| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Problem mit wssetup Perion NetworkWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
13.06.2013, 23:19
| #1 |
 |  Problem mit wssetup Perion Network Hallo und guten Morgen, seit ca. 3 Wochen bekomme ich beim Start die Meldung das wssetup.exe installiert werden will. Habe das bisher immer abgelehnt aber es nervt langsam. Wie kann ich das beheben? Ich habe im Voraus schon OTL laufen lassen und hier sind die logs: OTL.txt: Code:
ATTFilter OTL logfile created on: 13.06.2013 23:54:40 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,97 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 53,25% Memory free 5,93 Gb Paging File | 4,32 Gb Available in Paging File | 72,80% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 172,79 Gb Total Space | 130,64 Gb Free Space | 75,60% Space Free | Partition Type: NTFS Drive D: | 292,97 Gb Total Space | 205,82 Gb Free Space | 70,25% Space Free | Partition Type: NTFS Drive E: | 1,16 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: THESEUS | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) PRC - c:\Programme\McAfee\SiteAdvisor\saUI.exe (McAfee, Inc.) PRC - C:\Programme\Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Windows\System32\mfevtps.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\SystemCore\mfefire.exe (McAfee, Inc.) PRC - C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation) PRC - C:\Programme\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\MSC\McAPExe.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\AMCore\mcshield.exe (McAfee, Inc.) PRC - C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe () PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\Mcafee\Platform\McUICnt.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\Platform\Core\mchost.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) PRC - C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) PRC - C:\Programme\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Saitek\SD6\Software\SaiMfd.exe (Saitek) PRC - C:\Programme\Saitek\SD6\Software\ProfilerU.exe (Saitek) PRC - C:\Programme\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.) PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Windows\System32\CNAC4RPK.EXE (CANON INC.) ========== Modules (No Company Name) ========== MOD - C:\Programme\Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll () MOD - C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll () MOD - C:\Programme\Notepad++\NppShell_04.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll () MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.) SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe () SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McProxy) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (mcpltsvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McNaiAnn) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (HomeNetSvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (mfecore) -- C:\Programme\Common Files\Mcafee\AMCore\mcshield.exe (McAfee, Inc.) SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.) SRV - (RealNetworks Downloader Resolver Service) -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe () SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (UMVPFSrv) -- C:\Programme\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (MOBKbackup) -- C:\Programme\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.) DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.) DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.) DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.) DRV - (mfencrk) -- C:\Windows\System32\drivers\mfencrk.sys (McAfee, Inc.) DRV - (mfencbdc) -- C:\Windows\System32\drivers\mfencbdc.sys (McAfee, Inc.) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (SSHDRV76) -- C:\Windows\System32\drivers\SSHDRV76.sys () DRV - (HipShieldK) -- C:\Windows\System32\drivers\HipShieldK.sys (McAfee, Inc.) DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (SaiNtBus) -- C:\Windows\System32\drivers\SaiBus.sys (Saitek) DRV - (SaiMini) -- C:\Windows\System32\drivers\SaiMini.sys (Saitek) DRV - (SaiK0836) -- C:\Windows\System32\drivers\SaiK0836.sys (Saitek) DRV - (MOBKFilter) -- C:\Windows\System32\drivers\MOBK.sys (Mozy, Inc.) