|
Log-Analyse und Auswertung: Avast meldet permanent "Bösartige Website blockiert"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
30.06.2013, 11:06 | #1 |
| Avast meldet permanent "Bösartige Website blockiert" Hallo zusammen, ich glaube jetzt hat es mich auch erwischt. Seit heute morgen meldet Avast bei fast allen Websites "Bösartige Website blockiert". Avast selbst hat nichts gefunden, genauso wenig wie Anti-Malware. Ich habe mich an die Anleitung für Hilfesuchende gehalten und hoffe ich habe alles richtig gemacht. OTL Code:
ATTFilter OTL logfile created on: 30.06.2013 10:26:48 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\KL\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,84 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 58,49% Memory free 7,68 Gb Paging File | 5,82 Gb Available in Paging File | 75,73% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 450,16 Gb Total Space | 62,55 Gb Free Space | 13,90% Space Free | Partition Type: NTFS Computer Name: KLSNOTEBOOK | User Name: KL | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.30 10:25:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KL\Downloads\OTL.exe PRC - [2013.06.26 14:15:35 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Users\KL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe PRC - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2012.04.07 05:29:22 | 000,022,120 | ---- | M] () -- C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe PRC - [2012.04.07 05:29:20 | 000,040,552 | ---- | M] () -- C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe PRC - [2012.03.23 11:33:46 | 000,419,408 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe PRC - [2012.03.23 11:33:44 | 000,355,920 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2012.03.23 11:33:44 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2012.03.23 11:33:42 | 001,105,488 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2012.03.21 04:06:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.02.26 21:01:56 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2012.02.19 19:41:40 | 000,072,864 | ---- | M] (Atheros) -- C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe PRC - [2012.01.05 23:22:10 | 000,256,536 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe PRC - [2012.01.05 23:21:44 | 000,296,984 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe PRC - [2011.12.16 06:38:48 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2011.12.16 06:38:46 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2011.12.16 06:38:24 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe PRC - [2011.11.30 05:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe ========== Modules (No Company Name) ========== MOD - [2013.05.15 05:48:41 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll MOD - [2013.01.10 09:30:35 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013.01.10 09:30:17 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013.01.10 09:30:12 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2012.04.07 05:29:22 | 000,022,120 | ---- | M] () -- C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe MOD - [2012.04.07 05:29:20 | 000,040,552 | ---- | M] () -- C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe MOD - [2012.01.05 23:22:36 | 000,465,344 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll ========== Services (SafeList) ========== SRV - [2013.06.12 12:23:13 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.05.07 22:54:53 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012.03.23 11:33:44 | 000,355,920 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2012.03.21 04:06:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.03.08 17:49:30 | 000,107,648 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc) SRV - [2012.02.19 19:41:40 | 000,072,864 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent) SRV - [2012.02.19 14:18:18 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012.02.10 02:41:36 | 000,111,776 | ---- | M] (Atheros Communication Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe -- (DCDhcpService) SRV - [2012.02.07 17:53:48 | 000,871,296 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2012.01.20 16:15:14 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV - [2012.01.05 23:22:10 | 000,256,536 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2011.12.16 06:38:48 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2011.12.16 06:38:46 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2011.12.16 06:38:24 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) SRV - [2011.12.08 16:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2011.11.30 05:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011.08.31 15:11:40 | 002,425,960 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2011.08.05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc) SRV - [2011.08.05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Zune\WMZuneComm.exe -- (WMZuneComm) SRV - [2011.08.05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Zune\ZuneNss.exe -- (ZuneNetworkSvc) SRV - [2011.03.29 06:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.06.28 09:19:47 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2013.06.28 09:19:47 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2013.06.28 09:19:47 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:64bit: - [2013.05.09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2013.05.09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:64bit: - [2013.05.09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2013.05.09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2013.05.09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2012.03.21 04:06:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2012.03.08 18:00:36 | 000,551,552 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2012.03.08 17:59:42 | 000,281,472 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:64bit: - [2012.03.08 17:59:24 | 000,068,736 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:64bit: - [2012.03.08 17:58:54 | 000,168,064 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:64bit: - [2012.03.08 17:58:36 | 000,036,480 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:64bit: - [2012.03.08 17:58:18 | 000,030,848 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:64bit: - [2012.03.08 17:58:00 | 000,111,232 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV:64bit: - [2012.03.08 17:57:42 | 000,340,096 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.26 21:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:64bit: - [2012.02.26 21:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:64bit: - [2012.02.26 21:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:64bit: - [2012.02.15 01:41:34 | 003,538,432 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2012.02.14 04:47:36 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2012.02.07 08:03:06 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2012.02.07 08:03:06 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2012.01.20 16:14:34 | 000,016,128 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2011.12.05 21:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2011.11.30 04:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011.11.09 19:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2011.10.14 07:49:22 | 000,108,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011.09.21 12:08:10 | 000,376,144 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2011.09.02 05:46:28 | 000,339,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:64bit: - [2011.07.14 07:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.07.14 07:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - Extension: Google Docs = C:\Users\KL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\KL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\KL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\KL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: avast! Online Security = C:\Users\KL\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\ CHR - Extension: Google Mail = C:\Users\KL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [InstantUpdate] C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe () O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\KL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C999B788-47CB-483A-8B39-AF1A6B389E9D}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.30 08:46:00 | 000,000,000 | ---D | C] -- C:\Users\KL\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board_files [2013.06.30 07:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.06.30 07:40:29 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.06.30 07:40:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.06.30 06:56:37 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{4440E346-1E80-4894-8B31-7368D71E4341} [2013.06.29 09:39:33 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{A8CE771A-347C-413B-ADDB-09BE33C9314E} [2013.06.28 09:26:12 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{CFA7FDB2-1A79-4822-AD29-76C737385ECC} [2013.06.27 20:34:46 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{9A77776E-F275-436C-9C1D-D9AC165DD28D} [2013.06.27 06:11:08 