e364840d815d4c984e943307c79c.ddp
c:\users\Carina\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\f6c0fad55b0abc9e399c868ae159586a
c:\users\Carina\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\windows\system32\drivers\~GLH0014.TMP
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-04-15 bis 2013-05-15 ))))))))))))))))))))))))))))))
.
.
2013-05-15 17:55 . 2013-05-15 17:55 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-05-15 17:55 . 2013-05-15 17:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-15 14:24 . 2013-05-15 14:24 -------- d-----w- c:\program files\PC Tools
2013-05-15 14:22 . 2013-05-15 14:37 -------- d-----w- c:\program files\Common Files\PC Tools
2013-05-15 14:22 . 2012-11-01 13:35 202280 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2013-05-15 14:21 . 2013-05-15 14:36 -------- d-----w- c:\programdata\PC Tools
2013-05-15 14:21 . 2013-05-15 14:21 -------- d-----w- c:\users\Carina\AppData\Roaming\TestApp
2013-05-15 14:15 . 2013-05-13 06:19 7016152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{471311CB-CA00-4948-B316-9A789CE24363}\mpengine.dll
2013-05-15 05:56 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 05:56 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 05:56 . 2013-04-10 03:14 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 05:56 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-15 05:56 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 05:56 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-05-15 05:56 . 2013-04-10 05:18 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 05:56 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-13 15:05 . 2013-05-13 15:05 66656 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-04-29 14:37 . 2013-04-12 13:45 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-24 15:03 . 2013-04-24 15:04 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-04-24 15:03 . 2013-04-24 15:04 -------- d-----w- c:\program files\iTunes
2013-04-24 15:03 . 2013-04-24 15:03 -------- d-----w- c:\program files\iPod
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 16:29 . 2012-04-06 06:49 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-15 16:29 . 2011-05-16 19:39 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-02 00:06 . 2009-10-04 16:52 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 04:45 . 2013-05-15 05:56 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 05:56 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-05 00:51 . 2013-04-05 00:51 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-05 00:51 . 2013-04-05 00:51 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-04-05 00:51 . 2013-04-05 00:51 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-04-05 00:51 . 2013-04-05 00:51 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-04-05 00:51 . 2013-04-05 00:51 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-04-05 00:51 . 2013-04-05 00:51 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-04-05 00:51 . 2013-04-05 00:51 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-04-05 00:51 . 2013-04-05 00:51 361984 ----a-w- c:\windows\system32\html.iec
2013-04-05 00:51 . 2013-04-05 00:51 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-05 00:51 . 2013-04-05 00:51 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-04-05 00:51 . 2013-04-05 00:51 158720 ----a-w- c:\windows\system32\msls31.dll
2013-04-05 00:51 . 2013-04-05 00:51 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-04-05 00:51 . 2013-04-05 00:51 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-05 00:51 . 2013-04-05 00:51 138752 ----a-w- c:\windows\system32\wextract.exe
2013-04-05 00:51 . 2013-04-05 00:51 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-05 00:51 . 2013-04-05 00:51 12800 ----a-w- c:\windows\system32\mshta.exe
2013-04-05 00:51 . 2013-04-05 00:51 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-04-05 00:50 . 2013-04-05 00:50 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-05 00:50 . 2013-04-05 00:50 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-04-05 00:50 . 2013-04-05 00:50 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-04-05 00:50 . 2013-04-05 00:50 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-05 00:50 . 2013-04-05 00:50 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-05 00:50 . 2013-04-05 00:50 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-04-05 00:50 . 2013-04-05 00:50 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-05 00:50 . 2013-04-05 00:50 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-04-05 00:50 . 2013-04-05 00:50 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-05 00:50 . 2013-04-05 00:50 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-04-05 00:50 . 2013-04-05 00:50 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-05 00:50 . 2013-04-05 00:50 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-05 00:50 . 2013-04-05 00:50 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-04-05 00:50 . 2013-04-05 00:50 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-05 00:50 . 2013-04-05 00:50 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-04-05 00:50 . 2013-04-05 00:50 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-04-05 00:50 . 2013-04-05 00:50 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-04-05 00:50 . 2013-04-05 00:50 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-04-05 00:50 . 2013-04-05 00:50 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-04-05 00:50 . 2013-04-05 00:50 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-04-05 00:50 . 2013-04-05 00:50 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-04-05 00:50 . 2013-04-05 00:50 1504768 ----a-w- c:\windows\system32\d3d11.dll