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 A3 5C FE C0 F0 CD 01 [binary data] IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\SearchScopes,DefaultScope = {080BC3F9-B303-4217-B7B2-8CC17CBA9240} IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\SearchScopes\{080BC3F9-B303-4217-B7B2-8CC17CBA9240}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms} IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\SearchScopes\{AFC2003D-6F44-4DA5-AEF4-38FAEA91689D}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=98A16DE5-141B-48BC-89B8-A39D7A795CB9&apn_sauid=A0AA8B91-DF02-4285-B272-8E5D67203863 IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Sichere Suche" FF - prefs.js..browser.search.order.1: "Sichere Suche" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "www.t-online.de" FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.2 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013.06.07 23:24:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012.12.29 00:55:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012.12.29 00:55:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Firefox\plugins [2013.05.18 23:17:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.05.15 20:42:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.06.04 22:28:10 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Firefox\plugins [2013.05.18 23:17:49 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.05.15 20:42:24 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.11.15 00:22:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2013.05.09 15:55:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dfmor2bm.default\extensions [2013.05.09 15:55:22 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\dfmor2bm.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.02.23 19:46:57 | 000,002,403 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\dfmor2bm.default\searchplugins\askcom.xml [2012.10.29 22:26:10 | 000,003,915 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\dfmor2bm.default\searchplugins\sweetim.xml [2013.06.07 23:24:44 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [ProfilerU] C:\Programme\Saitek\SD6\Software\ProfilerU.exe (Saitek) O4 - HKLM..\Run: [SaiMfd] C:\Programme\Saitek\SD6\Software\SaiMfd.exe (Saitek) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.17.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71A527C9-A78F-4CF0-9884-A3362E5E6AB1}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1813C5F-D8CB-4CC3-9C8D-C30889154739}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.12.14 21:25:31 | 000,000,044 | R--- | M] () - E:\autorun.inf -- [ UDF ] O33 - MountPoints2\{4be601aa-0f0a-11e1-b0bd-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{4be601aa-0f0a-11e1-b0bd-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2011.12.14 21:25:32 | 000,345,896 | R--- | M] (Valve Corporation) O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.13 23:23:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.06.13 23:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2013.06.12 23:03:09 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.06.12 23:03:09 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.06.12 22:56:17 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.06.12 22:56:16 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.06.12 22:56:16 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.06.12 22:56:15 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.06.12 22:56:15 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.06.12 22:56:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.06.12 22:56:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.06.12 22:56:14 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.06.12 22:55:03 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll [2013.06.12 22:54:39 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe [2013.06.12 22:54:38 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll [2013.06.12 22:54:18 | 003,968,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013.06.12 22:54:18 | 003,913,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013.06.12 22:54:13 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2013.06.08 00:53:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Unity [2013.06.07 23:44:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Unity [2013.05.18 23:17:44 | 000,000,000 | ---D | C] -- C:\Program Files\Firefox [2013.05.15 20:42:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [1 C:\Users\***\Desktop\*.tmp files -> C:\Users\***\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.13 23:45:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.13 23:24:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.06.13 23:14:03 | 000,001,861 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk [2013.06.13 23:00:14 | 000,021,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.13 23:00:14 | 000,021,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.13 22:58:28 | 000,697,082 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.06.13 22:58:28 | 000,652,360 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.06.13 22:58:28 | 000,148,346 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.06.13 22:58:28 | 000,121,292 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.06.13 