| |
| |||||||
Log-Analyse und Auswertung: Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim SurfenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
30.05.2011, 10:19
| #1 |
 |  Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen Hallo, ich habe mir gestern dummerweise Windows Vista Recovery eingefangen, konnte es aber dank eurer Anleitung entfernen. Ich führte einen Scan mit Malwarebytes Anti-Malware durch, die 8 gefunden infizierten Objekte entfernte. Bei meinen Daten, die infolgedessen versteckt waren, hab ich den Haken bei "versteckt" rausgenommen, sodass dabei wieder alles beim Alten zu sein scheint. Dafür schonmal ein großes Dankeschön an euch. Allerdings tritt beim Surfen über kurz oder lang immer wieder ein Problem auf, und zwar dass ich keine Seite mehr erreichen kann. Die Fehlermeldung sieht dann meist so (oder so ähnlich) aus: "Invalid URL The requested URL "/", is invalid. Reference #9.36447b5c.1306745311.23c5495b" oder "domain suspended" oder "404 Not Found". Nach einem Neustart des Computers funktioniert das Ganze wieder für ein paar Minuten/Seiten. Ich habe erfolgreich einen Scan mit OTL durchgeführt und wollte auch einen mit GMER machen. Dabei erschien aber kurze Zeit nach dem Starten des Scans die Meldung, dass das Programm nicht mehr funktioniert. OTL.txt OTL Logfile: Code:
ATTFilter OTL logfile created on: 30.05.2011 09:57:00 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Benni\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 59,73% Memory free
4,22 Gb Paging File | 3,29 Gb Available in Paging File | 77,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 216,41 Gb Total Space | 45,68 Gb Free Space | 21,11% Space Free | Partition Type: NTFS
Drive D: | 107,22 Gb Total Space | 53,33 Gb Free Space | 49,74% Space Free | Partition Type: NTFS
Computer Name: BENNI-PC | User Name: Benni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe (G DATA Software AG)
PRC - C:\Programme\G DATA AntiVirenKit 2007 Trial\AVKTray\AVKTray.exe (G DATA Software AG)
PRC - C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKService.exe (G DATA Software AG)
PRC - C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKWCtl.exe (G DATA Software AG)
PRC - C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
PRC - C:\Windows\System32\PSIService.exe ()
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.20656_none_463680b8218be5a3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AVKProxy) -- C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe (G DATA Software AG)
SRV - (AVKService) -- C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKService.exe (G DATA Software AG)
SRV - (AVKWCtl) -- C:\Programme\G DATA AntiVirenKit 2007 Trial\AVK\AVKWCtl.exe (G DATA Software AG)
SRV - (UPnPService) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
SRV - (TestHandler) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
========== Driver Services (SafeList) ==========
DRV - (GDMnIcpt) -- C:\Windows\System32\drivers\MiniIcpt.sys (G DATA Software AG)
DRV - (GDTdiInterceptor) -- C:\Windows\System32\drivers\GDTdiIcpt.sys ()
DRV - (HookCentre) -- C:\Windows\System32\drivers\HookCentre.sys (G DATA Software AG)
DRV - (nvrd32) -- C:\Windows\system32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ViPrt) -- C:\Windows\system32\DRIVERS\ViPrt.sys (VIA Technologies, Inc.)