2013-04-05 00:50 . 2013-04-05 00:50 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-04-05 00:50 . 2013-04-05 00:50 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-04-05 00:50 . 2013-04-05 00:50 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-04-05 00:50 . 2013-04-05 00:50 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-04-05 00:50 . 2013-04-05 00:50 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-04 14:28 . 2013-04-04 14:33 84744 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-04-04 14:28 . 2013-04-04 14:33 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-04-04 14:28 . 2013-04-04 14:33 135136 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-03-19 05:04 . 2013-04-10 21:25 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 21:25 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48 . 2013-04-10 21:25 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49 . 2013-04-10 21:25 69632 ----a-w- c:\windows\system32\smss.exe
2013-03-13 10:37 . 2012-10-28 23:06 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-13 10:37 . 2010-05-27 12:07 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-25 22:22 . 2013-02-25 22:22 1985824 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-02-25 22:22 . 2012-10-10 20:14 1017120 ----a-w- c:\windows\system32\nvdispco32.dll
2013-02-25 22:22 . 2013-02-25 22:22 6262608 ----a-w- c:\windows\system32\nvopencl.dll
2013-02-25 22:22 . 2013-02-25 22:22 2505144 ----a-w- c:\windows\system32\nvapi.dll
2013-02-25 22:22 . 2013-02-25 22:22 12641992 ----a-w- c:\windows\system32\nvwgf2um.dll
2013-02-25 22:22 . 2012-10-10 20:14 892704 ----a-w- c:\windows\system32\nvdispgenco32.dll
2013-02-25 22:22 . 2013-02-25 22:22 15129960 ----a-w- c:\windows\system32\nvd3dum.dll
2013-02-25 22:22 . 2013-02-25 22:22 7932256 ----a-w- c:\windows\system32\nvcuda.dll
2013-02-25 22:22 . 2013-02-25 22:22 17560352 ----a-w- c:\windows\system32\nvcompiler.dll
2013-02-25 22:22 . 2013-02-25 22:22 20449056 ----a-w- c:\windows\system32\nvoglv32.dll
2013-02-25 22:22 . 2013-02-25 22:22 8939296 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-02-25 22:22 . 2013-02-25 22:22 2720544 ----a-w- c:\windows\system32\nvcuvid.dll
2013-02-15 04:37 . 2013-04-10 21:24 3217408 ----a-w- c:\windows\system32\mstscax.dll
2013-02-15 04:34 . 2013-04-10 21:24 131584 ----a-w- c:\windows\system32\aaclient.dll
2013-02-15 03:25 . 2013-04-10 21:24 36864 ----a-w- c:\windows\system32\tsgqec.dll
2012-09-10 18:43 . 2012-09-10 18:43 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"AutoEJCD_0ACE20FF"="c:\program files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE" [2010-02-02 40960]
"RtHDVCpl"="RtHDVCpl.exe" [2008-05-20 6144000]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2009-08-21 98304]
"D-Link D-Link Wireless G DWL-G122_DWA-110"="c:\program files\D-Link\DWL-G122_DWA-110\AirGCFG.exe" [2009-09-18 1708032]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-01-10 1230704]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-04-13 1298320]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 1808784]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-05-13 345312]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Polar WebSync.lnk - c:\program files\Polar\WebSync\WebSync.exe [2012-8-17 6212096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-02-20 10:35 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-11-29 11:22 58928 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 02:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrusb.sys [x]
R3 netr28u;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\Dnetr28u.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tvnserver;TightVNC Server;c:\users\Carina\AppData\Local\CrossLoop\tvnserver.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwf.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 CrossLoopService;CrossLoop Service;c:\users\Carina\AppData\Local\CrossLoop\CrossLoopService.exe [x]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
S2 MTBService_1.8.0.7;MTB2004 Server (1.8.0.7);c:\program files\Carl Zeiss\MTB 2004 - 1.8.0.7\MTB Server Console\MTBService.exe [x]
S2 Polar Daemon;Polar Daemon;c:\program files\Polar\Daemon\polard.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 16:29]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-15 14:16]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-15 14:16]
.