22:51:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.13 22:51:36 | 2389,991,424 | -HS- | M] () -- C:\hiberfil.sys [2013.06.12 00:45:09 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.06.12 00:45:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.06.08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.06.08 13:13:19 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.06.02 23:19:34 | 003,971,347 | ---- | M] () -- C:\Users\***\Desktop\Wasserparameter_FAQ.pdf [2013.05.17 03:26:04 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.05.17 03:25:33 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.05.17 03:25:27 | 002,877,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.05.17 03:25:27 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.05.17 03:25:26 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.05.17 03:25:26 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.05.17 03:25:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.05.15 20:23:22 | 000,327,368 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [1 C:\Users\***\Desktop\*.tmp files -> C:\Users\***\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.12 00:02:21 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk [2013.06.02 23:19:33 | 003,971,347 | ---- | C] () -- C:\Users\***\Desktop\Wasserparameter_FAQ.pdf [2013.01.10 21:50:45 | 000,010,495 | ---- | C] () -- C:\Users\***\MPLATHE_elster_2048.pfx [2012.07.01 10:59:00 | 000,007,597 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg [2012.06.14 22:08:26 | 000,053,760 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV76.sys [2012.06.14 21:22:05 | 000,007,168 | ---- | C] () -- C:\Users\***\.recently-used.xbel [2012.04.15 12:02:45 | 001,257,984 | ---- | C] () -- C:\Windows\System32\SaiC0836.Dll [2012.04.15 12:02:45 | 000,008,192 | ---- | C] () -- C:\Windows\System32\SaiC0836_0C.dll [2012.04.15 12:02:45 | 000,007,680 | ---- | C] () -- C:\Windows\System32\SaiC0836_10.dll [2012.04.15 12:02:45 | 000,007,680 | ---- | C] () -- C:\Windows\System32\SaiC0836_0A.dll [2012.04.15 12:02:45 | 000,007,680 | ---- | C] () -- C:\Windows\System32\SaiC0836_07.dll [2012.04.15 12:02:45 | 000,007,168 | ---- | C] () -- C:\Windows\System32\SaiC0836_19.dll [2012.04.15 12:02:45 | 000,007,168 | ---- | C] () -- C:\Windows\System32\SaiC0836_09.dll [2012.04.15 12:02:45 | 000,007,168 | ---- | C] () -- C:\Windows\System32\SaiC0836_05.dll [2012.04.15 12:02:45 | 000,006,656 | ---- | C] () -- C:\Windows\System32\SaiC0836_0402.dll [2012.04.15 12:02:45 | 000,005,120 | ---- | C] () -- C:\Windows\System32\SaiC0836_11.dll [2012.04.15 12:02:45 | 000,004,608 | ---- | C] () -- C:\Windows\System32\SaiC0836_12.dll [2012.02.22 22:37:48 | 000,000,067 | ---- | C] () -- C:\Users\***\.gtk-bookmarks [2012.01.18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll [2012.01.18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll [2012.01.18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe [2012.01.18 07:22:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2012.01.07 14:08:58 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin [2011.11.14 23:50:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.10.25 22:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OpenVideo.dll [2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OVDecoder.dll ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2013.02.23 15:40:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Firaxis [2012.06.12 21:50:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0 [2012.06.09 22:39:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Kalypso Media [2012.04.28 22:49:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Notepad++ [2011.11.15 21:40:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird [2012.07.19 22:02:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client [2012.04.03 21:14:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ts3overlay [2013.06.08 00:53:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Unity [2012.04.19 22:07:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\wargaming.net ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 13.06.2013 23:54:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,97 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 53,25% Memory free
5,93 Gb Paging File | 4,32 Gb Available in Paging File | 72,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 172,79 Gb Total Space | 130,64 Gb Free Space | 75,60% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 205,82 Gb Free Space | 70,25% Space Free | Partition Type: NTFS
Drive E: | 1,16 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: THESEUS | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-379556155-911974017-2871762651-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{047578E3-FD90-40E3-8322-15F375A12E1E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0D8EC35A-48ED-450E-A593-B1160D1D65BE}" = lport=139 | protocol=6 | dir=in | app=system |
