| |
| |||||||
Log-Analyse und Auswertung: Habe mir ebenfalls TR/Kazy.mekml.1 eingefangenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
21.04.2011, 07:29
| #1 |
 |  Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen Hallo, Ich habe mir heute Nacht ebenfalls den Virus TR/Kazy.mekml.1 eingefangen, obwohl ich nicht bewusst Dateien heruntergeladen habe, sondern nur gesurft habe. Und das auch noch auf legalen Seiten. Jedenfalls hab ich hier die anderen Threads durchgelesen und deshalb mit OTL die Logfiles erstellt. Mein System ist Vista 32Bit. Ich hoffe Ihr könnt mir helfen, ich habe reihenweise wichtige Dateien auf der Platte und ärger mich gerade grün und blau, dass ich lange nichts mehr gesichert habe. Ich hoffe, ich habe keine Schritte übersehen, die ich schon mal ausführen könnte. Mein Antivir hat genau diesen Virus gemeldet, und Dateien mit immer wieder neuem Namen lokalisiert, wie zB c:\programdata\4148938.exe Fast alle Dateien sind unsichtbar. Falls es eine ganz einfache Möglichkeit gäbe, meine Dateien bedenkenlos zu sichern, wäre ich über entsprechende Informationen überaus dankbar! Hier die Logfiles: OTL.txt: Code:
ATTFilter OTL logfile created on: 21.04.2011 07:58:48 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Michael\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 70,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 122,59 Gb Total Space | 14,64 Gb Free Space | 11,94% Space Free | Partition Type: NTFS Drive D: | 26,45 Gb Total Space | 17,16 Gb Free Space | 64,89% Space Free | Partition Type: FAT32 Computer Name: MICHI2485 | User Name: Michael | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Michael\Desktop\OTL.exe (OldTimer Tools) PRC - C:\ProgramData\UEBeSifOsb.exe (WinTrust) PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) PRC - c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Programme\Google\Google Desktop Search\GoogleDesktopIndex.exe (Google) PRC - C:\Programme\Launch Manager\WisLMSvc.exe (Wistron Corp.) PRC - C:\Programme\Launch Manager\WButton.exe (Wistron) PRC - C:\Programme\Launch Manager\HotkeyApp.exe (Wistron) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\Launch Manager\LaunchAp.exe () PRC - C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) PRC - C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Programme\Medion\MEDIONbox\Program\GCS.exe (Empolis GmbH) PRC - c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH) PRC - C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.) PRC - C:\Programme\Launch Manager\OSD.exe (Wistron Corp.) PRC - C:\Windows\System32\attrib.exe (Microsoft Corporation) PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) PRC - C:\Programme\Stonesoft\StoneGate VPN Client\gatekeeper.exe (Stonesoft Corp.) PRC - C:\Programme\Stonesoft\StoneGate VPN Client\stonegate.exe (Stonesoft Corp.) PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Modules (SafeList) ========== MOD - C:\Users\Michael\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Akamai) -- c:\Programme\Common Files\Akamai\netsession_win_a35e6b9.dll () SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (GoogleDesktopManager) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe (Google) SRV - (WisLMSvc) -- C:\Program Files\Launch Manager\WisLMSvc.exe (Wistron Corp.) SRV - (srvcPVR) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (GnabService) -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH) SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (SGClient) -- C:\Program Files\Stonesoft\StoneGate VPN Client\gatekeeper.exe (Stonesoft Corp.) SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\ALDI Sued Foto Service\Common\Database\bin\fbserver.exe (MAGIX®) SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Driver Services (SafeList) ========== DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (RMCAST) RMCAST (Pgm) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (Cam5607) -- C:\Windows\System32\drivers\BisonC07.sys (Bison Electronics. Inc. ) DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.) DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation) DRV - (PhilCap) -- C:\Windows\System32\drivers\PhilCap.sys (NXP Semiconductors Germany GmbH) DRV - (Si3531) -- C:\Windows\system32\DRIVERS\Si3531.sys (Silicon Image, Inc) DRV - (SiFilter) -- C:\Windows\system32\DRIVERS\SiWinAcc.sys (Silicon Image, Inc.) DRV - (SiRemFil) -- C:\Windows\system32\DRIVERS\SiRemFil.sys (Silicon Image, Inc.) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.) DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation) DRV - (se59mdm) -- C:\Windows\System32\drivers\se59mdm.sys (MCCI) DRV - (se59mdfl) -- C:\Windows\System32\drivers\se59mdfl.sys (MCCI) DRV - (se59bus) Sony Ericsson Device 089 driver (WDM) -- C:\Windows\System32\drivers\se59bus.sys (MCCI) DRV - (Hotkey) -- C:\Windows\System32\drivers\HOTKEY.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1103171414\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/" FF - prefs.js..extensions.enabledItems: dvscontextmenuy@dvdvideosoft.com:1.0 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: mil@toolbar:1.0.0 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=" FF - prefs.js..network.proxy.type: 4 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.26 12:48:14 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.26 12:48:14 | 000,000,000 | ---D | M] [2008.10.18 16:06:23 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Extensions [2011.04.21 02:39:13 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\x6gdhua4.default\extensions [2009.09.03 15:47:46 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\x6gdhua4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.03.17 15:14:31 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\x6gdhua4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.08.18 14:23:52 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\x6gdhua4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.08.24 20:57:29 | 000,000,000 | -H-D | M] (MakeItLive) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\x6gdhua4.default\extensions\mil@toolbar [2011.04.17 23:25:19 | 000,001,056 | -H-- | M] () -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\x6gdhua4.default\searchplugins\icqplugin.xml [2009.09.15 01:25:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2008.10.18 16:06:01 | 000,000,000 | ---D | M] (Firefox Companion for eBay) -- C:\Programme\Mozilla Firefox\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088} [2009.09.02 21:50:44 | 000,000,000 | ---D | M] (DVDVideoSoft YouTube Download Firefox Integration) -- C:\PROGRAM FILES\COMMON FILES\DVDVIDEOSOFT\DLL\FFCONTEXTMENUY [2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll (IE Toolbar) O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1103171414\ICQToolBar.dll (ICQ) O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1103171414\ICQToolBar.dll (ICQ) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CtrlVol] File not found O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\Home Cinema\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe () O4 - HKLM..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation) O4 - HKLM..\Run: [RemoteControl] C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Programme\GoogleEULA\EULALauncher.exe ( ) O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [UEBeSifOsb] C:\ProgramData\UEBeSifOsb.exe (WinTrust) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SheepDog.lnk = C:\Users\Michael\AppData\Roaming\Microsoft\Installer\{8DDD8A6E-C353-4489-9935-63B8F0E4C6C4}\SheepDog.exe (Josh Sklare) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam) O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: tum.de ([www.elearning] https in Trusted sites) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.10.26 20:21:50 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{18f7b24b-05f7-11e0-a0e1-0016d386363a}\Shell - "" = AutoRun O33 - MountPoints2\{18f7b24b-05f7-11e0-a0e1-0016d386363a}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{bbf307ac-3e6c-11df-911d-0016d386363a}\Shell - "" = AutoRun O33 - MountPoints2\{bbf307ac-3e6c-11df-911d-0016d386363a}\Shell\AutoRun\command - "" = "J:\WD SmartWare.exe" autoplay=true O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.21 07:28:33 | 000,580,608 | -H-- | C] (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL.exe [2011.04.21 05:14:54 | 000,000,000 | -H-D | C] -- C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery [2011.04.21 03:50:53 | 000,569,344 | -H-- | C] (WinTrust) -- C:\ProgramData\UEBeSifOsb.exe [2011.04.21 01:59:06 | 000,000,000 | -H-D | C] -- C:\Users\Michael\Desktop\Michis Bewerbung [2011.04.20 17:14:59 | 000,000,000 | -H-D | C] -- C:\Users\Michael\AppData\Roaming\Microsoft Corporation [2011.04.19 16:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2011.04.18 22:28:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Sync Framework [2011.04.18 22:28:17 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Sync Framework [2011.04.18 22:26:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\PreEmptive Solutions [2011.04.18 22:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 3 SDK [2011.04.18 22:22:25 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Silverlight [2011.04.18 22:19:46 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft ASP.NET [2011.04.18 22:19:41 | 000,000,000 | ---D | C] -- C:\Programme\IIS [2011.04.18 22:17:54 | 000,000,000 | -H-D | C] -- C:\Users\Michael\Documents\Visual Studio 2008 [2011.04.18 22:00:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\1033 [2011.04.18 22:00:01 | 000,000,000 | ---D | C] -- C:\Windows\symbols [2011.04.18 21:59:34 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SDKs [2011.04.18 21:59:34 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft F# [2011.04.18 21:59:34 