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{C0DA04C7-1123-4660-B027-ECFB2820C83C} [2013.06.26 14:15:38 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\Spotify [2013.06.26 14:15:22 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Roaming\Spotify [2013.06.26 09:46:48 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{750B1BE6-A929-4C84-BB6E-09F50DF9D895} [2013.06.25 20:35:58 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{385B1D85-05C6-4ABF-90B6-5465CC7F7116} [2013.06.25 07:21:37 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{B0149D2C-757C-4819-B918-7E99B1DC537E} [2013.06.24 08:35:44 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{8C712414-2F34-48E1-AE43-AA4264F8FB7E} [2013.06.23 10:58:39 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{135240E4-6219-4DD7-8FE3-B13829262EB7} [2013.06.22 10:49:25 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{0F4072A4-6D50-4F9B-9302-28523C6769D8} [2013.06.21 08:58:55 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{CE55D110-9D3D-4BAE-915D-94FAE4E0525E} [2013.06.20 06:25:12 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{0337032C-CE74-4BF9-A051-BCDDF53E71F7} [2013.06.19 10:47:58 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{08095C17-CC0A-4CC5-BEE2-61C32719E3AC} [2013.06.18 21:03:23 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{54BF51E9-481A-4449-8246-82075FD20556} [2013.06.18 08:41:11 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{968236A0-CCFE-4F96-84AB-C74704E68B7F} [2013.06.17 20:40:45 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{90A0CB26-3F0E-4A33-ACA9-02566382D85D} [2013.06.17 08:00:18 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{0B935A78-010A-4916-A054-B16200327490} [2013.06.16 10:35:11 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{2CD769BF-A91C-4496-A4E5-429D91D0E498} [2013.06.15 08:35:34 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{8877A9B6-D0E9-4F83-B472-A4078D29DEF2} [2013.06.14 20:01:46 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{9CA246B0-C74E-4FFB-9C82-84461A2FC94D} [2013.06.14 06:31:05 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{F08E8DDB-1493-413C-ADCF-752611B1D6B3} [2013.06.13 09:15:41 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{F0C91894-823B-4AFF-9065-A29277231782} [2013.06.12 21:05:11 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{BFEC4930-8E01-48AC-A33B-24D15C898BCA} [2013.06.12 06:58:57 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{656AE287-3423-4C0A-8F89-7FCA1CD1E918} [2013.06.11 17:17:15 | 000,000,000 | ---D | C] -- C:\Users\KL\Desktop\Kroatien [2013.06.11 09:15:21 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{B053369F-64AD-4A75-8E29-8A29BE0FCB1E} [2013.06.10 07:01:52 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{8601DF17-86F2-4659-A264-2C089DE57846} [2013.06.09 09:23:22 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{96DE9CBD-4582-4AAD-9B26-48089F21CCC5} [2013.06.08 07:58:29 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{13937E5C-7E8B-4315-AC62-B3E52AB4AD15} [2013.06.07 19:44:02 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{03F7089E-0854-4522-AEAD-0D19DE3CD276} [2013.06.07 07:43:37 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{B6750ED3-85BE-4360-8335-CC5C74AC15DE} [2013.06.06 13:22:42 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{45E4F691-D602-42BA-AAD0-30DF14600C27} [2013.06.05 20:32:34 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{3DF929E1-8F62-4A91-ACA9-708DA5DF6893} [2013.06.05 07:53:40 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{7C47D539-3981-407C-8C81-722DF957ABB0} [2013.06.04 07:49:38 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{0E1E4655-C9C1-40D2-8A86-A031C44C4510} [2013.06.03 08:45:27 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{6E736E60-40F7-4263-9C9D-5CBD1D0E783D} [2013.06.02 08:43:42 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{8DEED866-F926-4ED6-828B-055345150854} [2013.06.01 19:07:44 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{193A4809-ECFC-4A12-8D01-08EE4FE3D60B} [2013.05.31 22:25:16 | 000,000,000 | ---D | C] -- C:\Users\KL\AppData\Local\{74E9D6A2-9C05-4F48-8552-42F07D7AE419} [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.30 10:24:30 | 000,000,000 | ---- | M] () -- C:\Users\KL\defogger_reenable [2013.06.30 10:23:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.30 10:09:21 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.30 08:46:00 | 000,060,170 | ---- | M] () -- C:\Users\KL\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.htm [2013.06.30 07:40:33 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.06.30 06:34:39 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.30 06:34:39 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.30 06:27:17 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.30 06:26:54 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat [2013.06.30 06:26:47 | 3094,102,016 | -HS- | M] () -- C:\hiberfil.sys [2013.06.28 09:19:47 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013.06.28 09:19:47 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013.06.28 09:19:47 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013.06.28 09:19:47 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum [2013.06.28 09:19:47 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum [2013.06.28 09:19:47 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum [2013.06.26 14:15:38 | 000,001,797 | ---- | M] () -- C:\Users\KL\Desktop\Spotify.lnk [2013.06.21 08:12:17 | 000,002,147 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.06.17 20:41:53 | 000,394,564 | ---- | M] () -- C:\Users\KL\Desktop\WP_001962.jpg [2013.06.16 10:31:15 | 000,222,159 | ---- | M] () -- C:\Users\KL\Desktop\320082_631178346896402_1646991896_n.jpg [2013.06.14 07:08:29 | 001,500,018 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.06.14 07:08:29 | 000,654,622 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.06.14 07:08:29 | 000,616,464 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.06.14 07:08:29 | 000,130,204 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.06.14 07:08:29 | 000,106,586 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.30 10:24:30 | 000,000,000 | ---- | C] () -- C:\Users\KL\defogger_reenable [2013.06.30 08:45:55 | 000,060,170 | ---- | C] () -- C:\Users\KL\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.htm [2013.06.30 07:40:33 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.06.28 09:19:47 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum [2013.06.26 20:09:21 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum [2013.06.26 20:09:21 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum [2013.06.26 14:15:38 | 000,001,797 | ---- | C] () -- C:\Users\KL\Desktop\Spotify.lnk [2013.06.26 14:15:38 | 000,001,783 | ---- | C] () -- C:\Users\KL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [2013.06.17 20:41:52 | 000,394,564 | ---- | C] () -- C:\Users\KL\Desktop\WP_001962.jpg [2013.06.16 10:31:13 | 000,222,159 | ---- | C] () -- C:\Users\KL\Desktop\320082_631178346896402_1646991896_n.jpg [2012.11.06 12:38:56 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.09.02 10:17:52 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2012.04.20 12:40:15 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin [2012.04.20 12:40:03 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin [2012.04.20 12:40:01 | 013,020,160 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll [2012.04.20 12:40:01 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011.12.08 16:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.07.17 22:11:47 | 000,000,000 | ---D | M] -- C:\Users\KL\AppData\Roaming\clear.fiMVPSDK20 [2012.07.17 12:24:20 | 000,000,000 | ---D | M] -- C:\Users\KL\AppData\Roaming\Screensaver [2013.05.23 20:15:27 | 000,000,000 | ---D | M] -- C:\Users\KL\AppData\Roaming\SoftGrid Client [2013.06.26 20:15:43 | 000,000,000 | ---D | M] -- C:\Users\KL\AppData\Roaming\Spotify [2012.11.06 12:39:46 | 000,000,000 | ---D | M] -- C:\Users\KL\AppData\Roaming\TP [2012.08.10 17:38:44 | 000,000,000 | ---D | M] -- C:\Users\KL\AppData\Roaming\Trillian [2012.07.17 22:09:10 | 000,000,000 | ---D | M] -- C:\Users\KL\AppData\Roaming\WildTangent [2013.03.27 18:36:02 | 000,000,000 | ---D | M] -- C:\Users\KL\AppData\Roaming\Windows Live Writer ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 30.06.2013 10:26:49 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\KL\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,84 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 58,49% Memory free 7,68 Gb Paging File | 5,82 Gb Available in Paging File | 75,73% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 450,16 Gb Total Space | 62,55 Gb Free Space | 13,90% Space Free | Partition Type: NTFS Computer Name: KLSNOTEBOOK | User Name: KL | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{002CC0BF-3904-4C23-9564-5D25A95E1172}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{0973BF21-C2AC-4F69-A0EB-D767DD67088F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1A8B2B02-C01B-424E-90D5-55EA7819C472}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2C257BEB-1F29-4880-A83A-D6D122979BE6}" = rport=138 | protocol=17 | dir=out | app=system | "{34D2FEC4-0160-492D-B1B7-853990B21397}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{4E297349-EF14-4FDD-A4A0-AFB7716DDCF2}" = lport=445 | protocol=6 | dir=in | app=system | "{55EB8E8C-CB4A-4A60-9DE1-027F81ABB6B5}" = lport=2869 | protocol=6 | dir=in | app=system | "{60944049-5F7B-4B9D-9C20-55C147EF619B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{6F4B1A05-01FA-4CF2-9D27-81F7EA979B46}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{799B6C3D-AA70-4963-AAD3-02BA17DA0B1F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{7B9641DB-68BA-47FD-BE62-FDF3DFAA14DC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7CA0DDD2-A066-45C7-A29E-9AFCB542A83D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7DE8BD66-3356-47DE-91CC-1B60859F285E}" = rport=10243 | protocol=6 | dir=out | app=system | "{8293B9F1-0974-4048-8718-3A85869AA795}" = rport=139 | protocol=6 | dir=out | app=system | "{833E408A-151C-4410-8783-F5F22BAD9E41}" = lport=139 | protocol=6 | dir=in | app=system | "{8462577A-5DAA-4433-A03D-CEEA554ACA09}" = lport=53 | protocol=17 | dir=in | app=c:\program files (x86)\acer\wdagent\dcdhcpservice.exe | "{874B84D8-229D-404D-ADCA-343853C2716C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9FBB1F42-3426-4B46-BFDA-4F4F5F3C36FC}" = lport=137 | protocol=17 | dir=in | app=system | "{B8E85BB1-7758-4A8C-86E4-225D0DFF23DB}" = lport=10243 | protocol=6 | dir=in | app=system | "{BC1B280D-B106-4BCD-91AA-704868E40C7E}" = rport=445 | protocol=6 | dir=out | app=system | "{C72B35ED-D451-4433-BEB0-8D84C80E6BBC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{D372645F-802E-40EF-A1DF-DE6DD8E9B263}" = rport=137 | protocol=17 | dir=out | app=system | "{EB9F6715-3CC9-4845-AC81-405C8F4341F7}" = lport=138 | protocol=17 | dir=in | app=system | "{FC7B2128-5E5D-49EF-B24A-DEA555FB1E9D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00407FC0-C7DF-4237-8319-26C59F4E3760}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{006B25EF-A281-4EDC-9E60-CA912422134F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{00FA9DE2-F1F5-4BEC-B29E-E25B86452C37}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{08A662D3-5215-45A1-8108-FDFBE650C53B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{098874EB-9037-43C2-83BD-A922949BD9E3}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{1849142D-A5A1-4611-A93E-E2087EDDFB3C}" = protocol=6 | dir=in | app=c:\users\kl\appdata\roaming\spotify\spotify.exe | "{290ECE2F-54AF-497F-A5FA-D9FBCFBBDBE0}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe | "{29F41322-4F77-4F77-822C-B474EEC87B83}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe | "{2DA03D17-B8D0-43DD-AC65-FFAD408BA315}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe | "{3496ECD2-7950-4790-857F-E9EFF6BBEE03}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe | "{39C2C9E9-1E4D-4F89-8F17-8F0797A3BA7D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{41AF8261-8D41-46EF-AFA6-EC557FA4B87E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{470C7260-CC01-4528-9C79-383BB772E64C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{474442CF-81E0-40A1-9C6B-E5FFB55DD227}" = protocol=17 | dir=in | app=c:\users\kl\appdata\roaming\spotify\spotify.exe | "{482609DB-12F1-490A-B9A1-168F0FDA7557}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4A45F2FF-739F-468A-93B4-0E836EE04474}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4CB6D0E5-9D57-41BE-845B-48D38D6871FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{50B90AEA-8847-4C3B-A1C7-F9CD8335B548}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe | "{5102085A-51F3-4385-8F20-4DB983B00E8F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{52E87FF9-9255-4E69-9659-0B2C2CA00688}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{5B7382A8-87B4-4B4D-9990-61AA55C3FEDE}" = protocol=6 | dir=in | app=c:\users\kl\appdata\roaming\spotify\spotify.exe | "{5C984D1B-46DD-409F-833F-0F2191933DD1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{6B80A51C-4867-475A-9B64-019D2B5687E7}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe | "{6BA8A9DB-B3A7-45DF-B59A-F87AB849A2F0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{71DC16F9-8C3A-40BA-96D2-B9DEB3CECE16}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe | "{7CCAB467-B279-46AA-A281-8F40314437C2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{7D408BA3-2887-460A-91DE-F2509066CAE9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{8C9A0B55-5D63-45A4-9C1F-05147F094FD3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{91D5A409-2711-49A7-8545-EC42B991EC86}" = protocol=17 | dir=in | app=c:\users\kl\appdata\roaming\spotify\spotify.exe | "{9345F05A-6C66-41E4-8541-0A5A4412445A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{9A8906EA-2C66-457E-8BBC-9E97FE040BBA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{BA5E331E-636B-4DB5-BD29-02BF15BB9EDC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{DD143D46-0AD3-4C02-9D23-A76ECDDF9820}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{E36DD768-1AB5-44B0-979D-68E611F4ECCD}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe | "{F47379F9-4316-44EF-8408-8A03B82D9F12}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{F47733D6-8F1D-4B42-B7A7-A6CFABEBCD24}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{FB292C63-F33C-4791-8F40-04EB1131527D}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk20\movie\playmovie.exe | "{FB7903CD-D0F6-47CE-8601-E83BFB8082BA}" = protocol=6 | dir=out | app=system | "{FBF6C1A0-DC34-4C11-80AD-D4FFDAA418A9}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB) "{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources "{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources "{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector "{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources "{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources "{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64) "{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources "{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS) "{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources "{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources "{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources "{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources "{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL) "{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources "{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources "{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources "{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources "{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources "{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources "{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR) "{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS) "{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources "{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG) "{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR) "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources "{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources "{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD) "{682EC6E8-A300-45FD-8F09-0F3A6EA334D6}" = Acer Instant Update Service "{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources "{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP) "{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.5 "{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE) "{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources "{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL) "{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources "{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources "{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK) "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN) "{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources "{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND) "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources "{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune "{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources "{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources "{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT) "{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources "{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY) "{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.32 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.32 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.7.