TR/Crypt.ZPACK.Gen2 löscht Pfade und löscht progs und Verknüpfungen
Hallo "Trojaner-Bekämpfungs und Seuchen Killer-Kommando" ,
habe ein kleines Problem mit nem Trojaner der oben genannt ist in der Überschrift.
In diesem Thread ist genau mein Problem schon behandelt wqorden. http://www.trojaner-board.de/96995-t...ht-aerger.html
Ich Poste dazu einfach mal die Malware Logs + OTL logs.
Hoffe dass Ihr mir weiterhelfen könnt. Viele Dank im voraus schonmal!
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Datenbank Version: 8090
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
05.11.2011 15:53:59
mbam-log-2011-11-05 (15-53-55).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|G:\|H:\|I:\|)
Durchsuchte Objekte: 349862
Laufzeit: 55 Minute(n), 48 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\Users\Tina\AppData\LocalLow\Sun\Java\deployment\cache\6.0\38\3f3612a6-53d6c854 (Trojan.FakeAlert.Gen) -> No action taken. Code:
OTL logfile created on: 05.11.2011 13:59:01 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Tina\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 56,88% Memory free
6,50 Gb Paging File | 4,89 Gb Available in Paging File | 75,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 575,07 Gb Total Space | 483,80 Gb Free Space | 84,13% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 19,91 Gb Free Space | 99,56% Space Free | Partition Type: NTFS
Computer Name: TINA-PC | User Name: Tina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Tina\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\ieconfig_1und1_svc.exe ()
PRC - C:\Programme\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
PRC - C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10v_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
PRC - C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\1&1\1&1 EasyLogin\EasyLogin.exe (1&1 Internet AG)
PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\pdf24\pdf24.exe (Geek Software GmbH)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - c:\Programme\Windows Defender\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Windows\System32\PSIService.exe ()
PRC - C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\Maps Service API.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\QtWebKit4.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\QtNetwork4.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\sqldrivers\qsqlite4.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\Imageformats\qjpeg4.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\Imageformats\qgif4.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\QtGui4.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\QtCore4.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\QtDeclarative4.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\QtScript4.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\QtOpenGL4.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\QtXml4.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\phonon4.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\QtSql4.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\QtMultimediaKit1.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\mediaservice\dsengine.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\QxtCore.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\QxtWeb.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\qjson.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\ssoengine.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\OviShareLib.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\securestorage.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll ()
MOD - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
MOD - C:\Programme\COMPUTERBILD-Abzockschutz\Internet Explorer\BandObjectsLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Programme\1&1\1&1 EasyLogin\EasyLoginCrypt.dll ()
MOD - C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Programme\Nokia\Nokia Ovi Suite\zlib1.dll ()
========== Win32 Services (SafeList) ==========
SRV - (serviceIEConfig) -- C:\Windows\System32\ieconfig_1und1_svc.exe ()
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (Boonty Games) -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (BOONTY)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (UPnPService) -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
========== Driver Services (SafeList) ==========
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (RTL8192su) -- C:\Windows\System32\drivers\RTL8192su.sys (Realtek Semiconductor Corporation )
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WINUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (amdide) -- C:\Windows\system32\DRIVERS\amdide.sys (Advanced Micro Devices Inc.)
DRV - (usbfilter) -- C:\Windows\System32\drivers\usbfilter.sys (Advanced Micro Devices)
DRV - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (USB28xxOEM) -- C:\Windows\System32\drivers\emOEM.sys (eMPIA Technology, Inc.)