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Merge Modules [2011.04.18 21:59:34 | 000,000,000 | ---D | C] -- C:\Programme\HTML Help Workshop [2011.04.18 21:59:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 [2011.04.18 21:56:09 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio 9.0 [2011.04.15 13:48:27 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011.04.15 13:48:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011.04.15 13:47:41 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011.04.15 13:47:41 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011.04.15 13:47:24 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011.04.15 13:47:14 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011.04.15 13:47:11 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.04.15 13:47:10 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.04.15 13:47:10 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011.04.15 13:47:10 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.04.15 13:47:10 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.04.15 13:47:10 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.04.15 13:47:10 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.04.15 13:47:10 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2011.04.15 13:47:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.04.15 13:46:59 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.04.15 13:46:55 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.04.15 13:46:55 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.04.13 16:09:56 | 000,000,000 | -H-D | C] -- C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArtCursors [2011.04.13 16:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtCursors [2011.04.13 16:09:47 | 000,000,000 | ---D | C] -- C:\Programme\ArtCursors [2011.04.13 15:48:03 | 000,000,000 | -H-D | C] -- C:\Users\Michael\Desktop\mannisgame [2011.04.13 04:44:36 | 000,000,000 | -H-D | C] -- C:\Users\Michael\AppData\Roaming\gtk-2.0 [2011.04.13 04:44:24 | 000,000,000 | -H-D | C] -- C:\Users\Michael\.thumbnails [2011.04.13 04:42:14 | 000,000,000 | -H-D | C] -- C:\Users\Michael\Documents\gegl-0.0 [2011.04.13 04:42:14 | 000,000,000 | -H-D | C] -- C:\Users\Michael\.gimp-2.6 [2011.04.13 04:41:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP [2011.04.13 04:41:15 | 000,000,000 | ---D | C] -- C:\Programme\GIMP-2.0 [2011.04.13 04:39:08 | 020,240,744 | -H-- | C] (The GIMP Team ) -- C:\Users\Michael\Desktop\gimp-2.6.11-i686-setup.exe [2011.04.11 22:11:16 | 000,000,000 | -H-D | C] -- C:\Users\Michael\share [2011.04.11 13:52:12 | 000,000,000 | -H-D | C] -- C:\Users\Michael\Desktop\testgame [2011.04.09 11:23:25 | 000,000,000 | -H-D | C] -- C:\Users\Michael\Desktop\Programmcodes [2011.04.06 17:25:38 | 000,000,000 | -H-D | C] -- C:\Users\Michael\Desktop\Sys-Ex-ModelEditor [2011.04.06 15:28:06 | 000,000,000 | ---D | C] -- C:\Programme\Hex-Editor MX [2011.04.06 15:28:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex-Editor MX [2011.04.02 13:29:03 | 000,000,000 | -H-D | C] -- C:\Users\Michael\Desktop\Texture-Pack [2011.04.01 14:14:13 | 000,000,000 | ---D | C] -- C:\AAA [2011.03.31 21:09:25 | 000,000,000 | -H-D | C] -- C:\Users\Michael\Desktop\bac-CD [2011.03.30 15:13:14 | 000,000,000 | -H-D | C] -- C:\Users\Michael\Desktop\elektronix [2011.03.30 11:08:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2011.03.30 11:08:08 | 000,000,000 | ---D | C] -- C:\Programme\LogMeIn Hamachi [2011.03.23 23:28:16 | 000,000,000 | -H-D | C] -- C:\Users\Michael\Desktop\verteidigung [2011.03.22 20:12:14 | 000,000,000 | -H-D | C] -- C:\Users\Michael\Desktop\Bachelor-Powerpoint [2011.03.22 19:10:07 | 000,000,000 | -H-D | C] -- C:\Users\Michael\Desktop\zeug [2008.11.16 01:55:05 | 000,047,360 | -H-- | C] (VSO Software) -- C:\Users\Michael\AppData\Roaming\pcouffin.sys [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.04.21 07:57:53 | 000,580,608 | -H-- | M] (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL.exe [2011.04.21 07:49:28 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.04.21 07:49:19 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.21 07:49:19 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.21 07:49:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.21 07:49:09 | 2135,384,064 | -HS- | M] () -- C:\hiberfil.sys [2011.04.21 07:32:24 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.04.21 03:50:52 | 000,569,344 | -H-- | M] (WinTrust) -- C:\ProgramData\UEBeSifOsb.exe [2011.04.21 01:19:09 | 000,739,234 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.21 01:19:09 | 000,687,984 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.21 01:19:09 | 000,173,254 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.21 01:19:09 | 000,140,906 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.21 01:04:06 | 000,002,403 | -H-- | M] () -- C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SheepDog.lnk [2011.04.16 16:59:03 | 000,539,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.04.14 18:56:11 | 000,173,057 | -H-- | M] () -- C:\Users\Michael\Desktop\VBSamples2005.zip [2011.04.14 17:54:21 | 002,361,399 | -H-- | M] () -- C:\Users\Michael\Desktop\Sys-Ex-ModelEditor.rar [2011.04.13 16:09:57 | 000,000,754 | -H-- | M] () -- C:\Users\Michael\Desktop\ArtCursors.lnk [2011.04.13 04:46:56 | 000,001,606 | -H-- | M] () -- C:\Users\Michael\.recently-used.xbel [2011.04.13 04:41:57 | 000,000,904 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2011.04.13 04:39:47 | 020,240,744 | -H-- | M] (The GIMP Team ) -- C:\Users\Michael\Desktop\gimp-2.6.11-i686-setup.exe [2011.04.12 00:11:11 | 005,481,168 | -H-- | M] () -- C:\Users\Michael\Desktop\enginehyper.WAV [2011.04.11 14:33:39 | 000,383,014 | -H-- | M] () -- C:\Users\Michael\Desktop\explosion0008.zip [2011.04.08 21:12:05 | 000,001,447 | -H-- | M] () -- C:\Users\Michael\Desktop\Presentation - Verknüpfung.lnk [2011.04.07 14:30:17 | 000,166,471 | -H-- | M] () -- C:\Users\Michael\Desktop\a_Winsock_172822432004.zip [2011.04.07 14:01:28 | 000,024,286 | -H-- | M] () -- C:\Users\Michael\Desktop\netzwerk.zip [2011.04.06 13:46:04 | 000,000,005 | ---- | M] () -- C:\tempmod.bin [2011.04.01 16:03:42 | 000,006,506 | -H-- | M] () -- C:\Users\Michael\Desktop\From1.rtf [2011.03.30 13:49:01 | 002,063,872 | -H-- | M] () -- C:\Users\Michael\Desktop\NWO-Playerpreview.exe [2011.03.30 11:52:34 | 000,266,085 | -H-- | M] () -- C:\Users\Michael\Desktop\Bachelor's+Thesis.zip [2011.03.22 18:55:11 | 003,964,928 | -H-- | M] () -- C:\Users\Michael\Desktop\kap3-1.pps [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.21 07:23:31 | 2135,384,064 | -HS- | C] () -- C:\hiberfil.sys [2011.04.14 18:56:08 | 000,173,057 | -H-- | C] () -- C:\Users\Michael\Desktop\VBSamples2005.zip [2011.04.13 16:09:57 | 000,000,754 | -H-- | C] () -- C:\Users\Michael\Desktop\ArtCursors.lnk [2011.04.13 04:46:56 | 000,001,606 | -H-- | C] () -- C:\Users\Michael\.recently-used.xbel [2011.04.13 04:41:57 | 000,000,904 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2011.04.12 00:11:04 | 005,481,168 | -H-- | C] () -- C:\Users\Michael\Desktop\enginehyper.WAV [2011.04.11 14:33:36 | 000,383,014 | -H-- | C] () -- C:\Users\Michael\Desktop\explosion0008.zip [2011.04.08 21:12:05 | 000,001,447 | -H-- | C] () -- C:\Users\Michael\Desktop\Presentation - Verknüpfung.lnk [2011.04.07 14:30:15 | 000,166,471 | -H-- | C] () -- C:\Users\Michael\Desktop\a_Winsock_172822432004.zip [2011.04.07 14:01:23 | 000,024,286 | -H-- | C] () -- C:\Users\Michael\Desktop\netzwerk.zip [2011.04.06 17:27:37 | 002,361,399 | -H-- | C] () -- C:\Users\Michael\Desktop\Sys-Ex-ModelEditor.rar [2011.04.06 14:26:14 | 000,000,005 | ---- | C] () -- C:\tempmod.bin [2011.04.01 16:03:42 | 000,006,506 | -H-- | C] () -- C:\Users\Michael\Desktop\From1.rtf [2011.03.30 13:51:23 | 002,063,872 | -H-- | C] () -- C:\Users\Michael\Desktop\NWO-Playerpreview.exe [2011.03.30 11:52:29 | 000,266,085 | -H-- | C] () -- C:\Users\Michael\Desktop\Bachelor's+Thesis.zip [2011.03.22 18:55:10 | 003,964,928 | -H-- | C] () -- C:\Users\Michael\Desktop\kap3-1.pps [2011.03.20 03:11:28 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2011.03.20 03:11:28 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2011.03.17 15:18:11 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010.10.29 00:11:46 | 000,000,344 | ---- | C] () -- C:\Windows\GCSPRO30.INI [2010.10.29 00:11:41 | 000,212,992 | ---- | C] () -- C:\Windows\ALCHUNIN.EXE [2010.08.03 00:33:18 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2010.07.31 21:33:03 | 000,030,593 | ---- | C] () -- C:\Windows\scunin.dat [2010.06.10 15:19:16 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2010.06.10 15:19:16 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2010.06.10 15:19:16 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2010.06.10 15:19:16 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2010.06.10 15:19:16 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2010.06.10 15:19:16 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2010.06.10 15:19:16 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2010.06.10 15:19:15 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2010.06.10 15:19:15 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2010.06.10 15:19:15 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2010.06.10 15:19:15 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2010.06.10 15:19:15 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2010.06.10 15:19:15 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2010.06.10 15:19:15 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2010.06.10 15:19:15 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2010.06.10 15:19:15 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2010.06.10 15:19:15 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2010.06.10 15:19:15 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2010.06.10 15:19:15 