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN) "{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU) "{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources "{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA) "{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA) "{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN) "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources "{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources "{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN) "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources "{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources "{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources "{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources "{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Zune" = Zune [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh "{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials "{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common "{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack "{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3 "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live "{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail "{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh "{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh "{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer "{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar "{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack "{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common "{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials "{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima "{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer "{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{21DD6041-7251-40FA-9D06-C5EB30268E0F}" = Qualcomm Atheros Direct Connect "{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver "{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail "{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack "{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail "{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WiFi Driver Installation "{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common "{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer "{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack "{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh "{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh "{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources "{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh "{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials "{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer "{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery "{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials "{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger "{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live "{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources "{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX "{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live "{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail "{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials "{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer "{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger "{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack "{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack "{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack "{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack "{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources "{542DA303-FB91-4731-9F37-6E518368D3B9}" = Windows Live Messenger "{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri "{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources "{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer "{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack "{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker "{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail "{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh "{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials "{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer "{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources "{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack "{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger "{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh "{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common "{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger "{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker "{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common "{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker "{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer "{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh "{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár "{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack "{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources "{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker "{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh "{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live "{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh "{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common "{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker "{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live "{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common "{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources "{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources "{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer "{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh "{820D0BA3-ACD7-4FB9-A3A7-0ADF0C66A4BE}" = Windows Live Messenger "{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials "{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common "{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials "{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery "{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery "{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger "{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch "{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria "{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail "{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR "{A0382E3C-7384-429A-9BFA-AF5888E5A193}" = Acer Crystal Eye Webcam "{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker "{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker "{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger "{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources "{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials "{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh "{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail "{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common "{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh "{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4 "{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common "{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger "{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common "{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials "{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live "{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources "{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger "{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger "{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common "{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi "{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh "{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger "{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live "{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials "{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh "{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader "{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer "{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger "{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger "{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker "{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common "{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer "{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery "{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack "{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail "{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker "{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker "{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail "{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer "{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack "{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live "{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger "{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources "{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心 "{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common "{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger "{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger "{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack "{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources "{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger "{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos "{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail "{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker "{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie "{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials "{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials "{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker "{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "avast" = avast! Free Antivirus "Google Chrome" = Google Chrome "Identity Card" = Identity Card "InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager "InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}" = Acer Crystal Eye Webcam "InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300 "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "Trillian" = Trillian "VLC media player" = VLC media player 2.0.3 "Winamp" = Winamp "WinLiveSuite" = Windows Live Essentials ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Spotify" = Spotify "Winamp Detect" = Winamp Erkennungs-Plug-in ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 21.02.2013 13:35:19 | Computer Name = KLsNotebook | Source = WinMgmt | ID = 10 Description = Error - 22.02.2013 02:52:44 | Computer Name = KLsNotebook | Source = WinMgmt | ID = 10 Description = Error - 22.02.2013 10:19:39 | Computer Name = KLsNotebook | Source = WinMgmt | ID = 10 Description = Error - 22.02.2013 11:23:14 | Computer Name = KLsNotebook | Source = WinMgmt | ID = 10 Description = Error - 22.02.2013 14:13:07 | Computer Name = KLsNotebook | Source = WinMgmt | ID = 10 Description = Error - 23.02.2013 02:37:05 | Computer Name = KLsNotebook | Source = WinMgmt | ID = 10 Description = Error - 23.02.2013 05:17:08 | Computer Name = KLsNotebook | Source = WinMgmt | ID = 10 Description = Error - 23.02.2013 05:54:35 | Computer Name = KLsNotebook | Source = WinMgmt | ID = 10 Description = Error - 23.02.2013 08:06:12 | Computer Name = KLsNotebook | Source = WinMgmt | ID = 10 Description = Error - 23.02.2013 13:33:50 | Computer Name = KLsNotebook | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 18.05.2013 10:09:13 | Computer Name = KLsNotebook | Source = DCOM | ID = 10010 Description = Error - 20.05.2013 02:48:05 | Computer Name = KLsNotebook | Source = DCOM | ID = 10010 Description = Error - 20.05.2013 04:24:21 | Computer Name = KLsNotebook | Source = DCOM | ID = 10010 Description = Error - 21.05.2013 06:08:53 | Computer Name = KLsNotebook | Source = DCOM | ID = 10010 Description = Error - 22.05.2013 14:57:29 | Computer Name = KLsNotebook | Source = DCOM | ID = 10010 Description = Error - 15.06.2013 02:23:14 | Computer Name = KLsNotebook | Source = Service Control Manager | ID = 7034 Description = Dienst "Client Virtualization Handler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 16.06.2013 04:48:32 | Computer Name = KLsNotebook | Source = DCOM | ID = 10010 Description = Error - 19.06.2013 03:01:49 | Computer Name = KLsNotebook | Source = DCOM | ID = 10010 Description = Error - 25.06.2013 04:09:09 | Computer Name = KLsNotebook | Source = DCOM | ID = 10010 Description = Error - 26.06.2013 14:50:49 | Computer Name = KLsNotebook | Source = WMPNetworkSvc | ID = 866300 Description = < End of report > Was für ein Problem habe ich und wie kann ich es lösen? Vielen Dank schon einmal im voraus, ich hoffe Ihr könnt mir helfen! Geändert von Domspatz (30.06.2013 um 11:21 Uhr) |
30.06.2013, 12:59 | #2 |
/// the machine /// TB-Ausbilder | Avast meldet permanent "Bösartige Website blockiert" Hi,
__________________Systemscan mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
__________________ |
30.06.2013, 15:23 | #3 |
| Avast meldet permanent "Bösartige Website blockiert" Hi
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2013 01 Ran by KL (administrator) on 30-06-2013 16:14:40 Running from C:\Users\KL\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe (Spotify Ltd) C:\Users\KL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Intel Corporation) C:\Windows\system32\igfxext.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [InstantUpdate] C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-07] () HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [12448872 2012-02-14] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 [1158248 2012-02-08] (Realtek Semiconductor) HKLM\...\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe [576376 2012-02-02] (Alps Electric Co., Ltd.) HKLM\...\Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [1021056 2012-03-08] (Atheros Communications) HKLM\...\Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" [800896 2012-03-08] (Atheros Commnucations) HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4123 2012-01-20] () HKLM\...\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated) HKLM\...\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe [13856 2010-02-23] (Microsoft) HKCU\...\Run: [Spotify Web Helper] "C:\Users\KL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1104384 2013-06-26] (Spotify Ltd) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k [296984 2012-01-05] (NTI Corporation) HKLM-x32\...\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft) HKLM-x32\...\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart [506712 2011-06-01] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.) HKLM-x32\...\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291608 2012-02-26] (Intel Corporation) HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software) HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [x] HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [x] AppInit_DLLs: C:\Windows\system32\nvinitx.dll [260928 2012-03-21] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [215360 2012-03-21] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Chrome: ======= CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) CHR Extension: (Google Docs) - C:\Users\KL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\KL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\KL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\KL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (avast! Online Security) - C:\Users\KL\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0 CHR Extension: (Gmail) - C:\Users\KL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software) S3 DCDhcpService; C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe [111776 2012-02-10] (Atheros Communication Inc.) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation) R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [72864 2012-02-19] (Atheros) ==================== Drivers (Whitelisted) ==================== R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software) R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] () R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-28] (AVAST Software) R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-28] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-28] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-06-30 16:14 - 2013-06-30 16:14 - 00000000 ____D C:\FRST 2013-06-30 16:13 - 2013-06-30 16:13 - 01933592 ____A (Farbar) C:\Users\KL\Downloads\FRST64.exe 2013-06-30 12:15 - 2013-06-30 12:15 - 00010618 ____A C:\Users\KL\Desktop\gmer.zip 2013-06-30 12:13 - 2013-06-30 12:13 - 00000000 ____D C:\Program Files (x86)\7-Zip 2013-06-30 12:12 - 2013-06-30 12:12 - 01110476 ____A C:\Users\KL\Downloads\7z920.exe 2013-06-30 11:33 - 2013-06-30 11:33 - 00180774 ____A C:\Users\KL\Desktop\gmer.txt 2013-06-30 10:45 - 2013-06-30 10:45 - 00377856 ____A C:\Users\KL\Downloads\gmer_2.1.19163.exe 2013-06-30 10:33 - 2013-06-30 10:33 - 00099152 ____A C:\Users\KL\Desktop\Extras.Txt 2013-06-30 10:32 - 2013-06-30 10:32 - 00091106 ____A C:\Users\KL\Desktop\OTL.Txt 2013-06-30 10:25 - 2013-06-30 10:25 - 00602112 ____A (OldTimer Tools) C:\Users\KL\Downloads\OTL.exe 2013-06-30 10:24 - 2013-06-30 10:24 - 00000466 ____A C:\Users\KL\Downloads\defogger_disable.log 2013-06-30 10:24 - 2013-06-30 10:24 - 00000000 ____A C:\Users\KL\defogger_reenable 2013-06-30 10:22 - 2013-06-30 10:22 - 00050477 ____A C:\Users\KL\Downloads\Defogger.exe 2013-06-30 08:46 - 2013-06-30 08:46 - 00000000 ____D C:\Users\KL\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board_files 2013-06-30 08:45 - 2013-06-30 08:46 - 00060170 ____A C:\Users\KL\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.htm 2013-06-30 07:40 - 2013-06-30 07:40 - 00001073 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-06-30 07:40 - 2013-06-30 07:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-06-30 07:40 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2013-06-30 07:39 - 2013-06-30 07:40 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\KL\Downloads\mbam-setup-1.75.0.1300.exe 2013-06-30 06:56 - 2013-06-30 06:56 - 00000000 ____D C:\Users\KL\AppData\Local\{4440E346-1E80-4894-8B31-7368D71E4341} 2013-06-29 09:39 - 2013-06-29 09:39 - 00000000 ____D C:\Users\KL\AppData\Local\{A8CE771A-347C-413B-ADDB-09BE33C9314E} 2013-06-28 17:22 - 2013-06-28 17:22 - 00000000 ____A C:\Windows\SysWOW64\sho17B4.tmp 2013-06-28 09:26 - 2013-06-28 09:26 - 00000000 ____D C:\Users\KL\AppData\Local\{CFA7FDB2-1A79-4822-AD29-76C737385ECC} 2013-06-28 09:19 - 2013-06-28 09:19 - 00000175 ____A C:\Windows\System32\Drivers\aswVmm.sys.sum 2013-06-27 20:34 - 2013-06-27 20:34 - 00000000 ____D C:\Users\KL\AppData\Local\{9A77776E-F275-436C-9C1D-D9AC165DD28D} 2013-06-27 06:11 - 2013-06-27 06:11 - 00000000 ____D C:\Users\KL\AppData\Local\{C0DA04C7-1123-4660-B027-ECFB2820C83C} 2013-06-26 20:09 - 2013-06-28 09:19 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum 2013-06-26 20:09 - 2013-06-28 09:19 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum 2013-06-26 14:15 - 2013-06-26 20:15 - 00000000 ____D C:\Users\KL\AppData\Roaming\Spotify 