DRV - (ViBus) -- C:\Windows\system32\DRIVERS\ViBus.sys (VIA Technologies, Inc.)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://de.wikipedia.org/wiki/Wikipedia:Hauptseite"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.30 09:15:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.30 10:38:49 | 000,000,000 | ---D | M]
[2008.08.28 06:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Extensions
[2011.05.30 09:12:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions
[2011.03.04 18:26:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.05.26 19:15:00 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.06 15:13:35 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.04 21:30:55 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.04.14 06:39:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.01.09 11:29:03 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2011.05.06 15:13:35 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\engine@conduit.com
[2009.11.15 19:14:18 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Benni\AppData\Roaming\mozilla\Firefox\Profiles\poo43juf.default\extensions\moveplayer@movenetworks.com
[2009.12.15 08:07:32 | 000,000,881 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\conduit.xml
[2011.05.30 09:13:22 | 000,000,950 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin-1.xml
[2009.07.23 12:55:55 | 000,000,950 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin-2.xml
[2009.08.04 12:30:33 | 000,000,950 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin-3.xml
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\icqplugin.xml
[2008.04.11 18:47:21 | 000,000,273 | ---- | M] () -- C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\poo43juf.default\searchplugins\search.xml
[2011.05.30 09:15:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2009.06.07 12:48:43 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.04.21 09:44:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.01.05 09:22:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\BENNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\POO43JUF.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\BENNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\POO43JUF.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BENNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\POO43JUF.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (Google Germany GmbH)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Germany GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Germany GmbH)
O4 - HKLM..\Run: [AVKTray] C:\Programme\G DATA AntiVirenKit 2007 Trial\AVKTray\AVKTray.exe (G DATA Software AG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE (Corel Corporation)
O4 - HKLM..\Run: [recinfo294] c:\RecInfo\RecInfo.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EA Core] File not found
O4 - HKCU..\Run: [mmplayer.exe] C:\Users\Benni\AppData\Roaming\Adobe\mmplayer.exe ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Öffnen mit WordPerfect - c:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta ()
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Benni\Pictures\schweiz.jpg
O24 - Desktop BackupWallPaper: C:\Users\Benni\Pictures\schweiz.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.05.30 09:36:50 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTL.exe
[2011.05.30 09:24:58 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTH.scr
[2011.05.29 18:37:17 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\Malwarebytes
[2011.05.29 18:37:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.29 18:37:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.29 18:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.29 18:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.05.29 17:40:41 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery
[2011.05.26 19:14:34 | 000,000,000 | ---D | C] -- C:\Users\Benni\AppData\Roaming\ICQ
[4 C:\Users\Benni\Documents\*.tmp files -> C:\Users\Benni\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.05.30 09:49:45 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.05.30 09:47:38 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.30 09:47:29 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.30 09:47:29 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.30 09:47:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.30 09:47:20 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.30 09:36:49 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTL.exe
[2011.05.30 09:24:57 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Benni\Desktop\OTH.scr
[2011.05.30 09:15:49 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.30 08:47:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.29 19:16:17 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2011.05.29 18:37:05 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.29 17:50:12 | 000,000,384 | ---- | M] () -- C:\ProgramData\21815056
[2011.05.29 17:47:36 | 000,000,136 | ---- | M] () -- C:\ProgramData\~21815056r