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2009.12.10 00:13:14 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.06.24 18:03:32 | 000,000,112 | -H-- | C] () -- C:\Users\Michael\AppData\Roaming\wklnhst.dat [2009.01.13 11:29:00 | 000,197,408 | ---- | C] () -- C:\Windows\System32\vpnapi.dll [2008.11.16 01:55:05 | 000,087,608 | -H-- | C] () -- C:\Users\Michael\AppData\Roaming\inst.exe [2008.11.16 01:55:05 | 000,007,887 | -H-- | C] () -- C:\Users\Michael\AppData\Roaming\pcouffin.cat [2008.11.16 01:55:05 | 000,001,144 | -H-- | C] () -- C:\Users\Michael\AppData\Roaming\pcouffin.inf [2008.11.05 19:42:45 | 000,062,400 | ---- | C] () -- C:\Windows\System32\IFC.dll [2008.11.05 19:41:56 | 000,422,848 | ---- | C] () -- C:\Windows\System32\PPL.dll [2008.09.24 17:34:31 | 000,000,089 | ---- | C] () -- C:\Windows\ULead32.ini [2008.07.23 18:50:52 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008.05.06 15:48:09 | 000,000,680 | -H-- | C] () -- C:\Users\Michael\AppData\Local\d3d9caps.dat [2008.05.04 17:43:14 | 000,000,000 | -H-- | C] () -- C:\Users\Michael\AppData\Roaming\Default.PLS [2008.04.10 21:56:53 | 000,217,088 | ---- | C] () -- C:\Windows\System32\libmySQL.dll [2008.04.10 21:56:53 | 000,102,400 | ---- | C] () -- C:\Windows\System32\TrackerNET.dll [2008.04.09 22:30:22 | 000,000,080 | ---- | C] () -- C:\Windows\sierra.ini [2008.03.12 19:13:35 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2008.03.12 19:13:35 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2008.03.12 19:13:35 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2008.03.12 17:06:49 | 000,185,344 | ---- | C] () -- C:\Windows\patchw32.dll [2008.03.04 21:32:47 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll [2008.03.04 21:32:47 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll [2008.01.27 14:37:25 | 000,049,152 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll [2008.01.27 14:35:03 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2008.01.02 17:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll [2008.01.02 17:47:22 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll [2008.01.02 17:47:22 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll [2008.01.02 17:47:22 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll [2007.10.31 15:49:57 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2007.10.31 15:16:15 | 000,087,552 | -H-- | C] () -- C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.10.31 14:48:08 | 000,000,155 | ---- | C] () -- C:\Windows\winamp.ini [2007.10.31 12:56:01 | 000,000,095 | -H-- | C] () -- C:\Users\Michael\AppData\Local\fusioncache.dat [2007.09.19 07:56:18 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini [2007.09.18 20:01:37 | 000,299,008 | ---- | C] () -- C:\Windows\System32\midas.dll [2007.09.18 20:01:37 | 000,120,320 | ---- | C] () -- C:\Windows\System32\UnzDll.dll [2007.09.18 18:49:17 | 000,000,199 | ---- | C] () -- C:\Windows\WISO.INI [2007.09.18 15:41:03 | 000,009,867 | ---- | C] () -- C:\Windows\System32\drivers\HOTKEY.sys [2007.09.18 09:38:30 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe [2007.09.18 09:33:27 | 000,015,190 | ---- | C] () -- C:\Windows\M3000Twn.ini [2007.09.18 09:16:24 | 000,000,216 | ---- | C] () -- C:\Windows\System32\drivers\SamSfPa.dat [2007.09.12 09:36:27 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007.09.12 09:35:40 | 000,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll [2007.09.12 09:35:40 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1318.dll [2007.09.12 09:35:31 | 000,009,824 | ---- | C] () -- C:\Windows\System32\716xCoInstaller.dll [2006.12.11 06:06:31 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2006.11.02 17:33:31 | 000,739,234 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 17:33:31 | 000,173,254 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,539,240 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,687,984 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,140,906 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.09.20 07:34:10 | 000,000,000 | ---- | C] () -- C:\Windows\Buhl.ini [2004.06.01 10:31:54 | 000,049,152 | ---- | C] () -- C:\Windows\System32\flgetmac.dll [2004.02.22 23:41:38 | 000,122,880 | ---- | C] () -- C:\Windows\System32\FLAdmin.dll [2004.02.21 23:22:00 | 000,045,056 | ---- | C] () -- C:\Windows\System32\flhash.dll [2003.07.23 23:17:08 | 000,049,152 | ---- | C] () -- C:\Windows\System32\FLCodec.dll [2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI [1997.06.14 10:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll ========== LOP Check ========== [2010.10.26 20:49:32 | 000,000,000 | -H-D | M] -- C:\Users\Michael\AppData\Roaming\Autodesk [2008.03.12 23:46:15 | 000,000,000 | -H-D | M] -- C:\Users\Michael\AppData\Roaming\DAEMON Tools [2010.08.18 14:23:51 | 000,000,000 | -H-D | M] -- C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers [2010.06.10 15:28:25 | 000,000,000 | -H-D | M] -- C:\Users\Michael\AppData\Roaming\EPSON [2011.04.13 15:59:47 | 000,000,000 | -H-D | M] -- C:\Users\Michael\AppData\Roaming\gtk-2.0 [2011.04.21 01:08:01 | 000,000,000 | -H-D | M] -- C:\Users\Michael\AppData\Roaming\ICQ [2007.10.31 17:42:49 | 000,000,000 | -H-D | M] -- C:\Users\Michael\AppData\Roaming\ICQ Toolbar [2008.03.30 17:00:09 | 000,000,000 | -H-D | M] -- C:\Users\Michael\AppData\Roaming\MAGIX [2008.04.25 13:03:14 | 000,000,000 | -H-D | M] -- C:\Users\Michael\AppData\Roaming\Sonavis [2011.02.23 18:03:16 | 000,000,000 | -H-D | M] -- C:\Users\Michael\AppData\Roaming\Template [2008.04.25 13:35:29 | 000,000,000 | -H-D | M] -- C:\Users\Michael\AppData\Roaming\TVcentral-Core [2008.03.12 17:06:50 | 000,000,000 | -H-D | M] -- C:\Users\Michael\AppData\Roaming\ubi.com [2008.11.26 15:35:20 | 000,000,000 | -H-D | M] -- C:\Users\Michael\AppData\Roaming\Vso [2011.04.21 07:47:54 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Extras.txt: Code:
ATTFilter OTL Extras logfile created on: 21.04.2011 07:58:48 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Michael\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 122,59 Gb Total Space | 14,64 Gb Free Space | 11,94% Space Free | Partition Type: NTFS
Drive D: | 26,45 Gb Total Space | 17,16 Gb Free Space | 64,89% Space Free | Partition Type: FAT32
Computer Name: MICHI2485 | User Name: Michael | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04F2048C-320E-4CF0-BDD0-BEF14AC2793F}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{20299E0A-B7AC-4221-AEE6-E508A8F4B597}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{2798A8F8-5463-4E28-A605-B863384ED2FE}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{37CBCDAD-C9A6-4738-B2B1-A6C196616FDA}" = lport=49203 | protocol=6 | dir=in | name=akamai netsession interface |
"{3CB5D544-B029-4C17-B375-8F3FA917E1C9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3DFB81D9-AF44-4857-8313-88973DAF6211}" = rport=2869 | protocol=6 | dir=out | app=system |
"{3E1CD0A2-C407-4CE7-8D3E-4CF740D1646E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{40387C4B-6E6D-453A-93A3-4E870E56CE9F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5712B6A3-3D24-4890-A751-6C330E9268F5}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{71A95DBB-D15C-490B-AFFD-43CC6D65928B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{95C24FF0-D26F-48B3-AF4C-DC83C7277EB3}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B644A2D1-5C16-4DBA-BDDC-22E2493798E2}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D65A2ED3-406D-4E46-A637-B94732D53748}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B5B9F19-3706-4DD8-98CD-258A2932CBC1}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1B35A143-4EC1-408C-9E41-2502A7F85732}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{288D1CA6-532B-4979-AD4A-05A820165305}" = protocol=6 | dir=in | app=c:\program files\cisco systems\vpn client\ipsecdialer.exe |
"{2AD4E2A9-5ABE-405C-993D-D918A043D2D4}" = protocol=17 | dir=in | app=c:\program files\cisco systems\vpn client\vpngui.exe |
"{2E9D9C0B-0137-483D-B92A-CD530592F3E6}" = dir=in | app=c:\program files\home cinema\powerdvd\powerdvd.exe |
"{3BA65083-3F97-464C-9EF6-4EA2B59F3CCD}" = dir=in | app=c:\program files\home cinema\makedisc\makedisc.exe |
"{3BC434D7-0C01-45FF-8E5B-BB311F9AD251}" = protocol=6 | dir=in | app=c:\program files\ftp-uploader\ftpuploader.exe |
"{3C0DD909-0CC7-483A-B24F-EFA8B5952E0C}" = protocol=17 | dir=in | app=c:\program files\ftp-uploader\ftpuploader.exe |
"{477055E3-F3B0-46F5-B596-F625A56B5723}" = protocol=6 | dir=in | app=c:\program files\cisco systems\vpn client\vpngui.exe |
"{4B90F782-125D-4CE3-B4DD-BA29BFBF9D02}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5242F66A-32D3-40BD-BA15-A09FD5BA67F2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{586DE55F-CA49-402C-A112-34C3465B779A}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{66B0B53D-EFEA-43D3-ABAA-330A368BCFFC}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{A09338A2-CC74-4A5A-9F57-928168995000}" = dir=in | app=c:\program files\cyberlink\powerdv\powerdv.exe |
"{A5E3BE72-9E4F-4774-856F-EBBB6CD72E3E}" = protocol=17 | dir=in | app=c:\program files\cisco systems\vpn client\ipsecdialer.exe |
"{C939A545-6099-40EC-9986-46C5A22F2075}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{CBFBD3DB-211F-4F37-844D-5F98936C6D9A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CF61E390-93AF-4FE8-943A-9E020A654D39}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{EF52B608-87C8-4D9B-94D8-17200A54F0DC}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{F3289106-9270-44C2-A8C5-5B3A4BDB0EFF}" = dir=in | app=c:\program files\home cinema\powerdirector\pdr.exe |
"{F736CADE-D8C1-4572-BE47-619F692260B9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{0FEFBBEC-7ADC-4CC3-ADCC-BD6B36F6591A}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"TCP Query User{191D3174-8736-4961-BCED-1B7275D19582}C:\program files\ubi soft\il-2 sturmovik forgotten battles\il2fb.exe" = protocol=6 | dir=in | app=c:\program files\ubi soft\il-2 sturmovik forgotten battles\il2fb.exe |