2013-06-26 14:15 - 2013-06-26 20:03 - 00000000 ____D C:\Users\KL\AppData\Local\Spotify 2013-06-26 14:15 - 2013-06-26 14:15 - 00092776 ____A (Spotify Ltd) C:\Users\KL\Downloads\SpotifySetup.exe 2013-06-26 14:15 - 2013-06-26 14:15 - 00001797 ____A C:\Users\KL\Desktop\Spotify.lnk 2013-06-26 09:46 - 2013-06-26 09:46 - 00000000 ____D C:\Users\KL\AppData\Local\{750B1BE6-A929-4C84-BB6E-09F50DF9D895} 2013-06-25 20:35 - 2013-06-25 20:36 - 00000000 ____D C:\Users\KL\AppData\Local\{385B1D85-05C6-4ABF-90B6-5465CC7F7116} 2013-06-25 07:21 - 2013-06-25 07:21 - 00000000 ____D C:\Users\KL\AppData\Local\{B0149D2C-757C-4819-B918-7E99B1DC537E} 2013-06-24 08:35 - 2013-06-24 08:35 - 00000000 ____D C:\Users\KL\AppData\Local\{8C712414-2F34-48E1-AE43-AA4264F8FB7E} 2013-06-23 10:58 - 2013-06-23 10:58 - 00000000 ____D C:\Users\KL\AppData\Local\{135240E4-6219-4DD7-8FE3-B13829262EB7} 2013-06-22 10:49 - 2013-06-22 10:49 - 00000000 ____D C:\Users\KL\AppData\Local\{0F4072A4-6D50-4F9B-9302-28523C6769D8} 2013-06-21 08:58 - 2013-06-21 08:59 - 00000000 ____D C:\Users\KL\AppData\Local\{CE55D110-9D3D-4BAE-915D-94FAE4E0525E} 2013-06-20 06:25 - 2013-06-20 06:25 - 00000000 ____D C:\Users\KL\AppData\Local\{0337032C-CE74-4BF9-A051-BCDDF53E71F7} 2013-06-19 10:47 - 2013-06-19 10:48 - 00000000 ____D C:\Users\KL\AppData\Local\{08095C17-CC0A-4CC5-BEE2-61C32719E3AC} 2013-06-18 21:03 - 2013-06-18 21:03 - 00000000 ____D C:\Users\KL\AppData\Local\{54BF51E9-481A-4449-8246-82075FD20556} 2013-06-18 08:41 - 2013-06-18 08:41 - 00000000 ____D C:\Users\KL\AppData\Local\{968236A0-CCFE-4F96-84AB-C74704E68B7F} 2013-06-17 20:40 - 2013-06-17 20:40 - 00000000 ____D C:\Users\KL\AppData\Local\{90A0CB26-3F0E-4A33-ACA9-02566382D85D} 2013-06-17 08:00 - 2013-06-17 08:00 - 00000000 ____D C:\Users\KL\AppData\Local\{0B935A78-010A-4916-A054-B16200327490} 2013-06-16 10:35 - 2013-06-16 10:35 - 00000000 ____D C:\Users\KL\AppData\Local\{2CD769BF-A91C-4496-A4E5-429D91D0E498} 2013-06-15 08:35 - 2013-06-15 08:35 - 00000000 ____D C:\Users\KL\AppData\Local\{8877A9B6-D0E9-4F83-B472-A4078D29DEF2} 2013-06-14 20:01 - 2013-06-14 20:01 - 00000000 ____D C:\Users\KL\AppData\Local\{9CA246B0-C74E-4FFB-9C82-84461A2FC94D} 2013-06-14 06:31 - 2013-06-14 06:31 - 00000000 ____D C:\Users\KL\AppData\Local\{F08E8DDB-1493-413C-ADCF-752611B1D6B3} 2013-06-13 09:15 - 2013-06-13 09:15 - 00000000 ____D C:\Users\KL\AppData\Local\{F0C91894-823B-4AFF-9065-A29277231782} 2013-06-12 21:05 - 2013-06-12 21:05 - 00000000 ____D C:\Users\KL\AppData\Local\{BFEC4930-8E01-48AC-A33B-24D15C898BCA} 2013-06-12 12:24 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-06-12 12:24 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-06-12 12:24 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-06-12 12:24 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-06-12 12:24 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-06-12 12:24 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-06-12 12:24 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-06-12 12:24 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-06-12 12:24 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-06-12 12:24 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-06-12 12:24 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-06-12 12:24 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-06-12 12:24 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-06-12 12:24 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-06-12 12:24 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-06-12 12:24 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-06-12 12:24 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-06-12 12:24 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-06-12 12:24 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-06-12 12:24 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-06-12 12:24 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-06-12 12:24 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-06-12 12:24 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-06-12 12:24 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-06-12 12:24 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-06-12 12:24 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-06-12 12:24 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-06-12 12:24 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-06-12 12:24 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-06-12 12:24 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-06-12 12:24 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-06-12 12:24 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-06-12 11:51 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2013-06-12 11:51 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2013-06-12 11:51 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2013-06-12 11:51 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll 2013-06-12 11:51 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-06-12 11:51 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-06-12 11:51 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-06-12 11:51 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe 2013-06-12 11:51 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2013-06-12 11:51 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll 2013-06-12 11:51 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll 2013-06-12 11:51 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2013-06-12 11:51 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2013-06-12 11:51 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll 2013-06-12 11:51 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2013-06-12 11:51 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-06-12 11:51 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-06-12 11:51 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-06-12 11:51 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-06-12 06:58 - 2013-06-12 06:59 - 00000000 ____D C:\Users\KL\AppData\Local\{656AE287-3423-4C0A-8F89-7FCA1CD1E918} 2013-06-11 17:17 - 2013-06-11 17:18 - 00000000 ____D C:\Users\KL\Desktop\Kroatien 2013-06-11 09:15 - 2013-06-11 09:15 - 00000000 ____D C:\Users\KL\AppData\Local\{B053369F-64AD-4A75-8E29-8A29BE0FCB1E} 2013-06-10 07:01 - 2013-06-10 07:02 - 00000000 ____D C:\Users\KL\AppData\Local\{8601DF17-86F2-4659-A264-2C089DE57846} 2013-06-09 09:23 - 2013-06-09 09:23 - 00000000 ____D C:\Users\KL\AppData\Local\{96DE9CBD-4582-4AAD-9B26-48089F21CCC5} 2013-06-08 07:58 - 2013-06-08 07:58 - 00000000 ____D C:\Users\KL\AppData\Local\{13937E5C-7E8B-4315-AC62-B3E52AB4AD15} 2013-06-07 19:44 - 2013-06-07 19:44 - 00000000 ____D C:\Users\KL\AppData\Local\{03F7089E-0854-4522-AEAD-0D19DE3CD276} 2013-06-07 07:43 - 2013-06-07 07:43 - 00000000 ____D C:\Users\KL\AppData\Local\{B6750ED3-85BE-4360-8335-CC5C74AC15DE} 2013-06-06 13:22 - 2013-06-06 13:22 - 00000000 ____D C:\Users\KL\AppData\Local\{45E4F691-D602-42BA-AAD0-30DF14600C27} 2013-06-05 20:32 - 2013-06-05 20:32 - 00000000 ____D C:\Users\KL\AppData\Local\{3DF929E1-8F62-4A91-ACA9-708DA5DF6893} 2013-06-05 07:53 - 2013-06-05 07:53 - 00000000 ____D C:\Users\KL\AppData\Local\{7C47D539-3981-407C-8C81-722DF957ABB0} 2013-06-04 07:49 - 2013-06-04 07:49 - 00000000 ____D C:\Users\KL\AppData\Local\{0E1E4655-C9C1-40D2-8A86-A031C44C4510} 2013-06-03 08:45 - 2013-06-03 08:45 - 00000000 ____D C:\Users\KL\AppData\Local\{6E736E60-40F7-4263-9C9D-5CBD1D0E783D} 2013-06-02 08:43 - 2013-06-02 08:43 - 00000000 ____D C:\Users\KL\AppData\Local\{8DEED866-F926-4ED6-828B-055345150854} 2013-06-01 19:07 - 2013-06-01 19:07 - 00000000 ____D C:\Users\KL\AppData\Local\{193A4809-ECFC-4A12-8D01-08EE4FE3D60B} 2013-05-31 22:25 - 2013-05-31 22:25 - 00000000 ____D C:\Users\KL\AppData\Local\{74E9D6A2-9C05-4F48-8552-42F07D7AE419} 2013-05-31 08:41 - 2013-05-31 08:41 - 00000000 ____D C:\Users\KL\AppData\Local\{0A24FA7E-E7CF-4FA8-9037-58F759684020} ==================== One Month Modified Files and Folders ======= 2013-06-30 16:14 - 2013-06-30 16:14 - 00000000 ____D C:\FRST 2013-06-30 16:13 - 2013-06-30 16:13 - 01933592 ____A (Farbar) C:\Users\KL\Downloads\FRST64.exe 2013-06-30 16:09 - 2012-07-17 12:33 - 00001098 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-06-30 16:09 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-06-30 16:09 - 2009-07-14 06:51 - 00133609 ____A C:\Windows\setupact.log 2013-06-30 13:51 - 2012-05-07 22:23 - 01165483 ____A C:\Windows\WindowsUpdate.log 2013-06-30 13:23 - 2012-04-20 13:04 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-06-30 13:09 - 2012-07-17 12:33 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-06-30 12:15 - 2013-06-30 12:15 - 00010618 ____A C:\Users\KL\Desktop\gmer.zip 2013-06-30 12:13 - 2013-06-30 12:13 - 00000000 ____D C:\Program Files (x86)\7-Zip 2013-06-30 12:12 - 2013-06-30 12:12 - 01110476 ____A C:\Users\KL\Downloads\7z920.exe 2013-06-30 11:33 - 2013-06-30 11:33 - 00180774 ____A C:\Users\KL\Desktop\gmer.txt 2013-06-30 10:45 - 2013-06-30 10:45 - 00377856 ____A C:\Users\KL\Downloads\gmer_2.1.19163.exe 2013-06-30 10:33 - 2013-06-30 10:33 - 00099152 ____A C:\Users\KL\Desktop\Extras.Txt 2013-06-30 10:32 - 2013-06-30 10:32 - 00091106 ____A C:\Users\KL\Desktop\OTL.Txt 2013-06-30 10:25 - 2013-06-30 10:25 - 00602112 ____A (OldTimer Tools) C:\Users\KL\Downloads\OTL.exe 