[2011.05.29 17:47:36 | 000,000,128 | ---- | M] () -- C:\ProgramData\~21815056
[2011.05.29 09:27:42 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{547E4987-006D-4BD5-9A9B-D6F4519F2E8A}.job
[2011.05.26 23:09:58 | 000,000,012 | ---- | M] () -- C:\Users\Benni\Desktop\prefs.dat
[2011.05.26 18:09:28 | 000,204,800 | ---- | M] () -- C:\Users\Benni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.08 20:48:34 | 000,641,106 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.08 20:48:34 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.08 20:48:34 | 000,116,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.08 20:48:34 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.01 20:23:35 | 000,000,852 | ---- | M] () -- C:\Users\Benni\.recently-used.xbel
[4 C:\Users\Benni\Documents\*.tmp files -> C:\Users\Benni\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.05.30 09:15:49 | 000,000,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.05.30 09:15:49 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.05.29 19:16:16 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011.05.29 18:37:05 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.29 17:40:54 | 000,000,136 | ---- | C] () -- C:\ProgramData\~21815056r
[2011.05.29 17:40:54 | 000,000,128 | ---- | C] () -- C:\ProgramData\~21815056
[2011.05.29 17:40:11 | 000,000,384 | ---- | C] () -- C:\ProgramData\21815056
[2011.05.01 20:23:35 | 000,000,852 | ---- | C] () -- C:\Users\Benni\.recently-used.xbel
[2010.04.26 10:32:22 | 000,000,680 | ---- | C] () -- C:\Users\Benni\AppData\Local\d3d9caps.dat
[2010.01.06 01:05:46 | 000,004,096 | ---- | C] () -- C:\Users\Benni\AppData\Local\keyfile3.drm
[2009.11.13 18:00:47 | 000,005,732 | ---- | C] () -- C:\Windows\unins000.dat
[2008.09.22 20:48:40 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.09.05 14:39:40 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2008.03.15 13:18:57 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll
[2008.02.20 19:27:09 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.01.07 19:29:01 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.01.04 23:58:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007.12.30 14:26:56 | 000,000,848 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2007.12.26 10:55:31 | 000,204,800 | ---- | C] () -- C:\Users\Benni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.11.16 04:23:40 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007.11.16 04:23:39 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.11.16 04:19:21 | 000,039,120 | ---- | C] () -- C:\Windows\System32\drivers\GDTdiIcpt.sys
[2007.11.16 04:17:26 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll
[2006.11.02 21:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006.11.02 17:33:31 | 000,641,106 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,116,500 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,382,896 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,609,944 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,726 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006.08.11 10:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
========== LOP Check ==========
[2011.01.15 13:57:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Any Video Converter
[2011.04.05 17:28:42 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ChessBase
[2011.04.19 09:33:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.01 06:35:28 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\foobar2000
[2010.09.10 01:02:50 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\FreeFLVConverter
[2011.05.26 19:15:46 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ICQ
[2008.01.03 17:16:18 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\ICQ Toolbar
[2009.11.17 21:08:34 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\JBF Software
[2009.10.27 17:28:54 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Leadertech
[2008.01.17 21:14:45 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\MAGIX
[2008.04.10 19:33:15 | 000,000,000 | ---D | M] -- C:\Users\Benni\AppData\Roaming\Qlikworld
[2010.06.06 16:51:00 | 000,000,364 | -H-- | M] () -- C:\Windows\Tasks\Install_NSS.job
[2011.05.30 09:46:24 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.05.29 09:27:42 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{547E4987-006D-4BD5-9A9B-D6F4519F2E8A}.job
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2009.01.06 22:49:34 | 000,024,064 | ---- | M] ()(C:\Users\Benni\Documents\?ghzhzh.doc) -- C:\Users\Benni\Documents\卐ghzhzh.doc
[2009.01.06 22:49:33 | 000,024,064 | ---- | C] ()(C:\Users\Benni\Documents\?ghzhzh.doc) -- C:\Users\Benni\Documents\卐ghzhzh.doc
< End of report >
Extras.txt OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 30.05.2011 09:57:00 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Benni\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 59,73% Memory free
4,22 Gb Paging File | 3,29 Gb Available in Paging File | 77,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 216,41 Gb Total Space | 45,68 Gb Free Space | 21,11% Space Free | Partition Type: NTFS