"TCP Query User{1998694F-72BF-41F0-AF09-42DB0FE29B7F}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{19BBAFC7-C728-4528-94CE-6A7BA22CF935}C:\program files\stonesoft\stonegate vpn client\sgagent.exe" = protocol=6 | dir=in | app=c:\program files\stonesoft\stonegate vpn client\sgagent.exe |
"TCP Query User{242E9436-CE66-4254-867B-D0841CFA7709}C:\users\michael\documents\visual studio 2005\projects\sys-ex\tcpsever\bin\tcpsever.exe" = protocol=6 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\sys-ex\tcpsever\bin\tcpsever.exe |
"TCP Query User{25FE9CD4-36AB-4F5F-B1C3-876B51B95643}C:\program files\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"TCP Query User{27100CEB-C082-4E06-8F5A-D0D0FE025CAA}C:\games\freelancer\exe\freelancer.exe" = protocol=6 | dir=in | app=c:\games\freelancer\exe\freelancer.exe |
"TCP Query User{2A81457F-9BC4-4316-9CB6-7742A7537BA1}C:\program files\ascaron entertainment\sacred underworld\sacred.exe" = protocol=6 | dir=in | app=c:\program files\ascaron entertainment\sacred underworld\sacred.exe |
"TCP Query User{396E0F25-A509-4B19-A125-6FACE07F06E4}C:\users\michael\documents\visual studio 2005\projects\michis-server\michis-server\bin\debug\michis-server.vshost.exe" = protocol=6 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\michis-server\michis-server\bin\debug\michis-server.vshost.exe |
"TCP Query User{43DDE795-64C7-4731-B273-F9D205EC3FC0}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{4B3248F6-787E-4202-8D56-22CB013136D7}C:\program files\ascaron entertainment\sacred underworld\gameserver.exe" = protocol=6 | dir=in | app=c:\program files\ascaron entertainment\sacred underworld\gameserver.exe |
"TCP Query User{4CFE1DAA-8DC4-48E5-8914-6CF1894C9E70}C:\program files\stonesoft\stonegate vpn client\sgagent.exe" = protocol=6 | dir=in | app=c:\program files\stonesoft\stonegate vpn client\sgagent.exe |
"TCP Query User{4DB2CE40-1C60-4C0A-99F0-C84591C29EF3}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{4E23DFD0-7FBB-47AA-BFB6-B9DD167E8847}C:\program files\ubisoft\eagle dynamics\lock on\lockon.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\eagle dynamics\lock on\lockon.exe |
"TCP Query User{50EE1EDE-27FB-4340-80EC-8EF7B4A33CA2}C:\users\michael\documents\visual studio 2005\projects\sys-ex\tcpsever\bin\tcpsever.vshost.exe" = protocol=6 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\sys-ex\tcpsever\bin\tcpsever.vshost.exe |
"TCP Query User{5B7BC0B5-CC50-4BA3-B932-7AE93A55FA17}C:\users\michael\documents\visual studio 2005\projects\presentation\presentation\bin\debug\netzwerk\sysex-chat.exe" = protocol=6 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\presentation\presentation\bin\debug\netzwerk\sysex-chat.exe |
"TCP Query User{60C60915-86DF-47F8-820F-5530070FD604}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{60EE078C-E2C4-4248-A7A7-EAA6E2E0A424}C:\program files\icq7.4\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"TCP Query User{6756DF86-6128-43EE-AA32-81D1996968F9}C:\users\michael\documents\visual studio 2005\projects\sys-ex\sysex-chat\sysex-chat\bin\debug\sysex-chat.exe" = protocol=6 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\sys-ex\sysex-chat\sysex-chat\bin\debug\sysex-chat.exe |
"TCP Query User{67DA0B73-FC95-47B3-BB7D-2C989A9812DF}C:\games\thq\dawn of war\w40k.exe" = protocol=6 | dir=in | app=c:\games\thq\dawn of war\w40k.exe |
"TCP Query User{69ED395F-CB72-46A4-BE41-C45C369F3C5B}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"TCP Query User{79F48B8E-D736-4D19-BC96-6DDE16616C1C}C:\users\michael\documents\visual studio 2005\projects\presentation\presentation\bin\debug\netzwerk.exe" = protocol=6 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\presentation\presentation\bin\debug\netzwerk.exe |
"TCP Query User{7FA2D6D4-C038-4406-8F25-AAD89281B87D}C:\program files\ascaron entertainment\sacred underworld\gameserver.exe" = protocol=6 | dir=in | app=c:\program files\ascaron entertainment\sacred underworld\gameserver.exe |
"TCP Query User{84D63A63-CA0B-4BD1-A317-20C7EC2812DF}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"TCP Query User{8BC0F1E1-AC5C-4378-9358-E7C24EDF3B52}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{8CECCC9E-2292-4711-96E9-0FD9E5B95677}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{8E2492F2-781D-4095-8420-8DF5FCB0F616}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{951F3F01-069E-4FDE-87EB-4419AAC892D3}C:\users\michael\documents\visual studio 2010\projects\projects\michis-server\michis-server\bin\debug\michis-server.exe" = protocol=6 | dir=in | app=c:\users\michael\documents\visual studio 2010\projects\projects\michis-server\michis-server\bin\debug\michis-server.exe |
"TCP Query User{975C3758-C4B6-4B31-8F38-5E28ED0396B8}C:\users\michael\documents\visual studio 2005\projects\sysex-chat\sysex-chat\bin\debug\sysex-chat.vshost.exe" = protocol=6 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\sysex-chat\sysex-chat\bin\debug\sysex-chat.vshost.exe |
"TCP Query User{9782CF41-B609-44FA-9558-1E6AFAD72729}C:\games\thq\dawn of war\w40k.exe" = protocol=6 | dir=in | app=c:\games\thq\dawn of war\w40k.exe |
"TCP Query User{9CBF513E-4032-4CB1-B762-1599D2E36185}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{9D425146-197E-4588-A22E-322C314802F4}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{A10237FC-5A20-4126-8613-A36B94A01D30}C:\users\michael\documents\visual studio 2010\projects\projects\sys-ex\te-server\te-server\bin\debug\te-server.vshost.exe" = protocol=6 | dir=in | app=c:\users\michael\documents\visual studio 2010\projects\projects\sys-ex\te-server\te-server\bin\debug\te-server.vshost.exe |
"TCP Query User{A44ADA69-E8A8-48D9-A9B8-AFF94CED0A2B}C:\games\freelancer\exe\flserver.exe" = protocol=6 | dir=in | app=c:\games\freelancer\exe\flserver.exe |
"TCP Query User{A503FE3F-47A1-45AB-B8F1-15882452AE4F}C:\users\michael\documents\visual studio 2005\projects\sysex-chat\sysex-chat\bin\debug\sysex-chat.exe" = protocol=6 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\sysex-chat\sysex-chat\bin\debug\sysex-chat.exe |
"TCP Query User{A7E386E2-C772-4125-A010-2B65031E889E}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{B2C4A5B0-ED59-4AC8-A4CE-200EC50FB9DD}C:\program files\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\program files\diablo ii\game.exe |
"TCP Query User{BA3EDC84-56AA-4CAD-839C-394C824E370F}C:\sierra\counter-strike\cstrike.exe" = protocol=6 | dir=in | app=c:\sierra\counter-strike\cstrike.exe |
"TCP Query User{BBBBE8F3-3C0E-4602-B309-78CD0F816886}C:\program files\rockstar games\gta2\gta2.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\gta2\gta2.exe |
"TCP Query User{C0FADC7D-FF27-403D-92DA-72B1AB0EAF5C}C:\program files\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"TCP Query User{CA0C77A5-1524-49C6-B286-B6C835AB6779}C:\games\freelancer\exe\freelancer.exe" = protocol=6 | dir=in | app=c:\games\freelancer\exe\freelancer.exe |
"TCP Query User{D924364A-96C6-4D57-8814-A36C3EF2A259}C:\sierra\counter-strike\cstrike.exe" = protocol=6 | dir=in | app=c:\sierra\counter-strike\cstrike.exe |
"TCP Query User{F27F93AE-4985-404D-A4D4-79D6F0EF2E20}C:\program files\ascaron entertainment\sacred underworld\sacred.exe" = protocol=6 | dir=in | app=c:\program files\ascaron entertainment\sacred underworld\sacred.exe |
"TCP Query User{FBE09A50-38F6-45BB-8431-144F2A82AFBC}C:\games\freelancer\exe\flserver.exe" = protocol=6 | dir=in | app=c:\games\freelancer\exe\flserver.exe |
"UDP Query User{02E80D28-F752-455A-83BA-79C0E7BFAC39}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{05151878-D135-4D29-808A-4E5CD8B38460}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{0BD0C6A7-DCCA-401E-8E9E-B060D0C1F538}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{0BEF5091-1650-49A0-8809-889F42AC13AA}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"UDP Query User{0C94996F-0DDA-495C-9207-82112DF074B3}C:\program files\rockstar games\gta2\gta2.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\gta2\gta2.exe |
"UDP Query User{0FA107F9-6E4B-41F5-8A6F-FDD0BE20E6AA}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{185E2AEE-F0EE-4C9D-835E-4F910B57906B}C:\users\michael\documents\visual studio 2005\projects\sys-ex\tcpsever\bin\tcpsever.exe" = protocol=17 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\sys-ex\tcpsever\bin\tcpsever.exe |
"UDP Query User{190D422A-C596-45C9-9ACA-618BE1AFADC5}C:\games\freelancer\exe\freelancer.exe" = protocol=17 | dir=in | app=c:\games\freelancer\exe\freelancer.exe |
"UDP Query User{2CDA525E-41A7-4157-9744-05D50F98B8B1}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{2E637C83-B128-45C5-8DF7-D675DF4DEC0B}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"UDP Query User{2E87BFCA-1AC5-411D-9E90-9CF39F177E37}C:\users\michael\documents\visual studio 2005\projects\sysex-chat\sysex-chat\bin\debug\sysex-chat.vshost.exe" = protocol=17 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\sysex-chat\sysex-chat\bin\debug\sysex-chat.vshost.exe |
"UDP Query User{3307143B-6080-4774-ABCC-BA1265384534}C:\program files\stonesoft\stonegate vpn client\sgagent.exe" = protocol=17 | dir=in | app=c:\program files\stonesoft\stonegate vpn client\sgagent.exe |
"UDP Query User{34A5D0D6-18B2-4BCF-9457-7604B0626D8D}C:\games\freelancer\exe\flserver.exe" = protocol=17 | dir=in | app=c:\games\freelancer\exe\flserver.exe |
"UDP Query User{352FD9EB-A7E7-4945-B188-006EF00C1A53}C:\program files\ascaron entertainment\sacred underworld\gameserver.exe" = protocol=17 | dir=in | app=c:\program files\ascaron entertainment\sacred underworld\gameserver.exe |
"UDP Query User{399C18B4-C705-41D4-99B4-91BB6A9645E3}C:\users\michael\documents\visual studio 2010\projects\projects\michis-server\michis-server\bin\debug\michis-server.exe" = protocol=17 | dir=in | app=c:\users\michael\documents\visual studio 2010\projects\projects\michis-server\michis-server\bin\debug\michis-server.exe |