2013-06-30 10:24 - 2013-06-30 10:24 - 00000466 ____A C:\Users\KL\Downloads\defogger_disable.log 2013-06-30 10:24 - 2013-06-30 10:24 - 00000000 ____A C:\Users\KL\defogger_reenable 2013-06-30 10:24 - 2012-07-17 12:18 - 00000000 ____D C:\users\KL 2013-06-30 10:22 - 2013-06-30 10:22 - 00050477 ____A C:\Users\KL\Downloads\Defogger.exe 2013-06-30 08:46 - 2013-06-30 08:46 - 00000000 ____D C:\Users\KL\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board_files 2013-06-30 08:46 - 2013-06-30 08:45 - 00060170 ____A C:\Users\KL\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten - Trojaner-Board.htm 2013-06-30 07:40 - 2013-06-30 07:40 - 00001073 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-06-30 07:40 - 2013-06-30 07:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-06-30 07:40 - 2013-06-30 07:39 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\KL\Downloads\mbam-setup-1.75.0.1300.exe 2013-06-30 06:56 - 2013-06-30 06:56 - 00000000 ____D C:\Users\KL\AppData\Local\{4440E346-1E80-4894-8B31-7368D71E4341} 2013-06-30 06:34 - 2009-07-14 06:45 - 00016752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-06-30 06:34 - 2009-07-14 06:45 - 00016752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-06-29 09:39 - 2013-06-29 09:39 - 00000000 ____D C:\Users\KL\AppData\Local\{A8CE771A-347C-413B-ADDB-09BE33C9314E} 2013-06-28 17:22 - 2013-06-28 17:22 - 00000000 ____A C:\Windows\SysWOW64\sho17B4.tmp 2013-06-28 09:26 - 2013-06-28 09:26 - 00000000 ____D C:\Users\KL\AppData\Local\{CFA7FDB2-1A79-4822-AD29-76C737385ECC} 2013-06-28 09:19 - 2013-06-28 09:19 - 00000175 ____A C:\Windows\System32\Drivers\aswVmm.sys.sum 2013-06-28 09:19 - 2013-06-26 20:09 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum 2013-06-28 09:19 - 2013-06-26 20:09 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum 2013-06-28 09:19 - 2013-03-18 16:03 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys 2013-06-28 09:19 - 2012-10-30 13:51 - 01030952 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys 2013-06-28 09:19 - 2012-10-30 13:51 - 00378944 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys 2013-06-27 20:34 - 2013-06-27 20:34 - 00000000 ____D C:\Users\KL\AppData\Local\{9A77776E-F275-436C-9C1D-D9AC165DD28D} 2013-06-27 16:09 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2013-06-27 06:11 - 2013-06-27 06:11 - 00000000 ____D C:\Users\KL\AppData\Local\{C0DA04C7-1123-4660-B027-ECFB2820C83C} 2013-06-26 20:15 - 2013-06-26 14:15 - 00000000 ____D C:\Users\KL\AppData\Roaming\Spotify 2013-06-26 20:03 - 2013-06-26 14:15 - 00000000 ____D C:\Users\KL\AppData\Local\Spotify 2013-06-26 14:15 - 2013-06-26 14:15 - 00092776 ____A (Spotify Ltd) C:\Users\KL\Downloads\SpotifySetup.exe 2013-06-26 14:15 - 2013-06-26 14:15 - 00001797 ____A C:\Users\KL\Desktop\Spotify.lnk 2013-06-26 09:46 - 2013-06-26 09:46 - 00000000 ____D C:\Users\KL\AppData\Local\{750B1BE6-A929-4C84-BB6E-09F50DF9D895} 2013-06-25 20:36 - 2013-06-25 20:35 - 00000000 ____D C:\Users\KL\AppData\Local\{385B1D85-05C6-4ABF-90B6-5465CC7F7116} 2013-06-25 07:21 - 2013-06-25 07:21 - 00000000 ____D C:\Users\KL\AppData\Local\{B0149D2C-757C-4819-B918-7E99B1DC537E} 2013-06-24 08:35 - 2013-06-24 08:35 - 00000000 ____D C:\Users\KL\AppData\Local\{8C712414-2F34-48E1-AE43-AA4264F8FB7E} 2013-06-23 10:58 - 2013-06-23 10:58 - 00000000 ____D C:\Users\KL\AppData\Local\{135240E4-6219-4DD7-8FE3-B13829262EB7} 2013-06-22 10:49 - 2013-06-22 10:49 - 00000000 ____D C:\Users\KL\AppData\Local\{0F4072A4-6D50-4F9B-9302-28523C6769D8} 2013-06-21 08:59 - 2013-06-21 08:58 - 00000000 ____D C:\Users\KL\AppData\Local\{CE55D110-9D3D-4BAE-915D-94FAE4E0525E} 2013-06-21 08:12 - 2012-07-17 12:34 - 00002147 ____A C:\Users\Public\Desktop\Google Chrome.lnk 2013-06-20 06:25 - 2013-06-20 06:25 - 00000000 ____D C:\Users\KL\AppData\Local\{0337032C-CE74-4BF9-A051-BCDDF53E71F7} 2013-06-19 10:48 - 2013-06-19 10:47 - 00000000 ____D C:\Users\KL\AppData\Local\{08095C17-CC0A-4CC5-BEE2-61C32719E3AC} 2013-06-18 21:03 - 2013-06-18 21:03 - 00000000 ____D C:\Users\KL\AppData\Local\{54BF51E9-481A-4449-8246-82075FD20556} 2013-06-18 08:41 - 2013-06-18 08:41 - 00000000 ____D C:\Users\KL\AppData\Local\{968236A0-CCFE-4F96-84AB-C74704E68B7F} 2013-06-17 21:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-06-17 20:40 - 2013-06-17 20:40 - 00000000 ____D C:\Users\KL\AppData\Local\{90A0CB26-3F0E-4A33-ACA9-02566382D85D} 2013-06-17 08:00 - 2013-06-17 08:00 - 00000000 ____D C:\Users\KL\AppData\Local\{0B935A78-010A-4916-A054-B16200327490} 2013-06-16 10:35 - 2013-06-16 10:35 - 00000000 ____D C:\Users\KL\AppData\Local\{2CD769BF-A91C-4496-A4E5-429D91D0E498} 2013-06-15 08:35 - 2013-06-15 08:35 - 00000000 ____D C:\Users\KL\AppData\Local\{8877A9B6-D0E9-4F83-B472-A4078D29DEF2} 2013-06-14 20:01 - 2013-06-14 20:01 - 00000000 ____D C:\Users\KL\AppData\Local\{9CA246B0-C74E-4FFB-9C82-84461A2FC94D} 2013-06-14 07:08 - 2012-05-08 08:16 - 00654622 ____A C:\Windows\System32\perfh007.dat 2013-06-14 07:08 - 2012-05-08 08:16 - 00130204 ____A C:\Windows\System32\perfc007.dat 2013-06-14 07:08 - 2009-07-14 07:13 - 01500018 ____A C:\Windows\System32\PerfStringBackup.INI 2013-06-14 06:31 - 2013-06-14 06:31 - 00000000 ____D C:\Users\KL\AppData\Local\{F08E8DDB-1493-413C-ADCF-752611B1D6B3} 2013-06-13 09:15 - 2013-06-13 09:15 - 00000000 ____D C:\Users\KL\AppData\Local\{F0C91894-823B-4AFF-9065-A29277231782} 2013-06-12 21:05 - 2013-06-12 21:05 - 00000000 ____D C:\Users\KL\AppData\Local\{BFEC4930-8E01-48AC-A33B-24D15C898BCA} 2013-06-12 12:23 - 2012-04-20 13:04 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-06-12 12:23 - 2012-04-20 13:04 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-06-12 12:22 - 2012-08-22 10:24 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-06-12 06:59 - 2013-06-12 06:58 - 00000000 ____D C:\Users\KL\AppData\Local\{656AE287-3423-4C0A-8F89-7FCA1CD1E918} 2013-06-11 17:18 - 2013-06-11 17:17 - 00000000 ____D C:\Users\KL\Desktop\Kroatien 2013-06-11 09:15 - 2013-06-11 09:15 - 00000000 ____D C:\Users\KL\AppData\Local\{B053369F-64AD-4A75-8E29-8A29BE0FCB1E} 2013-06-10 07:02 - 2013-06-10 07:01 - 00000000 ____D C:\Users\KL\AppData\Local\{8601DF17-86F2-4659-A264-2C089DE57846} 2013-06-09 09:23 - 2013-06-09 09:23 - 00000000 ____D C:\Users\KL\AppData\Local\{96DE9CBD-4582-4AAD-9B26-48089F21CCC5} 2013-06-08 07:58 - 2013-06-08 07:58 - 00000000 ____D C:\Users\KL\AppData\Local\{13937E5C-7E8B-4315-AC62-B3E52AB4AD15} 2013-06-07 19:44 - 2013-06-07 19:44 - 00000000 ____D C:\Users\KL\AppData\Local\{03F7089E-0854-4522-AEAD-0D19DE3CD276} 2013-06-07 07:43 - 2013-06-07 07:43 - 00000000 ____D C:\Users\KL\AppData\Local\{B6750ED3-85BE-4360-8335-CC5C74AC15DE} 2013-06-06 13:22 - 2013-06-06 13:22 - 00000000 ____D C:\Users\KL\AppData\Local\{45E4F691-D602-42BA-AAD0-30DF14600C27} 2013-06-05 20:32 - 2013-06-05 20:32 - 00000000 ____D C:\Users\KL\AppData\Local\{3DF929E1-8F62-4A91-ACA9-708DA5DF6893} 2013-06-05 07:53 - 2013-06-05 07:53 - 00000000 ____D C:\Users\KL\AppData\Local\{7C47D539-3981-407C-8C81-722DF957ABB0} 2013-06-04 07:49 - 2013-06-04 07:49 - 00000000 ____D C:\Users\KL\AppData\Local\{0E1E4655-C9C1-40D2-8A86-A031C44C4510} 2013-06-03 08:45 - 2013-06-03 08:45 - 00000000 ____D C:\Users\KL\AppData\Local\{6E736E60-40F7-4263-9C9D-5CBD1D0E783D} 2013-06-02 08:43 - 2013-06-02 08:43 - 00000000 ____D C:\Users\KL\AppData\Local\{8DEED866-F926-4ED6-828B-055345150854} 2013-06-01 19:07 - 2013-06-01 19:07 - 00000000 ____D C:\Users\KL\AppData\Local\{193A4809-ECFC-4A12-8D01-08EE4FE3D60B} 2013-05-31 22:25 - 2013-05-31 22:25 - 00000000 ____D C:\Users\KL\AppData\Local\{74E9D6A2-9C05-4F48-8552-42F07D7AE419} 2013-05-31 08:41 - 2013-05-31 08:41 - 00000000 ____D C:\Users\KL\AppData\Local\{0A24FA7E-E7CF-4FA8-9037-58F759684020} ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-06-25 09:10 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2013 01 Ran by KL at 2013-06-30 16:15:24 Running from C:\Users\KL\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= ???? ??? Windows Live (x32 Version: 15.4.3502.0922) ???? Windows Live (x32 Version: 15.4.3502.0922) ?????? ??????? ?? Windows Live (x32 Version: 15.4.3502.0922) ???????? ?????????? Windows Live (x32 Version: 15.4.3502.0922) ?????????? Windows Live (x32 Version: 15.4.3502.0922) ??????????? ?? Windows Live (x32 Version: 15.4.3502.0922) 7-Zip 9.20 (x32) Acer Backup Manager (x32 Version: 3.0.0.100) Acer Crystal Eye Webcam (x32 Version: 1.5.2108.00) Acer ePower Management (x32 Version: 6.00.3010) Acer eRecovery Management (x32 Version: 5.00.3508) Acer Instant Update Service (Version: 1.00.3004) Adobe AIR (x32 Version: 3.7.0.2090) Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224) Adobe Reader X (10.1.7) MUI (x32 Version: 10.1.7) ALPS Touch Pad Driver (Version: 7.109.2020.209) Atheros Bluetooth Suite (64) (Version: 7.4.0.126) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.0.8.8) avast! Free Antivirus (x32 Version: 8.0.1489.0) Backup Manager V3 (x32 Version: 3.0.0.100) D3DX10 (x32 Version: 15.4.2368.0902) Dolby Home Theater v4 (x32 Version: 7.2.7000.7) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922) Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922) Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922) Galeria fotografii uslugi Windows Live (x32 Version: 15.4.3502.0922) Galerie de photos Windows Live (x32 Version: 