Drive D: | 107,22 Gb Total Space | 53,33 Gb Free Space | 49,74% Space Free | Partition Type: NTFS
Computer Name: BENNI-PC | User Name: Benni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B3D0503-A807-4ADF-8CD5-F2EE7ABE00FF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{623AFFD2-26F3-42E0-ADDB-B6F7B75D1259}" = lport=0 | protocol=6 | dir=in | name=magix upnp media server |
"{6315AACB-EBD5-483D-BCBC-F6428A40D850}" = lport=1900 | protocol=17 | dir=in | name=microsoft upnp-port (udp) |
"{9875426E-394D-4786-88F1-06A0C11DDF5A}" = lport=2869 | protocol=6 | dir=in | name=microsoft upnp-port (tcp) |
"{F466CB2B-C01A-4D8F-B501-89ACB55C39DF}" = lport=9000 | protocol=6 | dir=in | name=magix upnp media server |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16F692D4-6FC2-4FC9-B968-A50664CFF9B2}" = protocol=6 | dir=in | app=c:\program files\common files\magix shared\upnpservice\upnpservice.exe |
"{23D099FD-D69F-447C-A472-9859AB60CA6D}" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"{450CCA17-0E24-410C-BE56-298104A6702E}" = protocol=17 | dir=in | app=c:\program files\common files\magix shared\upnpservice\upnpservice.exe |
"{EFDD1B3C-855B-4224-8FFE-C00FF1A9C048}" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{09F83561-971C-48E3-AD5B-6ED6EECA2FC8}C:\bluebyte\siedler3\s3.exe" = protocol=6 | dir=in | app=c:\bluebyte\siedler3\s3.exe |
"TCP Query User{1A9A90E3-2A83-4B15-B5F9-FAD2284A2F04}C:\program files\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files\trillian\trillian.exe |
"TCP Query User{280DF8E3-64B1-44F1-B8B1-BC7807F09EE8}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{2EE6A014-F488-494B-BCEE-0FB31AA55C00}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{4D44949E-74F9-4825-B34C-4D4AFF9959F1}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe |
"TCP Query User{6C679089-D391-4A0C-BF58-45ABED1FDDAF}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{6FC509E2-7E2F-4393-8269-881494EF5929}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{7FEADA26-6CBE-4FFF-98EF-D06B853E55D2}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{7FF4F91D-4651-48C7-A522-4BB0C92545F9}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{B1D7A58A-F625-4F75-BFCF-B32554D12910}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{B26D4A4B-AD32-4785-A395-631C478B76F7}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{BEFE1D79-8B8F-4C1C-BDBC-6C86926776AF}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{C260BB8B-BFCD-4B2E-A2ED-1A2A811D76CB}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{C3FB0E17-DF17-4623-8310-AFE533A8E37B}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{DCF30CB2-E64C-46E1-BA1C-920E835D4647}C:\program files\sopcast\sopvod.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopvod.exe |
"TCP Query User{DE34F050-A652-41CB-A991-38453F7C7182}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{0A8AEAB7-C370-4A46-AA83-C8C7A37986AE}C:\program files\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files\trillian\trillian.exe |
"UDP Query User{23D22D3D-B8C1-4DF2-8128-E53C564BD128}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe |
"UDP Query User{241A3218-9EAC-4DA1-8B4A-A95F2FC539B2}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{2CA08231-E2AA-43AE-A177-808CCEBA71BF}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{31D007D8-C561-40C2-8EE8-BC74F56FA5CB}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{56E88A37-4B22-4AFE-B9F9-3F45DAFD8C7F}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{57CEBCC4-0CD2-48EA-8055-64FA1D5C2452}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{978FA28F-CED2-4A4B-8F99-FA8FCB5783B9}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{97FFEF9A-CFEB-419A-B514-FC578E86E571}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{B7860D3C-2C90-4CDC-AE8F-1B173151350E}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{B8CD15AA-A8C4-4D7B-A542-7F7834DEA11A}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{BA205C2B-58DF-4664-9175-2C1CAA0F6802}C:\program files\sopcast\sopvod.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopvod.exe |
"UDP Query User{BE06FD49-C71A-4AC9-94B7-D4592FCB7ABF}C:\bluebyte\siedler3\s3.exe" = protocol=17 | dir=in | app=c:\bluebyte\siedler3\s3.exe |
"UDP Query User{D85EA8A0-AA22-4601-A6FE-EC6909197042}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{DDB5A942-1E69-480B-8BAB-008D990D89B1}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{DE3B5D5A-64D3-413A-942F-CF8D306BD603}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06238444-BD04-417E-859A-C2543A784272}" = Fritz7 Demo
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{1A637513-CC46-4C3B-8114-1E4F1D71CF42}" = Fritz11 WM Edition
"{1AD2EC5E-9A73-452B-8C87-43D2E32C3831}" = Fritz11 WM Edition
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 23
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D0FEAB4-5D81-4461-A9CA-766B530FC6EA}" = G DATA AntiVirenKit
"{4DECFC9F-2310-4C02-009A-B6758306EF00}" = FIFA 06
"{52537172-CBB0-44C4-BBB4-CC992BAF81F4}" = Playchess