"{0E66D132-C2DD-4AE4-BFDB-892330B2C60C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1ABCB9FB-0BAE-43B5-9B84-7604C77E3442}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{241404C0-427D-43FE-834E-17F6998AF511}" = rport=137 | protocol=17 | dir=out | app=system |
"{247F9E94-7091-4FAE-B25D-B0F082DA40A4}" = rport=139 | protocol=6 | dir=out | app=system |
"{2A748E04-3B6C-410A-9828-BBF3258E07BE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2E3A8DD2-4825-40A1-8E1E-9E80FDF86792}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{32E77889-E3A8-46A5-8E6E-B21874C1BD44}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{37BA7636-BFA8-477E-9D9D-DBE59E9F75AE}" = rport=138 | protocol=17 | dir=out | app=system |
"{3B73B7D0-F0E7-4727-A2BD-E8651B384F46}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48F09685-B280-46C9-A51E-E50C4E4D53F1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{57DF3CD7-B869-4756-8E6B-8AB56E21CF7E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{71F01EFA-416E-4144-A7E0-8D59B878D084}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7386F8FE-B480-4FE8-A46E-4240CD9907F9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{77230255-315D-4502-816C-5A7D241BD38E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8873BE98-2231-4294-A354-1A2B706E7086}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{88CA3A4F-E1EE-4876-ACC0-FBE687D27498}" = rport=445 | protocol=6 | dir=out | app=system |
"{8C55A10B-2A12-4B9E-B860-F2762FE3F361}" = lport=445 | protocol=6 | dir=in | app=system |
"{9128D010-3F4D-46B2-A835-86119302022A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9FA0D5DC-A41C-424D-8EE2-3B03A9040BEC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A6488BA6-AF9C-4479-B3DF-A1C084E2C159}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BC43A7DC-896A-442B-9817-3E4C8A547B4D}" = lport=138 | protocol=17 | dir=in | app=system |
"{D96476F2-A915-44AD-A641-E0669C1CA56D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EF8CAECA-A2FA-4EB5-A742-88C3B5D364E6}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10ED9F71-5824-4A3D-9D93-FE8D17D3D54F}" = protocol=6 | dir=in | app=d:\steamscheiss\steamapps\common\sid meier's civilization v\launcher.exe |
"{10F5A63B-24BF-43CD-A555-4E2437BEF3DA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1615CD30-47CE-4098-9A24-B8985A460BC4}" = protocol=17 | dir=in | app=d:\steamscheiss\steamapps\common\sid meier's civilization v\launcher.exe |
"{18B0BDA8-57DA-4D44-B440-2FDA25E94CC0}" = protocol=17 | dir=in | app=d:\steamscheiss\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{20E0DC4B-ECAC-47E5-B42F-2C63063C558E}" = protocol=6 | dir=in | app=d:\spiele\colonization\colonization.exe |
"{2C6A1D79-8C34-463E-B791-349519983281}" = protocol=6 | dir=out | app=system |
"{2E489351-5E54-49C8-B25D-D372FD672EBC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2E8ED053-9AFC-434D-BD5F-6771A02DF5B7}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{386DA190-3E68-4CE7-B2B7-7FC9FBDD30F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3B64AEDD-8382-4A2F-87F0-B3411086D440}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C0F4880-8C33-4102-8BD8-A9A555DAA987}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{430BE9EB-64D1-4B19-B324-FE384415B1DB}" = protocol=6 | dir=in | app=d:\steamscheiss\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{486824E7-92FC-4DCD-92AC-D2C139B634E7}" = protocol=17 | dir=in | app=d:\spiele\colonization\colonization.exe |
"{4A34CFBC-25F8-46CB-A3B4-3402F5158802}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4AF5C763-DE40-4704-B46D-3FE56D912077}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{4B1B1ECC-BCB7-47DF-BEEB-D767016B9435}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E185E9C-14D0-46E6-85C3-FE6DDC774F2F}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{63C3100B-5913-4B12-91FE-0845F7179E59}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7238AA30-94D3-4B4E-9AF2-DE5AE57C4448}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7CDA8EF6-696F-4E19-847C-CDE21DC74109}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8BDD77B6-7754-49F0-AB55-C83CA79A080D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A766FA33-7555-44CB-8A07-901875EB8F3A}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{A8CAF932-A086-41AC-A789-35E73AC4DE2C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AD6CFAE0-8574-494A-94F1-5AA796574B91}" = protocol=17 | dir=in | app=d:\steamscheiss\steam.exe |
"{B427DF04-719E-4C2A-83FE-8B4DD5503198}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B50662A5-8EA6-4D13-8619-9BFC291296FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C03CFB98-5191-43C4-A942-2B17F4CA13A7}" = protocol=6 | dir=in | app=c:\windows\system32\cnac4rpk.exe |