15.4.3502.0922) Galerie foto Windows Live (x32 Version: 15.4.3502.0922) Google Chrome (x32 Version: 27.0.1453.116) Google Earth Plug-in (x32 Version: 7.0.3.8542) Google Update Helper (x32 Version: 1.3.21.145) Identity Card (x32 Version: 1.00.3501) Intel(R) Control Center (x32 Version: 1.2.1.1007) Intel(R) Management Engine Components (x32 Version: 8.0.0.1351) Intel(R) OpenCL CPU Runtime (x32) Intel(R) Processor Graphics (x32 Version: 8.15.10.2653) Intel(R) Rapid Storage Technology (x32 Version: 11.0.0.1032) Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220) Intel® Trusted Connect Service Client (Version: 1.23.216.0) Junk Mail filter update (x32 Version: 15.4.3502.0922) Launch Manager (x32 Version: 5.1.15) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Mesh Runtime (x32 Version: 15.4.5722.2) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000) Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.5139.5005) Microsoft Silverlight (Version: 5.1.20125.0) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) NTI Media Maker 9 (x32 Version: 9.0.2.9006) NVIDIA Grafiktreiber 296.32 (Version: 296.32) NVIDIA Install Application (Version: 2.1002.62.312) NVIDIA Optimus 1.7.12 (Version: 1.7.12) NVIDIA PhysX (x32 Version: 9.11.1111) NVIDIA Systemsteuerung 296.32 (Version: 296.32) NVIDIA Update 1.7.12 (Version: 1.7.12) NVIDIA Update Components (Version: 1.7.12) Poczta uslugi Windows Live (x32 Version: 15.4.3502.0922) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922) Pošta Windows Live (x32 Version: 15.4.3502.0922) Qualcomm Atheros Direct Connect (x32 Version: 3.1) Qualcomm Atheros WiFi Driver Installation (x32 Version: 3.1) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6570) Realtek PCIE Card Reader (x32 Version: 6.1.7601.85) S?????? f?t???af??? t?? Windows Live (x32 Version: 15.4.3502.0922) Spotify (HKCU Version: 0.9.1.53.g876fa9df) Steam (x32 Version: 1.0.0.0) Trillian (x32) Überwachungstool für die Intel® Turbo-Boost-Technik 2.5 (Version: 2.5.1.0) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) VLC media player 2.0.3 (x32 Version: 2.0.3) Winamp (x32 Version: 5.63 ) Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1) Windows Live ??? (x32 Version: 15.4.3502.0922) Windows Live ???? (x32 Version: 15.4.3502.0922) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3538.0513) Windows Live Fotogaléria (x32 Version: 15.4.3502.0922) Windows Live Fotogalerie (x32 Version: 15.4.3502.0922) Windows Live Fotogalleri (x32 Version: 15.4.3502.0922) Windows Live Fotograf Galerisi (x32 Version: 15.4.3502.0922) Windows Live Fotótár (x32 Version: 15.4.3502.0922) Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922) Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3538.0513) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Messenger (x32 Version: 15.4.3538.0513) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922) Windows Liven sähköposti (x32 Version: 15.4.3502.0922) Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922) Windows Mobile Device Updater Component (Version: 04.08.2345.00) Zune (Version: 04.08.2345.00) Zune Language Pack (CHS) (Version: 04.08.2345.00) Zune Language Pack (CHT) (Version: 04.08.2345.00) Zune Language Pack (CSY) (Version: 04.08.2345.00) Zune Language Pack (DAN) (Version: 04.08.2345.00) Zune Language Pack (DEU) (Version: 04.08.2345.00) Zune Language Pack (ELL) (Version: 04.08.2345.00) Zune Language Pack (ESP) (Version: 04.08.2345.00) Zune Language Pack (FIN) (Version: 04.08.2345.00) Zune Language Pack (FRA) (Version: 04.08.2345.00) Zune Language Pack (HUN) (Version: 04.08.2345.00) Zune Language Pack (IND) (Version: 04.08.2345.00) Zune Language Pack (ITA) (Version: 04.08.2345.00) Zune Language Pack (JPN) (Version: 04.08.2345.00) Zune Language Pack (KOR) (Version: 04.08.2345.00) Zune Language Pack (MSL) (Version: 04.08.2345.00) Zune Language Pack (NLD) (Version: 04.08.2345.00) Zune Language Pack (NOR) (Version: 04.08.2345.00) Zune Language Pack (PLK) (Version: 04.08.2345.00) Zune Language Pack (PTB) (Version: 04.08.2345.00) Zune Language Pack (PTG) (Version: 04.08.2345.00) Zune Language Pack (RUS) (Version: 04.08.2345.00) Zune Language Pack (SVE) (Version: 04.08.2345.00) ==================== Restore Points ========================= 04-06-2013 05:46:57 Windows Update 08-06-2013 05:54:29 Windows Update 11-06-2013 07:09:31 Windows Update 12-06-2013 10:21:32 Windows Update 19-06-2013 05:11:43 Windows Update 26-06-2013 07:36:49 Windows Update ==================== Scheduled Tasks (whitelisted) ============= Task: {0521FB00-B6E5-4FBF-8D1D-5ADE97A61C0C} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {41336214-302E-4A90-96FC-667F3BF14586} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {5F1C1B54-F690-49DA-8A0A-DBFD0D388089} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.) Task: {B21BD84A-4448-4D9B-9684-5D6845D46443} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.) Task: {BB87FB1D-0593-4564-A267-2B6CA1C742CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated) Task: {CCCBCBE6-24A7-471B-8B47-9CDBE7520CE6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/30/2013 04:10:33 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/30/2013 06:27:34 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2013 08:15:39 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2013 06:31:57 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2013 04:00:47 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2013 09:01:20 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/28/2013 10:59:17 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/28/2013 05:22:55 PM) (Source: CVHSVC) (User: ) Description: Nur zur Information. Error: Failed to verify XML signature. 0x80070013 Type: 94::InvalidSignature. Error: (06/28/2013 05:12:55 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/28/2013 09:18:34 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (06/30/2013 01:51:23 PM) (Source: DCOM) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (06/26/2013 08:50:49 PM) (Source: WMPNetworkSvc) (User: ) Description: WMPNetworkSvc0x80004005 Error: (06/25/2013 10:09:09 AM) (Source: DCOM) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (06/19/2013 09:01:49 AM) (Source: DCOM) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (06/16/2013 10:48:32 AM) (Source: DCOM) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (06/15/2013 08:23:14 AM) (Source: Service Control Manager) (User: ) Description: Dienst "Client Virtualization Handler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/22/2013 08:57:29 PM) (Source: DCOM) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/21/2013 00:08:53 PM) (Source: DCOM) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (05/20/2013 10:24:21 AM) (Source: DCOM) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (05/20/2013 08:48:05 AM) (Source: DCOM) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Microsoft Office Sessions: ========================= Error: (06/30/2013 04:10:33 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/30/2013 06:27:34 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2013 08:15:39 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2013 06:31:57 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2013 04:00:47 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2013 09:01:20 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/28/2013 10:59:17 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/28/2013 05:22:55 PM) (Source: CVHSVC)(User: ) Description: Error: Failed to verify XML signature. 0x80070013 Type: 94::InvalidSignature. Error: (06/28/2013 05:12:55 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/28/2013 09:18:34 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Percentage of memory in use: 56% Total physical RAM: 3934.36 MB Available physical RAM: 1693.78 MB Total Pagefile: 7866.89 MB Available Pagefile: 5293.11 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:450.16 GB) (Free:62.24 GB) NTFS (Disk=0 Partition=3) ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 0C8E1AEB) Partition 1: (Not Active) - (Size=16 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
30.06.2013, 16:05 | #4 |
/// the machine /// TB-Ausbilder | Avast meldet permanent "Bösartige Website blockiert" Rechner ist sauber, das ist ein Problem mit Avast. Schau mal ob es bereits ein neues Update gibt.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
30.06.2013, 18:16 | #5 |
| Avast meldet permanent "Bösartige Website blockiert" Oh wow, damit habe ich nicht mehr gerechnet. Ich dachte schon, es wird aufs formatieren hinauslaufen... Vielen, vielen Dank! |
30.06.2013, 19:30 | #6 |
/// the machine /// TB-Ausbilder | Avast meldet permanent "Bösartige Website blockiert" Nee, ein Problem bei Avast oder bei Google auf dem Server, ich tippe auf Avast.
__________________ --> Avast meldet permanent "Bösartige Website blockiert" |
Themen zu Avast meldet permanent "Bösartige Website blockiert" |
adobe, adobe flash player, antivirus, avast, bho, blockiert, bösartige website, desktop, explorer, firefox, flash player, format, home, install.exe, launch, logfile, malwarebytes, microsoft, microsoft office starter 2010, nvidia, nvpciflt.sys, plug-in, port, programme, realtek, registry, scan, security, software, spotify web helper, usb, windows, wscript.exe |