2013-04-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893848681-61177469-2285255527-1000Core.job
- c:\users\Carina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-06 12:50]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893848681-61177469-2285255527-1000UA.job
- c:\users\Carina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-06 12:50]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to MP3 Converter - c:\users\Carina\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.186.211.21 195.34.133.21
FF - ProfilePath - c:\users\Carina\AppData\Roaming\Mozilla\Firefox\Profiles\1eak1nx7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe
HKLM-Run-WZCSLDR2 - c:\program files\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe
AddRemove-START2 - c:\windows\system32\javaws.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\hasplms.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\RtHDVCpl.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Microsoft IntelliType Pro\dpupdchk.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\System32\WUDFHost.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-05-15 20:01:45 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-05-15 18:01
.
Vor Suchlauf: 8 Verzeichnis(se), 431.788.621.824 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 433.259.618.304 Bytes frei
.
- - End Of File - - CBA4C5FF112E39BD788B880C9D51D07F
 |
|
15.05.2013, 19:11
| #8 |
| /// TB-Ausbilder | searchnu.com/406?... in IE Firefox und Chrome Gut!  Soweit ich das sehe haben wir damit alles Schädliche entfernt. Um sicher sein zu können müssen jetzt noch ein paar Kontrollen machen und werden dann deinen Computer noch auf einen sicheren Stand bringen. Da diese Scans jetzt sehr lange dauern können bitte ich dich mir erst wieder zu schreiben, wenn du auch wirklich alles erledigt hast oder Probleme auftreten sollten. Schritt 1: Quick-Scan mit Malwarebytes Downloade Dir bitteSchritt 2: Hinweis: Der Scan kann sehr lange (einige Stunden) dauern!  Schritt 3: Scan mit SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
15.05.2013, 20:48
| #9 |
| | searchnu.com/406?... in IE Firefox und Chrome Hier bin ich wieder... Vorweg schonmal vielen Dank für deine großartige Hilfe! Unbezahlbar! DANKE Schritt 1: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.05.15.09 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 10.0.9200.16576 Carina :: CARINA-PC [Administrator] 15.05.2013 20:22:09 mbam-log-2013-05-15 (20-22-09).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 241728 Laufzeit: 5 Minute(n), 40 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) ESET (leider 1 Fund) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b6d48c66971f8e4cadd52216876c97de
# engine=13839
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-05-15 07:39:59
# local_time=2013-05-15 09:39:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 97 19673 139318104 12461 0
# compatibility_mode=5893 16776574 100 94 11769 120277990 0 0
# scanned=177631
# found=1
# cleaned=0
# scan_time=4018
sh=ED84E123F74549088C283825E1144AF3B15FEA7A ft=1 fh=56c64ae2896d3a55 vn="Win32/Adware.1ClickDownload.W application" ac=I fn="C:\Users\Carina\Downloads\hader.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.63 Windows 7 Service Pack 1 x86 (UAC is disabled!) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Adobe Flash Player 11.7.700.202 Adobe Reader 8 Adobe Reader out of Date! Adobe Reader 10.1.6 Adobe Reader out of Date! Mozilla Firefox 15.0.1 Firefox out of Date! Google Chrome 26.0.1410.43 Google Chrome 26.0.1410.64 ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` |
|
15.05.2013, 21:25
| #10 |
| /// TB-Ausbilder | searchnu.com/406?... in IE Firefox und Chrome Den Esetfund im Downloadsordner bitte löschen. Prima! Damit wären wir fertig. Wir räumen jetzt noch ein wenig auf und dann habe ich am Ende etwas Lesestoff für dich. Schritt 1: Tools deinstallieren Die Reihenfolge ist hier entscheidend.