"UDP Query User{408F7CF0-E3DD-4460-974A-8C1FA6A6E5D5}C:\program files\icq7.4\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"UDP Query User{4D970D83-74C1-44D8-9C0B-2E2F2121A0A4}C:\sierra\counter-strike\cstrike.exe" = protocol=17 | dir=in | app=c:\sierra\counter-strike\cstrike.exe |
"UDP Query User{4E91F61B-C2EE-43A4-82F9-3A1F54926A35}C:\program files\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"UDP Query User{53FA6D1B-705F-4EBC-B995-FC600ABB03C2}C:\users\michael\documents\visual studio 2005\projects\sys-ex\sysex-chat\sysex-chat\bin\debug\sysex-chat.exe" = protocol=17 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\sys-ex\sysex-chat\sysex-chat\bin\debug\sysex-chat.exe |
"UDP Query User{5805627A-5E9D-4E4B-A1ED-AA8B19FF1207}C:\program files\ubi soft\il-2 sturmovik forgotten battles\il2fb.exe" = protocol=17 | dir=in | app=c:\program files\ubi soft\il-2 sturmovik forgotten battles\il2fb.exe |
"UDP Query User{593B92A1-7A95-486D-B328-7D3994CACA46}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"UDP Query User{5DBF935C-23B5-4826-8CA4-AAECE0194D72}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{63C284DD-0718-4927-B732-533B3556F674}C:\program files\ascaron entertainment\sacred underworld\sacred.exe" = protocol=17 | dir=in | app=c:\program files\ascaron entertainment\sacred underworld\sacred.exe |
"UDP Query User{6AD7E19F-2750-4DC0-8A95-F10C0D0FD5E2}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{6ED28BD9-143B-4D24-BFDB-733380B6E765}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{724402E6-E9AE-4DED-8838-71139258B78E}C:\users\michael\documents\visual studio 2005\projects\presentation\presentation\bin\debug\netzwerk\sysex-chat.exe" = protocol=17 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\presentation\presentation\bin\debug\netzwerk\sysex-chat.exe |
"UDP Query User{7682F8F5-E602-4CF4-A846-36C7484937E4}C:\users\michael\documents\visual studio 2005\projects\sysex-chat\sysex-chat\bin\debug\sysex-chat.exe" = protocol=17 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\sysex-chat\sysex-chat\bin\debug\sysex-chat.exe |
"UDP Query User{78E8ACFE-9D92-49A6-8957-B07CC96EA4BC}C:\sierra\counter-strike\cstrike.exe" = protocol=17 | dir=in | app=c:\sierra\counter-strike\cstrike.exe |
"UDP Query User{7A62D396-8265-4EEE-B09D-D52CEF34BB9B}C:\users\michael\documents\visual studio 2010\projects\projects\sys-ex\te-server\te-server\bin\debug\te-server.vshost.exe" = protocol=17 | dir=in | app=c:\users\michael\documents\visual studio 2010\projects\projects\sys-ex\te-server\te-server\bin\debug\te-server.vshost.exe |
"UDP Query User{80940D0D-F621-4B0F-93A0-06DA1325CB6E}C:\program files\stonesoft\stonegate vpn client\sgagent.exe" = protocol=17 | dir=in | app=c:\program files\stonesoft\stonegate vpn client\sgagent.exe |
"UDP Query User{9676C65C-3BC0-414F-8F9B-B6B142B15EC2}C:\games\thq\dawn of war\w40k.exe" = protocol=17 | dir=in | app=c:\games\thq\dawn of war\w40k.exe |
"UDP Query User{989BE869-805A-473C-9712-7935040FB293}C:\program files\ascaron entertainment\sacred underworld\gameserver.exe" = protocol=17 | dir=in | app=c:\program files\ascaron entertainment\sacred underworld\gameserver.exe |
"UDP Query User{A3829E13-80D6-4A03-B0DA-6FD868DD750B}C:\games\freelancer\exe\flserver.exe" = protocol=17 | dir=in | app=c:\games\freelancer\exe\flserver.exe |
"UDP Query User{A4D55F5E-1CF1-40CD-945E-50546336EEB3}C:\users\michael\documents\visual studio 2005\projects\sys-ex\tcpsever\bin\tcpsever.vshost.exe" = protocol=17 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\sys-ex\tcpsever\bin\tcpsever.vshost.exe |
"UDP Query User{BA81A141-C947-4EF8-B61B-6BD3A00E5877}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{BF26DDFA-8F9A-4D60-B635-7AC36B4D6028}C:\program files\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\program files\diablo ii\game.exe |
"UDP Query User{C4DBAA32-B65C-476F-B859-AA44928547C9}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{D3A9E83C-D93B-4F5A-960B-48D65262C442}C:\program files\ubisoft\eagle dynamics\lock on\lockon.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\eagle dynamics\lock on\lockon.exe |
"UDP Query User{D77D7942-D952-4130-9929-8BFE628BEF8A}C:\games\thq\dawn of war\w40k.exe" = protocol=17 | dir=in | app=c:\games\thq\dawn of war\w40k.exe |
"UDP Query User{DBDEB2C4-964F-4156-96B4-8FAC47D0D8D3}C:\program files\ascaron entertainment\sacred underworld\sacred.exe" = protocol=17 | dir=in | app=c:\program files\ascaron entertainment\sacred underworld\sacred.exe |
"UDP Query User{E6798EF2-CAE0-417E-990C-D5A0F13FFDA3}C:\users\michael\documents\visual studio 2005\projects\presentation\presentation\bin\debug\netzwerk.exe" = protocol=17 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\presentation\presentation\bin\debug\netzwerk.exe |
"UDP Query User{E6F83E37-2076-41A5-B285-4A0CEB5E9732}C:\games\freelancer\exe\freelancer.exe" = protocol=17 | dir=in | app=c:\games\freelancer\exe\freelancer.exe |
"UDP Query User{F744ADE7-2C94-4277-BBB3-F4E43D522C57}C:\users\michael\documents\visual studio 2005\projects\michis-server\michis-server\bin\debug\michis-server.vshost.exe" = protocol=17 | dir=in | app=c:\users\michael\documents\visual studio 2005\projects\michis-server\michis-server\bin\debug\michis-server.vshost.exe |
"UDP Query User{FC38FB5B-894B-4AD6-8F18-8831B06F6CDC}C:\program files\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft\starcraft.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{08E4F3CE-A34E-4667-8DE9-147249FAE468}" = Mein Geld Professional
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3
"{1D328E11-3B0C-388C-835D-C9C20E8C7734}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{27FDF949-69CE-435A-8372-339F72336AC5}" = MEDIONbox
"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{450063AA-643B-417C-8CF5-405BA3F4EF40}" = Autodesk Design Review 2009
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{5783F2D7-8004-0407-0002-0060B0CE6BBA}" = AutoCAD Architecture 2010 - Deutsch
"{5783F2D7-8004-0407-1002-0060B0CE6BBA}" = AutoCAD Architecture 2010 Language Pack - Deutsch
"{5B52E1FF-BD66-4582-97BA-55C575C19504}" = Microsoft MSDN 2005 Express Edition - DEU
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{63B75E16-F290-4FCD-AF67-A9134CD01031}" = Nero 7 Essentials
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}" = QuickTime
"{6ED37A91-7710-3183-BE50-AB043FF6689E}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{87079BC7-1A1E-4520-B5C3-9AF582FA26FD}" = AuthenTec Fingerprint Sensor Minimum Install
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DDD8A6E-C353-4489-9935-63B8F0E4C6C4}" = SheepDog 1.0
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PRJPROR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PRJPROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PRJPROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PRJPROR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PRJPROR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2007
"{90120000-00B4-0407-0000-0000000FF1CE}_PRJPROR_{16809599-3C53-4A9A-A7E2-74A6D0D2C007}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{91120000-003B-0000-0000-0000000FF1CE}_PRJPROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-003B-0000-0000-0000000FF1CE}_PRJPROR_{9E73617F-2F38-4864-BD61-BB2DDFE43323}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{91CA0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96D33319-C14C-3070-A464-CE8416E46487}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{97CE8B73-AA5A-4987-A1BE-50DD1A187478}" = Microsoft Sync Framework SDK v1.0 SP1
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B804C424-B66D-447A-84BD-C6B88C392C3A}" = PowerDV
"{BBAAAD82-6242-420F-86D4-BD72BB5E6C86}" = Tools für Microsoft SQL Server 2005 Express Edition
"{C2C7AB30-146B-11D5-973C-00105A698689}" = StoneGate VPN Client 2.6.2.823
"{C6DD625F-4B61-4561-8286-87CA0275CEA1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86)
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCC8E84E-AB61-4EC0-890D-8B553915B3AD}" = TVsweeper
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.4.8
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0312AC6-988B-11DA-9C49-000476F770CC}" = CIB pdf brewer 2.5.29
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3C1DE9E-5E16-4BA9-B854-7B53A45E3579}" = Cisco Systems VPN Client 5.0.05.0290
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F990B526-8F7C-46E0-B1F1-6C893A8B478F}" = Microsoft Sync Framework Services v1.0 SP1 (x86)
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Akamai" = Akamai NetSession Interface
"ALDI Foto Manager Free Sued D" = ALDI Foto Manager Free Sued 3.4.0.466 (D)
"ALDI Fotobuch Druck Service_is1" = ALDI Fotobuch Druck Service
"ALDI Online Druck Service (Sued)" = ALDI Online Druck Service (Sued)
"ALDI Sued Foto Service D" = ALDI Sued Foto Service 1.10.1.67 (D)
"ArtCursors" = ArtCursors
"AutoCAD Architecture 2010 - Deutsch" = AutoCAD Architecture 2010 - Deutsch
"Autodesk Design Review 2009" = Autodesk Design Review 2009
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BlablaMaker" = Blabla Maker
"Bridge Builder" = Bridge Builder
"DivX Setup.divx.com" = DivX-Setup
"EPASS-HELENA®_Ultra_5.2_is1" = EPASS-HELENA® 5.2 Ultra
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"ftp-uploader" = ftp-uploader
"GIF Construction Set Professional 3" = GIF Construction Set Professional 3
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Half-Life: Counter-Strike" = Half-Life: Counter-Strike
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ICQToolbar" = ICQ Toolbar
"IONCROSS Freelancer Character Editor" = IONCROSS Freelancer Character Editor
"IONCROSS Freelancer Server Operator" = IONCROSS Freelancer Server Operator
"IQ 100" = IQ 100