"{C2C302AF-D8D9-4BB9-9CD8-F905D024C726}" = protocol=17 | dir=in | app=c:\windows\system32\cnac4rpk.exe |
"{C54BB269-E0E9-4AAD-912E-0F0CA98D2F73}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C6F96043-CE87-4C1F-8A3A-90A6A9E6B0F8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF5F56C9-FA1B-489B-89C1-39B22972C7EF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D4A2C669-CED3-412C-BAD2-E0A36C053C78}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D6C351AE-5BC8-450C-889D-7EE73D0A71D3}" = protocol=6 | dir=in | app=d:\steamscheiss\steam.exe |
"{DB7BCDB8-3212-45B7-937F-16A483370BD0}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{E5080E0E-70F7-4320-A350-6F9632CEC4AE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EAF633DE-B6D5-4ADF-A391-F0CB44481290}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{EF3F0F9B-FDD3-4824-B083-D50074264200}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FD502A27-B463-474B-BBF0-BE392B1E2D75}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"TCP Query User{A835BE44-3DDB-437D-B3B9-12D3FB46E240}D:\spiele\panzer corps\update.exe" = protocol=6 | dir=in | app=d:\spiele\panzer corps\update.exe |
"UDP Query User{9DF2871F-B6AC-4FF2-8B96-BC3FB83FADBD}D:\spiele\panzer corps\update.exe" = protocol=17 | dir=in | app=d:\spiele\panzer corps\update.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{011BF729-0369-EF59-4294-11D022AE3538}" = AMD Catalyst Install Manager
"{021B87E2-8DBA-4CFD-8762-9D9F5AE65CF7}" = CCC Help Turkish
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04E24CF0-7DC9-4398-4BAF-E12CCA48A1D2}" = CCC Help Thai
"{077BE218-2ABA-364C-14FE-96DD8CB7289A}" = CCC Help Italian
"{07FE063B-89F4-2397-006E-FB9F12E19894}" = CCC Help Greek
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{10ABE49D-343A-463E-9753-C4C5A05ECEF9}" = Sibelius Scorch (Firefox, Opera, Netscape only)
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.6.7
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C813}_is1" = World of Warplanes
"{1EBDD301-BEDE-78A5-D2A7-51DA367B70A8}" = CCC Help German
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{25D080C2-19A4-427D-A12A-979D674B57F8}}_is1" = Hearts of Iron III Collection Version 3.05
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2B95476F-D50B-4105-B3E0-056BB4830F17}_is1" = DMP_Panzercorps_Mod_3.0_Speech_Sound_Mod_by_Puma
"{35FE995E-5A31-D005-0303-8D9FBBD4B67B}" = Catalyst Control Center Graphics Previews Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42714156-8501-4B44-9CD9-1E101915EACD}" = Smart Technology Programming Software 7.0.1.12
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4FC206D1-6287-440D-8F84-ED26E32FDD56}_is1" = Panzer Corps DMP Afrika Korps Add-on
"{57BB52B7-6B7B-31F3-89F4-4EE8FE5CEF6D}" = Microsoft Help Viewer 1.1
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{650F6AF5-D09E-457B-AE96-A0E19DB61AF4}_is1" = DMP_Panzercorps_Mod_2.0
"{66FF4C48-0083-4E60-8556-B883AB200091}" = Heroes of Might & Magic V: Hammers of Fate
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7C404084-C5A6-42FF-B731-0BAC79A6E134}" = VAIO Original Funktion Einstellungen
"{7C54986D-B318-0985-DD1D-C0446895390C}" = ccc-utility
"{7E5FFC5E-5A7F-864A-2E0D-0B234ED7B14F}" = Catalyst Control Center InstallProxy
"{806139DE-75ED-B576-51AB-697B45EDEF24}" = CCC Help Hungarian
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C02917D-EEB1-31B8-C955-DEA61D698D18}" = CCC Help Dutch
"{8CFD25B4-490E-F871-0AF0-45F720E9AB89}" = CCC Help Russian
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{911B75B5-136D-4EC1-96A2-DEE6A5A1FA60}" = CCC Help Swedish
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95229EF6-F4A1-413A-BA50-668311FAFE19}" = VAIO Original Function Settings
"{987AE03F-234A-3623-BD28-6B31FD1D3AB3}" = Microsoft Visual Studio 2010 Shell (Isolated) - DEU
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A0FE0292-D3BE-3447-80F2-72E032A54875}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}" = Microsoft Xbox 360 Accessories 1.2
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B231624B-699F-6459-F9A4-4A31CB40E35C}" = CCC Help Czech
"{B538BBC3-68C9-98F6-487F-D7592879213E}" = CCC Help Danish
"{B73F4ACE-A7F2-8FC6-D0DA-2E4E42E1DDE2}" = CCC Help Spanish
"{B7C2FEB0-8236-CABE-8CB1-C1A689CF8117}" = CCC Help Polish
"{B7F4467D-DCA0-0DC0-873F-50AA58865E74}" = CCC Help Portuguese
"{BFE49A01-A5FC-64EF-FB43-B1A79E612625}" = CCC Help Chinese Traditional
"{C025595B-A217-7317-65D8-CE7D304FCD30}" = Catalyst Control Center
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C496ED25-F3EC-0CBC-37DB-B31C6E6592C9}" = Application Profiles