"{54DB13F1-0CE0-4BAB-BD5F-7DE150C043C8}" = WordPerfect Office X3
"{552C5B4A-595F-4FA6-B2AD-2F1B2A333CE5}" = Fritz7
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6803A6E6-48FF-48AB-B558-7B651BBE1031}" = Nero 8 Essentials
"{70D9854A-CEF5-4BCF-B37A-0AA1AB0A83CF}" = Playchess
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{84F7CAD9-2316-4701-B5CA-E90FD60029E9}" = ANNO 1602
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D794373D-4197-4F77-AB73-5404A005E043}" = Mathematik interaktiv
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Codeur Windows Media Série 9
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Any Video Converter_is1" = Any Video Converter 2.7.2
"Arena 2.0.1_is1" = Arena 2.0.1
"Big Fish Games Center" = Big Fish Games Center (remove only)
"Big Fish Games Sudoku" = Big Fish Games Sudoku (remove only)
"BitComet FLV Converter" = BitComet FLV Converter 1.0
"Blue Byte Game Channel" = Blue Byte Game Channel
"bowili-Schach" = bowili-Schach
"Cradle of Rome" = Cradle of Rome (remove only)
"ÐÂÀËÖ±²¥" = ÐÂÀËÖ±²¥
"DivX Setup.divx.com" = DivX-Setup
"FarmingSimulator2009DemoDE_is1" = Landwirtschafts-Simulator 2009 Demo
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"foobar2000" = foobar2000 v1.1
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Audio Converter_is1" = Free Audio Converter version 2.0
"Free FLV Converter_is1" = Free FLV Converter V 6.92.0
"Free YouTube Download_is1" = Free YouTube Download version 2.10.30
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Indeo® software" = Indeo® software
"MAGIX Foto Manager 2007 D" = MAGIX Foto Manager 2007 4.2.0.79 (D)
"MAGIX Media Suite D" = MAGIX Media Suite 1.12.0.89 (D)
"MAGIX Music Manager 2007 D" = MAGIX Music Manager 2007 8.2.0.144 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"MAGIX Ringtone Maker SE D" = MAGIX Ringtone Maker SE 3.1.0.4 (D)
"Mahjong Towers Eternity EU" = Mahjong Towers Eternity EU (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"NVIDIA Drivers" = NVIDIA Drivers
"phase5" = phase5
"Poker Superstars II" = Poker Superstars II (remove only)
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"S2TNG" = Die Siedler II - Die nächste Generation
"S3" = Die Siedler III Gold Edition
"S4Uninst" = Die Siedler IV
"Sea3D_is1" = Sea3D 1.2.0a
"Sevilla" = Sevilla
"SopCast" = SopCast 2.0.4
"Trillian" = Trillian
"TVUPlayer" = TVUPlayer 2.3.4.1
"Uninstall_is1" = Uninstall 1.0.0.1
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"Windows Media Encoder 9" = Codeur Windows Media Série 9
"WinGimp-2.0_is1" = GIMP 2.6.3
"WinRAR archiver" = WinRAR
"Worms Armageddon" = Worms Armageddon
"Zattoo" = Zattoo 3.2.4 Beta
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"Kellogg's Clip Studio" = Kellogg's Clip Studio
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12.01.2010 08:39:28 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description =
Error - 12.01.2010 12:29:47 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description =
Error - 12.01.2010 15:48:31 | Computer Name = Benni-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 13.01.2010 13:26:34 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description =
Error - 13.01.2010 13:27:14 | Computer Name = Benni-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 13.01.2010 14:34:08 | Computer Name = Benni-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 13.01.2010 15:29:45 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description =
Error - 14.01.2010 07:11:45 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description =
Error - 14.01.2010 09:53:32 | Computer Name = Benni-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 14.01.2010 10:49:18 | Computer Name = Benni-PC | Source = WerSvc | ID = 5007
Description =
[ System Events ]
Error - 14.05.2011 01:07:29 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 19.05.2011 00:29:51 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 19.05.2011 15:19:21 | Computer Name = Benni-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 19.05.2011 um 19:43:44 unerwartet heruntergefahren.
Error - 19.05.2011 15:24:33 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 26.05.2011 00:30:18 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 26.05.2011 13:15:15 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 29.05.2011 11:44:57 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 29.05.2011 11:52:04 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 29.05.2011 12:02:49 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 29.05.2011 12:34:38 | Computer Name = Benni-PC | Source = Service Control Manager | ID = 7022
Description =
< End of report >
|
| Themen zu Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen |
| com surrogate funktioniert nicht mehr, converter, desktop, error, firefox, flash player, google chrome, google earth, grand theft auto, iexplore.exe, install.exe, logfile, nvlddmkm.sys, oldtimer, plug-in, programm, realtek, searchplugins, security, security scan, shell32.dll, shortcut, software, start menu, svchost.exe, vista recovery, windows |
Baum-Darstellung