"LameACM" = Lame ACM MP3 Codec
"LetsTrade" = LetsTrade Komponenten
"LHTTSENG" = L&H TTS3000 British English
"LHTTSGED" = L&H TTS3000 Deutsch
"LogMeIn Hamachi" = LogMeIn Hamachi
"MAGIX Music Maker Basic Edition D" = MAGIX Music Maker Basic Edition 12.1.0.3 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"MAGIX Xtreme Foto Designer 6 D" = MAGIX Xtreme Foto Designer 6 6.0.19.0 (D)
"McAfee Security Scan" = McAfee Security Scan Plus
"MEDION Fotos auf CD Sued D" = MEDION Fotos auf CD Sued 6.0.2.0 (D)
"Mediscript-CD GK1" = Mediscript-CD GK1
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft MSDN 2005 Express Edition - DEU" = Microsoft MSDN 2005 Express Edition - DEU
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"OpenAL" = OpenAL
"PDFAnnotator_is1" = PDF Annotator 1.5.0.133
"POD-Bot 2.5" = POD-Bot 2.5
"PokerStars" = PokerStars
"PRJPROR" = Microsoft Office Project Professional 2007
"Starcraft" = Starcraft
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Ulead GIF Animator Lite Edition 1.0" = Ulead GIF Animator Lite Edition 1.0
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Winamp" = Winamp (remove only)
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"X10Hardware" = X10 Hardware(TM)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.04.2011 15:43:37 | Computer Name = Michi2485 | Source = StoneGate Policy Manager | ID = 1000
Description =
Error - 19.04.2011 20:16:04 | Computer Name = Michi2485 | Source = StoneGate Policy Manager | ID = 1000
Description =
Error - 20.04.2011 08:59:26 | Computer Name = Michi2485 | Source = StoneGate Policy Manager | ID = 1000
Description =
Error - 20.04.2011 19:03:17 | Computer Name = Michi2485 | Source = StoneGate Policy Manager | ID = 1000
Description =
Error - 20.04.2011 22:22:22 | Computer Name = Michi2485 | Source = StoneGate Policy Manager | ID = 1000
Description =
Error - 20.04.2011 22:38:39 | Computer Name = Michi2485 | Source = EventSystem | ID = 4609
Description =
Error - 20.04.2011 23:12:28 | Computer Name = Michi2485 | Source = StoneGate Policy Manager | ID = 1000
Description =
Error - 21.04.2011 01:23:37 | Computer Name = MICHI2485 | Source = StoneGate Policy Manager | ID = 1000
Description =
Error - 21.04.2011 01:32:45 | Computer Name = Michi2485 | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.22.3 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: c5c Anfangszeit: 01cbffe518d1df68 Zeitpunkt der Beendigung:
7
Error - 21.04.2011 01:49:15 | Computer Name = Michi2485 | Source = StoneGate Policy Manager | ID = 1000
Description =
[ System Events ]
Error - 21.04.2011 01:49:16 | Computer Name = Michi2485 | Source = HTTP | ID = 15016
Description =
Error - 21.04.2011 01:50:28 | Computer Name = Michi2485 | Source = ipnathlp | ID = 31004
Description = 0 Bytes Speicher konnten durch den DNS-Proxy-Agenten nicht zugeordnet
werden. Möglicherweise ist nicht genügend Speicher vorhanden oder ein interner
Fehler ist im Speicher-Manager aufgetreten.
Error - 21.04.2011 01:51:32 | Computer Name = Michi2485 | Source = ipnathlp | ID = 34001
Description = ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.
Error - 21.04.2011 01:51:32 | Computer Name = Michi2485 | Source = Service Control Manager | ID = 7000
Description =
Error - 21.04.2011 01:51:32 | Computer Name = Michi2485 | Source = Service Control Manager | ID = 7000
Description =
Error - 21.04.2011 01:51:32 | Computer Name = Michi2485 | Source = ipnathlp | ID = 30013
Description = Die DHCP-Zuweisung wurde für IP-Adresse 192.168.178.23 deaktiviert,
da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der
die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die
IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb
dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
Error - 21.04.2011 01:52:47 | Computer Name = Michi2485 | Source = netbt | ID = 4321
Description = Der Name "1 :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.178.23 registriert werden. Der Computer mit IP-Adresse 192.168.178.41
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 21.04.2011 01:55:31 | Computer Name = Michi2485 | Source = Service Control Manager | ID = 7022
Description =
Error - 21.04.2011 01:56:53 | Computer Name = Michi2485 | Source = ipnathlp | ID = 30013
Description = Die DHCP-Zuweisung wurde für IP-Adresse 192.168.178.23 deaktiviert,
da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der
die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die
IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb
dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
Error - 21.04.2011 01:57:10 | Computer Name = Michi2485 | Source = netbt | ID = 4321
Description = Der Name "1 :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.178.23 registriert werden. Der Computer mit IP-Adresse 192.168.178.41
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
< End of report >
Vielen Dank schon mal im Vorraus! Gruß Michael |
|
21.04.2011, 10:02
| #2 |
| /// Malware-holic   | Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen du solltest dich auch ärgern, das du kaum windows updates machst, dann wäre das nämlich zu verhindern gewesen evtl.
__________________• Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. :OTL PRC - C:\ProgramData\UEBeSifOsb.exe (WinTrust) O4 - HKCU..\Run: [UEBeSifOsb] C:\ProgramData\UEBeSifOsb.exe (WinTrust) :Files C:\ProgramData\UEBeSifOsb.exe C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery :Commands [purity] [EMPTYFLASH] [emptytemp] [Reboot] • Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren. öffne computer, öffne C: dann _OTL dort rechtsklick auf moved files wähle zu moved files.rar oder zip hinzufügen. das archiv nach anleitung hochladen: http://www.trojaner-board.de/54791-a...ner-board.html
__________________ |
|
21.04.2011, 16:47
| #3 |
| | Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen Hallo,
__________________habe das nun so ausgeführt, allerdings hat sich OTL bei dem Punkt emptytemp aufgehängt. an diesem punkt hat er 45 minuten gehangen. hab dann neu gestartet und jetzt kommt keine virenwarnung mehr. auch die dateien sind jetzt halbdurchsichtig, aber wieder da. die logdatei kann ich nirgends finden, wahrscheinlich, weil sie aufgrund des fehlers nicht erstellt wurde. soll ich den letzten schritt mit dem "fix" nochmal ausführen? jedenfalls werd ich jetzt mal den gepackten "moved files" ordner hochladen, wobei ich aber keine ahnung hab, ob und was da drin is, da lass ich lieber die finger davon  Vielen Dank schonmal! |
|
21.04.2011, 17:12
| #4 |
| /// Malware-holic | Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen nein passt 1. unhide: Malwarebytes instalieren, öffnen, registerkarte aktualisierung, programm updaten. schalte alle laufenden programme ab, trenne die internetverbindung. registerkarte scanner, komplett scan, funde entfernen, log posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
22.04.2011, 00:32
| #5 |
| | Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen Hallo, Ich habe jetzt Malwarebytes laufen lassen und alle gefundenen Objekte gelöscht. Dabei waren auch von mir selbst geschriebene Programme dabei, und zwar genau diese, die in der Lage sind Dateien zu erstellen bzw auf welche zuzugreifen, aber nicht im schädlichen Sinn. Ich hab die auch gelöscht, da ich ja den Quellcode noch habe und sie jederzeit wieder erstellen kann. Kann es sein, dass diese fälschlicherweise identifiziert wurden, oder besteht die Möglichkeit, dass sie im nachhinein infiziert worden sind? Hier jedenfall der Inhalt der Logdatei... Meine Programme sind die, die im Visual Studio -Verzeichnis sind und der Model-Editor auf dem Desktop. Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6415
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
22.04.2011 01:23:21
mbam-log-2011-04-22 (01-23-21).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|)
Durchsuchte Objekte: 443848
Laufzeit: 1 Stunde(n), 43 Minute(n), 39 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 6
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 7
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\Users\Michael\Desktop\sys-ex-modeleditor\model-editor-2.2.exe (Trojan.MSIL.ND2) -> Quarantined and deleted successfully.
c:\Users\Michael\documents\visual studio 2005\Projects\SYS-EX\sys-ex-modeleditor2\bin\Texturen.exe (Trojan.MSIL.ND2) -> Quarantined and deleted successfully.
c:\Users\Michael\documents\visual studio 2005\Projects\SYS-EX\sys-ex-modeleditor2\obj\Debug\Texturen.exe (Trojan.MSIL.ND2) -> Quarantined and deleted successfully.
c:\Users\Michael\documents\visual studio 2010\Projects\Projects\SYS-EX\sys-ex-modeleditor2\bin\Texturen.exe (Trojan.MSIL.ND2) -> Quarantined and deleted successfully.
c:\Users\Michael\documents\visual studio 2010\Projects\Projects\SYS-EX\sys-ex-modeleditor2\obj\Debug\Texturen.exe (Trojan.MSIL.ND2) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\04212011_155441\c_programdata\uebesifosb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\program files\icqtoolbar\toolbaru.dll (Trojan.BHO) -> Quarantined and deleted successfully.
Achja, Unhide hat problemlos funktioniert. |
|
22.04.2011, 09:51
| #6 |
| /// Malware-holic | Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen du kannst über die Malwarebytes quarantäne deine dateien wiederherstellen. wir kümmern uns jetzt um updates und sicherheitseinstellungen, denn durch ein voll gepachtes system kann man vielen infektionen vorbäugen. servicepack2 für vista: Detail Seite Windows Server 2008 Service Pack 2 und Windows Vista Service Pack 2 - Five Language Standalone (KB948465) internet explorer 9: Internet Explorer - Microsoft Windows windows update: Microsoft Windows Update hier instalierst du so lange updates, bis es keine neuen mehr gibt. windows updates automatisch laden/instalieren: Aktivieren oder Deaktivieren von automatischen Updates damit dein system ab sofort immer aktuell bleibt.