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C668416A-9213-4058-B7F2-01A42D85559D}" = Microsoft SQL Server System CLR Types
"{C83CD843-260E-3BD0-86BC-4E613BFDDE0A}" = Microsoft Help Viewer 1.1 Language Pack - DEU
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C962D875-A53E-835A-7DD8-229FCB96D115}" = CCC Help Korean
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF4FD64F-D60A-4FE0-9BC0-94DF17E82A3B}_is1" = Panzer_Corps_DMP_Afrika_Korps_Hotfix_1-1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup
"{D0DDA799-7C8D-4A5A-9F2B-E08B026D2EC8}_is1" = DMP Panzercorps Mod 1.0
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5AFB7E8-D81F-F57F-4D43-EC95E49425FE}" = Catalyst Control Center Localization All
"{D6E74CE8-23BF-F60F-60E2-11D92654C35C}" = CCC Help Japanese
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E21D6DB6-6DAB-3A63-8C09-CB6606D7403B}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU
"{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}" = Microsoft SQL Server 2008 R2 Management Objects
"{EA2D24B9-F8F9-B430-60AA-2931165390E4}" = CCC Help French
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{ED54F892-C128-7AF9-5428-A57B014B0314}" = CCC Help Norwegian
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F14F6129-0E6C-1224-2CDF-C869C8F261A7}" = CCC Help Chinese Standard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F76C09F9-C367-6FB9-4965-A26211D094FC}" = CCC Help English
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FAB9CB0B-9A7C-1960-F4AB-DF4AE61CAE01}" = CCC Help Finnish
"5513-1208-7298-9440" = JDownloader 0.9
"5513-1208-7298-9440-1" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Canon LBP5000" = Canon LBP5000
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"McAfee Security Scan" = McAfee Security Scan Plus
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.1.4.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Help Viewer 1.1 Language Pack - DEU" = Microsoft Help Viewer 1.1 Language Pack - DEU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"Notepad++" = Notepad++
"Panzer Corps1.00" = Panzer Corps
"RealPlayer 16.0" = RealPlayer
"Steam App 16830" = Sid Meier's Civilization V SDK
"Steam App 8930" = Sid Meier's Civilization V
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Wildlife Park 3_is1" = Wildlife Park 3 v1.0
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-379556155-911974017-2871762651-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.06.2013 17:55:27 | Computer Name = Theseus | Source = WinMgmt | ID = 10
Description =
Error - 10.06.2013 17:56:00 | Computer Name = Theseus | Source = VSS | ID = 8194
Description =
Error - 11.06.2013 17:10:19 | Computer Name = Theseus | Source = WinMgmt | ID = 10
Description =
Error - 11.06.2013 17:10:51 | Computer Name = Theseus | Source = VSS | ID = 8194
Description =
Error - 11.06.2013 18:47:10 | Computer Name = Theseus | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft
Visual Studio 10.0\Common7\Packages\Debugger\X64\msvsmon.exe". Die abhängige Assemblierung
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 11.06.2013 18:50:47 | Computer Name = Theseus | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe".
Die
abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 12.06.2013 16:06:21 | Computer Name = Theseus | Source = WinMgmt | ID = 10
Description =
Error - 12.06.2013 16:06:54 | Computer Name = Theseus | Source = VSS | ID = 8194
Description =
Error - 13.06.2013 16:53:32 | Computer Name = Theseus | Source = WinMgmt | ID = 10
Description =
Error - 13.06.2013 16:54:31 | Computer Name = Theseus | Source = VSS | ID = 8194
Description =
[ System Events ]
Error - 07.06.2013 17:24:50 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 08.06.2013 16:26:45 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 09.06.2013 15:12:59 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 10.06.2013 14:44:43 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 10.06.2013 17:53:40 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 11.06.2013 17:08:30 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 11.06.2013 19:00:51 | Computer Name = Theseus | Source = DCOM | ID = 10010
Description =
Error - 12.06.2013 16:04:33 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 13.06.2013 16:51:41 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 13.06.2013 17:12:01 | Computer Name = Theseus | Source = DCOM | ID = 10010
Description =
< End of report >
 Beste Grüße, Martin |
| Themen zu Problem mit wssetup Perion Network |
| autorun, bho, branding, canon, error, fehler, firefox, flash player, format, google, helper, home, install.exe, logfile, mozilla, msiexec.exe, object, plug-in, problem, registry, rundll, scan, security, senden, siteadvisor, software, svchost.exe, taskhost.exe, teamspeak, visual studio, windows |
Baum-Darstellung