Schritt 2: ESET deinstallieren (Optional)
Schritt 3: Update: Adobe Reader
Probiere einen alternativen Viewer für pdf-Dokumente aus. Diese sind meist schlanker, schneller und schleusen sehr viel seltener Schädlinge ein. Mein Vorschlag:
Schritt 4: Update: Firefox, Addons und Plugins
Abschließend noch Tipps zu folgenden Themen:
Lesestoff:Systemupdates Man kann es gar nicht oft genug erwähnen, wie wichtig es ist, sein System aktuell zu halten. Dein Auto bringst du ja auch regelmässig zur Inspektion in die Werkstatt. Stelle also bitte sicher, dass die Systemupdates aktiviert sind:
Lesestoff:Softwareupdates Ebenso wichtig wie die Systemprogramme ist auch die Software, die du täglich nutzt. Die folgende Liste gibt dir einen kleinen Überblick mit Links zu den Updates, welche Programme dringend aktuell gehalten werden müssen (falls du sie überhaupt installiert hast und nutzt), weil durch deren Sicherheitslücken oft Malware auf die Computer gelangen kann:
Lesestoff:Sicherheitssoftware Würde dich jemand nackt auf dem Motorrad auf der Autobahn überholen würdest du auch den Kopf schütteln. Dein Computer braucht auch einen Schutz vor den täglichen kleinen Angriffen durch Schädlinge. Neben hervorragenden kommerziellen Anti-Viren-Lösungen gibt es auch durchaus gute Schutzprogramme, die kostenfrei mit reduziertem Funktionsumfang erhältlich sind. Aber vorsicht, hier gilt nicht "je mehr desto besser". Was du brauchst ist genau einen Virenscanner mit Hintergrundwächter. Nicht mehr und nicht weniger. Es gibt hier viele Produkte auf dem Markt, die einem gute Dienste leisten. Ich persönlich empfehle dir Avast Free Antivirus. Es bietet relativ guten Schutz, bei wenig nerviger Werbung und installiert dir ein Browserplugin, das dich vor gefährlichen Webseiten warnt.
 Lesestoff:Sicheres Surfen Zunächst muss man sagen, dass es üblicherweise immer der menschliche Faktor ist, der es Malware ermöglicht auf einen Computer zu gelangen. Kaufst du Leuten, die an deiner Haustür klingeln, auch sofort ohne nachzudenken irgendwelches Zeug ab? Gewöhne dir daher zunächst einige Verhaltensregeln beim Surfen im Internet an:
Aber selbst bei der peinlichen Einhaltung dieser Regeln kann es dennoch zu einer sogenannten Drive-By-Infektion kommen, bei der ein Schädling aus dem Schutzmechanismus des Webbrowsers ausbricht. Um die Sicherheit noch weiter zu erhöhen gibt es spezielle Schutzsoftware, die deinen Browser noch weiter absichert.
Zuletzt denke bitte über die Benutzung eines alternativen Browsers nach. Programme, die nicht so oft verwendet werden, sind auch nicht so sehr im Focus der "bösen Jungs". D.h. du bist mit einem exotischen Browser eher auf der sicheren Seite. Grundsätzlich bist du erst einmal deutlich sicherer, wenn du nicht den Internet Explorer benutzt.
Damit wünsche ich dir noch viel Spaß beim Surfen im Internet ... und vielleicht möchtest du ja das Trojaner-Board unterstützen? Eine Bitte: Gib mir eine kurze Rückmeldung, wenn alles erledigt ist und keine Fragen mehr vorhanden sind, damit ich diesen Thread aus meinen Abos löschen kann.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
16.05.2013, 16:07
| #11 |
| | searchnu.com/406?... in IE Firefox und Chrome Hallo, hab heute die letzen Schritte ohne Probleme durchgeführt. DANKE, IHR SEID LEGEN.............DÄR Ich werde deine Ratschläge befolgen und hoffe, dass ich mir nix mehr einfange. Tschüsss und noch alles Gute Richard PS: Spende für die Kaffeekasse: Check |
|
16.05.2013, 17:26
| #12 |
| /// TB-Ausbilder | searchnu.com/406?... in IE Firefox und Chrome Schön, dass wir helfen konnten  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen Falls du noch Lob oder Kritik loswerden möchtest, dann gibt es diesen Bereich hier: http://www.trojaner-board.de/lob-kritik-wuensche/
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
| Themen zu searchnu.com/406?... in IE Firefox und Chrome |
| antivir, avira, bandoo, bho, bonjour, canon, converter, error, firefox, flash player, format, gmx.net, helper, home, install.exe, logfile, mozilla, mp3, newtab, plug-in, realtek, registry, rundll, scan, search results toolbar, security, senden, server, software, svchost.exe, udp, windows |
+ R Taste und kopiere folgenden Text in das Ausführen-Fenster und klicke OK.
Linear-Darstellung