__________________ --> Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen |
|
22.04.2011, 12:21
| #7 |
| | Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen Ok, das Service Pack kann eine Weile dauern. Updates waren schon immer auf automatisch und die hat er auch immer schön gemacht, aber kein Service Pack. Da werd ich mich drum kümmern. Brauch ich das mit dem Internet Explorer, wenn ich Firefox nutze, oder rätst du mir den Internet Explorer 9 zu nutzen? Und noch eine Frage hab ich.  Kannst Du mir eine gute Alternative zu Antivir sagen, denn als ich nach diesem Virus gegoogelt hab, is mir aufgefallen, dass jeder der das gleiche Problem hatte, Avira Antivir hatte, was vermuten lässt, dass das gerne mal was durchlassen könnte.Wenn das jetzt alles ist, was erledigt werden muss, dann komm ich ab jetzt alleine klar. Ich bin euch sowas von dankbar, klasse dass es so ein Forum gibt. Ich hab gesehen, dass man euch was spenden kann, und ein bisschen was werd ich euch zukommen lassen.  |
|
22.04.2011, 12:28
| #8 |
| /// Malware-holic | Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen hi, n bischen ist noch zu tun. ich möchte erst mal das du dich um die updates kümmerst. der internet explorer 9 ist wichtig, da viele system und andere programme auf bestandteile des internet explorers zurück greifen. ich möchte mit dir nachher noch einiges durchgehen, um das system abzusichern, falls du interesse hast. wenn wir das heute nicht mehr schaffen, bin ich erst ab dienstag wieder da, n bissel urlaub muss sein :-) aber ich denke das meiste sollten wir packen wenn du gleich los legst.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
22.04.2011, 18:21
| #9 |
| | Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen Sorry, war heute nicht daheim. Dann meld ich mich einfach am Dienstag, und mach bis dahin die Updates usw. Ich kann meinen Computer ja wieder nutzen und vor allem endlich mal die wichtigen Sachen auf die Externe ziehen, nehm ich mal an? Auf jeden Fall mal ein schönes Osterwochenende und nochmals danke! |
|
22.04.2011, 18:31
| #10 |
| /// Malware-holic | Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen ja, ist wie gesagt nur noch alles kosmetik, also updaten, pc absichern usw. schon wichtig, aber kann übers wochenende warten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
26.04.2011, 13:00
| #11 |
| | Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen So, jetzt hätte ich wieder Zeit. Hab das SP2 und alle Updates installiert. Auf Automatisch sind sie auch gestellt, was sie vorher auch schon waren. |
|
26.04.2011, 17:57
| #12 |
| /// Malware-holic | Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen lade den CCleaner slim: Piriform - Builds falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
26.04.2011, 18:55
| #13 |
| | Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen ok, hier die programm-liste, war gar nicht so einfach zu klassifizieren Code:
ATTFilter Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 29.06.2010 10.1.53.64 notwendig
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 17.09.2010 10.1.82.76 notwendig
Adobe Reader 8.1.2 - Deutsch Adobe Systems Incorporated 28.06.2008 99,7MB 8.1.2 notwendig
Adobe Shockwave Player Adobe Systems, Inc. 30.10.2007 10.2.0.23 notwendig
Agere Systems HDA Modem Agere Systems 17.09.2007 unbekannt
Akamai NetSession Interface 25.10.2010 1.967MB unbekannt
Apple Software Update Apple Inc. 30.01.2008 2,15MB 2.0.2.92 unbekannt
ArtCursors 12.04.2011 4,05MB notwendig
AuthenTec Fingerprint Sensor Minimum Install AuthenTec 17.09.2007 2,34MB 7.9.0 notwendig
AutoCAD Architecture 2010 - Deutsch Autodesk 25.10.2010 1.274MB 6.0.56.0 notwendig
Autodesk Design Review 2009 Autodesk, Inc. 28.10.2008 110,9MB 9.0.96 notwendig
Avira AntiVir Personal - Free Antivirus Avira GmbH 13.10.2009 74,7MB notwendig
CCleaner Piriform 25.04.2011 3,60MB 3.05 notwendig
CIB pdf brewer 2.5.29 CIB software GmbH 28.12.2009 12,0MB 2.5.29 notwendig
Cisco Systems VPN Client 5.0.05.0290 Cisco Systems, Inc. 29.04.2009 12,3MB 5.0.5 notwendig
Compatibility Pack für 2007 Office System Microsoft Corporation 14.04.2011 88,4MB 12.0.6425.1000 notwendig
Counter-Strike 1.6 12.02.2011 486MB 1.6 notwendig
DivX Converter DivX, Inc. 09.10.2010 30,4MB 6.6.1 notwendig
DivX-Setup DivX, Inc. 09.10.2010 2,30MB 2.1.2.2 notwendig
Dotfuscator Software Services - Community Edition PreEmptive Solutions 17.04.2011 6,45MB 5.0.2300.0 unbekannt
EPASS-HELENA® 5.2 Ultra 23.06.2010 59,6MB notwendig
EPSON Printer Software 09.06.2010 notwendig
EPSON Scan 09.06.2010 14,4MB notwendig
Feedback Tool Microsoft Corporation 22.04.2011 2,28MB 1.2.0 unbekannt
Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) MAGIX AG 23.09.2007 6,26MB 2.0.0.1 unbekannt
Free Audio CD Burner version 1.4 DVDVideoSoft Limited. 17.08.2010 3,11MB unbekannt
Free YouTube to MP3 Converter version 3.8 DVDVideoSoft Limited. 17.08.2010 3,00MB notwendig
ftp-uploader Firma Gregor Schommer Systemberatung, Raderthaler Str. 31, D-50968 Köln 28.10.2010 3,80MB 3.3.0.0 notwendig
GIF Construction Set Professional 3 28.10.2010 20,0MB notwendig
GIMP 2.6.11 The GIMP Team 12.04.2011 111,1MB 2.6.11 notwendig
Google Chrome Google Inc. 13.01.2010 215MB 10.0.648.204 notwendig
Google Desktop Google 30.10.2007 7,92MB - unbekannt
Google Earth Google 27.09.2010 85,4MB 5.2.1.1588 notwendig
Google Toolbar for Internet Explorer Google Inc. 22.03.2011 12,0MB 6.6.1409.1944 notwendig
Hex-Editor MX NEXT-Soft 05.04.2011 0,64MB 6.0 notwendig
ICQ Toolbar ICQ 13.07.2009 0,77MB 3.0.0 unnötig
ICQ7.4 ICQ 16.03.2011 45,3MB 7.4 notwendig
Intel(R) Graphics Media Accelerator Driver 30.10.2007 notwendig
Intel(R) Matrix Storage Manager 30.10.2007 3,77MB unbekannt
IONCROSS Freelancer Character Editor 05.10.2010 0,60MB notwendig
IONCROSS Freelancer Server Operator 05.10.2010 1,18MB notwendig
IQ 100 24.06.2009 10,2MB notwendig
Java(TM) 6 Update 2 Sun Microsystems, Inc. 17.09.2007 160,7MB 1.6.0.20 unbekannt
L&H TTS3000 British English 14.09.2010 notwendig
L&H TTS3000 Deutsch 14.09.2010 notwendig
Lame ACM MP3 Codec 14.09.2010 notwendig
Launch Manager V1.4.8 Wistron Corp. 17.09.2007 0,98MB 1.4.8 unbekannt
Lernout & Hauspie TruVoice American English TTS Engine 14.09.2010 notwendig
LetsTrade Komponenten 30.10.2007 11,7MB unbekannt
LogMeIn Hamachi LogMeIn, Inc. 29.03.2011 2,93MB 2.0.3.111 notwendig
MAGIX Music Maker Basic Edition 12.1.0.3 (D) MAGIX AG 26.01.2008 215MB 12.1.0.3 notwendig
MAGIX Online Druck Service 2.3.2.0 (D) MAGIX AG 26.01.2008 9,46MB 2.3.2.0 notwendig
MAGIX Xtreme Foto Designer 6 6.0.19.0 (D) MAGIX AG 07.06.2008 25,1MB 6.0.19.0 notwendig
MakeDisc CyberLink Corporation 30.10.2007 98,9MB 3.0.1924c2 unbekannt
Malwarebytes' Anti-Malware Malwarebytes Corporation 20.04.2011 4,80MB notwendig
McAfee Security Scan Plus McAfee, Inc. 26.06.2010 2,33MB 2.0.181.2 unnötig
MediaShow CyberLink Corporation 30.10.2007 33,0MB 3.0.4226 unbekannt
MEDION Fotos auf CD Sued 6.0.2.0 (D) MAGIX AG 23.09.2007 634MB 6.0.2.0 unbekannt
MEDIONbox Medion 17.09.2007 27,0MB 1.09.0000.00050 unbekannt
Mediscript-CD GK1 26.05.2009 unbekannt
Mein Geld Professional Buhl Data Service GmbH 17.09.2007 137,3MB 8.00.0007 unbekannt
Microsoft .NET Framework 1.1 17.09.2007 notwendig
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 18.08.2009 37,0MB notwendig
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 15.08.2009 37,0MB notwendig
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 18.03.2011 182,9MB 4.0.30319 notwendig
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 18.03.2011 46,2MB 4.0.30319 notwendig
Microsoft .NET Framework 4 Extended Microsoft Corporation 18.03.2011 46,0MB 4.0.30319 notwendig
Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 18.03.2011 11,7MB 4.0.30319 notwendig
Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Corporation 18.03.2011 83,5MB 4.0.30319 notwendig
Microsoft Age of Empires II 11.03.2011 560MB notwendig
Microsoft Age of Empires II: The Conquerors Expansion 11.03.2011 560MB notwendig
Microsoft ASP.NET MVC 2 Microsoft Corporation 17.04.2011 0,47MB 2.0.50217.0 notwendig
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools Microsoft Corporation 17.04.2011 2,27MB 2.0.50217.0 notwendig
Microsoft Help Viewer 1.0 Microsoft Corporation 18.03.2011 6,09MB 1.0.30319 notwendig
Microsoft Help Viewer 1.0 Language Pack - DEU Microsoft Corporation 18.03.2011 6,09MB 1.0.30319 notwendig
Microsoft MSDN 2005 Express Edition - DEU Microsoft Corporation 17.12.2008 621MB notwendig
Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 14.04.2011 51,0MB 12.0.6425.1000 notwendig
Microsoft Office Project Professional 2007 Microsoft Corporation 31.10.2010 445MB 12.0.6425.1000 notwendig
Microsoft Office Small Business Edition 2003 Microsoft Corporation 14.04.2011 337MB 11.0.8173.0 notwendig
Microsoft Office XP Professional mit FrontPage Microsoft Corporation 23.04.2011 129,9MB 10.0.6626.0 notwendig
Microsoft Silverlight Microsoft Corporation 20.04.2011 177,3MB 4.0.60310.0 notwendig
Microsoft Silverlight 3 SDK Microsoft Corporation 17.04.2011 31,9MB 3.0.40818.0 notwendig
Microsoft SQL Server 2005 Microsoft Corporation 21.03.2011 66,5MB notwendig
Microsoft SQL Server 2008 R2 Data-Tier Application Framework Microsoft Corporation 17.04.2011 0,32MB 10.50.1447.4 notwendig
Microsoft SQL Server 2008 R2 Data-Tier Application Project Microsoft Corporation 17.04.2011 11,8MB 10.50.1447.4 notwendig
Microsoft SQL Server 2008 R2 Management Objects Microsoft Corporation 17.04.2011 15,2MB 10.50.1447.4 notwendig
Microsoft SQL Server 2008 R2 Transact-SQL Language Service Microsoft Corporation 17.04.2011 5,34MB 10.50.1447.4 notwendig
Microsoft SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 18.03.2011 3,69MB 3.5.8080.0 notwendig
Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft Corporation 17.04.2011 3,39MB 3.5.8080.0 notwendig
Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft Corporation 17.04.2011 10,2MB 10.1.2512.8 notwendig
Microsoft SQL Server Native Client Microsoft Corporation 21.03.2011 2,63MB 9.00.5000.00 notwendig
Microsoft SQL Server System CLR Types Microsoft Corporation 17.04.2011 2,53MB 10.50.1447.4 notwendig
Microsoft SQL Server VSS Writer Microsoft Corporation 21.03.2011 0,68MB 9.00.5000.00 notwendig
Microsoft Sync Framework Runtime v1.0 SP1 (x86) Microsoft Corporation 17.04.2011 0,80MB 1.0.3010.0 notwendig
Microsoft Sync Framework SDK v1.0 SP1 Microsoft Corporation 17.04.2011 29,6MB 1.0.3010.0 notwendig
Microsoft Sync Framework Services v1.0 SP1 (x86) Microsoft Corporation 17.04.2011 2,01MB 1.0.3010.0 notwendig
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) Microsoft Corporation 17.04.2011 0,53MB 2.0.3010.0 notwendig
Microsoft Team Foundation Server 2010 Object Model - ENU Microsoft Corporation 17.04.2011 273MB 10.0.30319 notwendig
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 18.01.2010 0,25MB 8.0.50727.4053 notwendig
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 17.09.2007 0,41MB 8.0.56336 notwendig
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 18.01.2010 0,19MB 9.0.30729.4148 notwendig
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 22.04.2011 0,58MB 9.0.30729.5570 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 13.10.2009 0,58MB 9.0.30729 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Corporation 17.04.2011 0,58MB 9.0.30729.4974 notwendig
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 Microsoft Corporation 17.04.2011 26,0MB 10.0.30319 notwendig
Microsoft Visual F# 2.0 Runtime Microsoft Corporation 17.04.2011 5,82MB 10.0.30319 notwendig
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Corporation 17.04.2011 33,5MB 10.0.30319 notwendig
Microsoft Visual Studio 2010 Professional - ENU Microsoft Corporation 17.04.2011 1.779MB 10.0.30319 notwendig
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Corporation 18.04.2011 6,07MB 10.0.30319 notwendig
Microsoft Visual Studio Macro Tools Microsoft Corporation 17.04.2011 24,2MB 9.0.30729 notwendig
Microsoft Works Microsoft Corporation 14.12.2010 378MB 9.7.0621 notwendig
Mozilla Firefox (3.6.16) Mozilla 25.03.2011 31,0MB 3.6.16 (de) notwendig
MSXML 4.0 SP2 (KB925672) Microsoft Corporation 17.09.2007 1,24MB 4.20.9839.0 notwendig
MSXML 4.0 SP2 (KB927978) Microsoft Corporation 17.09.2007 1,24MB 4.20.9841.0 notwendig
MSXML 4.0 SP2 (KB936181) Microsoft Corporation 17.09.2007 1,27MB 4.20.9848.0 notwendig
MSXML 4.0 SP2 (KB941833) Microsoft Corporation 01.11.2007 1,27MB 4.20.9849.0 notwendig
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 11.11.2008 1,28MB 4.20.9870.0 notwendig
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 24.11.2009 1,34MB 4.20.9876.0 notwendig
Nero 7 Essentials Nero AG 17.09.2007 512MB 7.02.5182 notwendig
OpenAL 21.02.2011 0,75MB unbekannt
PDF Annotator 1.5.0.133 GRAHL software design 18.01.2008 8,65MB 1.5.0.133 notwendig
PhotoNow! 1.0 CyberLink Corporation 30.10.2007 1,57MB 3.0.4310 unbekannt
PokerStars PokerStars 08.12.2009 93,1MB notwendig
PowerDirector 30.10.2007 130,1MB notwendig
PowerDV CyberLink Corp. 30.10.2007 51,6MB 2.0 notwendig
PowerDVD CyberLink Corporation 30.10.2007 89,4MB 7.0.3118.0 notwendig
PowerProducer 30.10.2007 163,0MB notwendig
QuickTime Apple Inc. 30.01.2008 76,4MB 7.4.0.91 notwendig
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista Realtek 17.09.2007 0,66MB 1.00.0000 notwendig
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 17.09.2007 15,4MB 6.0.1.5477 notwendig
Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 17.09.2007 2,84MB notwendig
Sceneo AbsolutTV 30.10.2007 4,80MB notwendig
SheepDog 1.0 Josh Sklare 18.10.2010 40,00KB 1.0.0.0 notwendig
Skype Toolbars Skype Technologies S.A. 22.04.2010 6,12MB 1.0.4051 unnötig
Skype™ 4.2 Skype Technologies S.A. 21.04.2010 31,7MB 4.2.158 notwendig
Starcraft 30.07.2010 173,9MB notwendig
StoneGate VPN Client 2.6.2.823 04.11.2007 1,00MB notwendig
Synaptics Pointing Device Driver Synaptics 17.09.2007 13,6MB 10.0.14.0 notwendig
TeamSpeak 2 RC2 Dominating Bytes Design 12.01.2008 2.0.32.60 notwendig
Text-To-Speech-Runtime Magix Development GmbH 26.01.2008 0,25MB 1.0.0.0 notwendig
TVsweeper Sonavis 17.09.2007 4,03MB 3.0.2 notwendig
ubi.com 11.03.2008 2,29MB notwendig
Ulead GIF Animator Lite Edition 1.0 23.09.2008 2,13MB notwendig
Ulead PhotoImpact 12 Ulead System 30.10.2007 389MB 12.0 notwendig
Uninstall 1.0.0.1 17.08.2010 16,3MB unbekannt
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) Microsoft Corporation 21.03.2011 22,6MB 9.00.5000.00 notwendig
VideoLAN VLC media player 0.8.6d VideoLAN Team 12.02.2008 32,7MB 0.8.6d notwendig
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU Microsoft Corporation 17.04.2011 10,8MB 4.0.8080.0 notwendig
Web Deployment Tool Microsoft Corporation 17.04.2011 4,54MB 1.1.0618 notwendig
Winamp (remove only) 30.10.2007 13,3MB notwendig
Windows Live Anmelde-Assistent Microsoft Corporation 17.01.2010 1,92MB 5.000.818.5 notwendig
Windows Live Essentials Microsoft Corporation 17.01.2010 44,0MB 14.0.8089.0726 notwendig
Windows Live-Uploadtool Microsoft Corporation 17.01.2010 0,22MB 14.0.8014.1029 notwendig
WinRAR 27.12.2007 3,66MB notwendig
X10 Hardware(TM) 30.10.2007 28,00KB unbekannt
|
|
26.04.2011, 20:24
| #14 |
| /// Malware-holic | Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen deinstalliere adobe reader neue version: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus öffne den adobe reader, bearbeiten, voreinstellungen, javascript, dort den haken raus, internet, ebenfalls alle haken raus. so werden keine pdfs mehr automatisch geladen und es kann dir kein schadcode mehr auf diese weise untergeschoben werden. unter allgemein, nur zertifizierte zusatzmodule verwenden anhaken. unter update, auf instalieren stellen. klicke übernehmen /ok deinstaliere. Dotfuscator Feedback Firebird Free Audio Free YouTube Google Desktop Google Toolbar risiko, weg damit ICQ Toolbar Java Java SE Downloads klicke download jre Launch Manager LetsTrade McAfee MEDIONbox MEDION MediaShow Mein Geld Mozilla Firefox öffnen hilfe update, version 4 PhotoNow Skype Toolbars Skype™ 4.2 öffnen updaten, version 5 VideoLAN vlc öffnen, updaten bereinige mit dem ccleaner
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
01.05.2011, 02:59
| #15 |
| | Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen Ok, sorry, dass es oft länger dauert, bis ich antworte. Ich bin zur Zeit sehr beschäftigt. Was steht noch an? Gruß |
|
| Themen zu Habe mir ebenfalls TR/Kazy.mekml.1 eingefangen |
| 0x00000001, akamai, antivir, avgntflt.sys, avira, bho, converter, downloader, druck, ebay, error, excel, excel.exe, firefox, flash player, gcs.exe, geld, google, google chrome, google earth, home, hotkey.sys, install.exe, intranet, ip-adresse, launch, location, mp3, office 2007, oldtimer, otl.exe, plug-in, realtek, saver, scan, sched.exe, searchplugins, security, security scan, security update, server, shell32.dll, skype.exe, software, sptd.sys, start menu, studio, svchost.exe, system, teamspeak, tracker, usb 2.0, virus, vista, visual studio, youtube downloader, ändern |
Linear-Darstellung