DRV - (USB28xxBGA) -- C:\Windows\System32\drivers\emBDA.sys (eMPIA Technology, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1460742789-3339115732-553396096-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKU\S-1-5-21-1460742789-3339115732-553396096-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data]
IE - HKU\S-1-5-21-1460742789-3339115732-553396096-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1460742789-3339115732-553396096-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.1und1.de/links/home
IE - HKU\S-1-5-21-1460742789-3339115732-553396096-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1460742789-3339115732-553396096-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/410"
FF - prefs.js..extensions.enabledItems: {d49175b3-3fd8-43b8-b28e-da5d47f3c398}:1.0.32
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.76
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.4
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.3.1.00
FF - prefs.js..keyword.URL: "hxxp://www.searchqu.com//web?src=ffb&appid=0&systemid=410&sr=0&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Users\Tina\AppData\Roaming\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.10.07 10:20:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.29 10:27:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.06 10:58:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.10.07 10:20:37 | 000,000,000 | ---D | M]
[2011.11.05 13:44:13 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Tina\AppData\Roaming\mozilla\Extensions
[2011.09.28 06:50:52 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Tina\AppData\Roaming\mozilla\Firefox\Profiles\4316iwzy.default\extensions
[2011.10.07 10:18:52 | 000,000,000 | -H-D | M] (Searchqu Toolbar) -- C:\Users\Tina\AppData\Roaming\mozilla\Firefox\Profiles\4316iwzy.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011.10.07 10:18:51 | 000,000,000 | -H-D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Tina\AppData\Roaming\mozilla\Firefox\Profiles\4316iwzy.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.10.07 10:18:51 | 000,000,000 | -H-D | M] (COMPUTERBILD-Abzockschutz) -- C:\Users\Tina\AppData\Roaming\mozilla\Firefox\Profiles\4316iwzy.default\extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}
[2010.01.20 11:19:10 | 000,000,923 | -H-- | M] () -- C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\4316iwzy.default\searchplugins\conduit.xml
[2011.09.16 16:11:35 | 000,002,503 | -H-- | M] () -- C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\4316iwzy.default\searchplugins\SearchResults.xml
[2011.09.16 16:11:49 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.10.07 10:20:38 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2011.10.07 10:20:29 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\WINDOWS SEARCHQU TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2010.04.01 17:54:38 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 17:54:38 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.04.01 17:54:38 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.16 16:11:35 | 000,002,503 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2010.04.01 17:54:38 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.04.01 17:54:38 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (1&&1 Internet AG Browser Configuration by mquadr.at) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\System32\ieconfig_1und1.dll (mquadr.at software engineering und consulting GmbH)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1460742789-3339115732-553396096-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1460742789-3339115732-553396096-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TrayServer] C:\Programme\MAGIX\Filme_auf_DVD_7\Trayserver.exe (MAGIX AG)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1460742789-3339115732-553396096-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-1460742789-3339115732-553396096-1000..\Run: [1&1 EasyLogin] C:\Programme\1&1\1&1 EasyLogin\EasyLogin.exe (1&1 Internet AG)
O4 - HKU\S-1-5-21-1460742789-3339115732-553396096-1000..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKU\S-1-5-21-1460742789-3339115732-553396096-1000..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1460742789-3339115732-553396096-1000..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Tina\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1460742789-3339115732-553396096-1000\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKU\S-1-5-21-1460742789-3339115732-553396096-1000\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7114F0A7-643E-4F88-99B7-A02D831FE369}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\WIA6EB~1\Datamngr\datamngr.dll) -C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WIA6EB~1\Datamngr\IEBHO.dll) -C:\Programme\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 60 Days ==========
[2011.11.05 13:31:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.11.05 13:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.11.05 13:31:01 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011.10.13 06:29:32 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011.10.13 06:29:31 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011.10.13 06:29:20 | 002,334,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.10.13 06:29:11 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.10.13 06:29:11 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.10.13 06:29:10 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.10.13 06:29:10 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.10.13 06:29:10 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.10.06 07:18:02 | 000,000,000 | -H-D | C] -- C:\Users\Tina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Restore
[2011.09.23 07:15:53 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.09.16 16:11:37 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMCT232.OCX
[2011.09.16 16:11:35 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudFile.dll
[2011.09.16 16:11:35 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioInfos.dll
[2011.09.16 16:11:35 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioVisu.dll
[2011.09.16 16:11:35 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudPlayer.dll
[2011.09.16 16:11:35 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudioRecord.dll
[2011.09.16 16:11:35 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudDisplay.dll
[2011.09.16 16:11:35 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\WMAFile.dll
[2011.09.16 16:11:35 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Searchqu Toolbar
[2011.09.16 16:11:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2011.09.16 16:11:34 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\AudDesign.dll
[2011.09.16 16:11:34 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[2011.09.16 16:11:34 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TABCTL32.OCX
[2011.09.16 16:11:34 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMDLG32.OCX
[2011.09.16 16:11:34 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCFR.DLL
[2011.09.16 16:11:34 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6FR.DLL
[2011.09.16 16:11:34 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinet.OCX
[2011.09.16 16:11:34 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6STKIT.DLL
[2011.09.16 16:11:34 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mscc2fr.dll
[2011.09.16 16:11:34 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CMDLGFR.DLL
[2011.09.16 16:11:34 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TABCTFR.DLL
[2011.09.16 16:11:34 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetfr.DLL
[2011.09.16 16:11:33 | 000,000,000 | -H-D | C] -- C:\Users\Tina\AppData\Roaming\FreeAudioPack
[2011.09.16 15:36:56 | 000,000,000 | -H-D | C] -- C:\Users\Tina\Desktop\Bilder Handy
[2011.09.16 15:33:01 | 000,000,000 | -H-D | C] -- C:\Users\Tina\AppData\Local\NokiaAccount
[2011.09.16 15:31:00 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011.09.14 12:45:45 | 000,978,576 | ---- | C] (mquadr.at software engineering und consulting GmbH) -- C:\Windows\System32\ieconfig_1und1.dll
[2011.09.14 12:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\{411234A5-A7C5-4628-A4D3-64C942F8C38C}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 60 Days ==========
[2011.11.05 13:47:12 | 000,001,459 | ---- | M] () -- C:\Users\Tina\Desktop\iexplore - Verknüpfung.lnk
[2011.11.05 13:33:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.05 13:31:05 | 000,001,220 | ---- | M] () -- C:\Users\Tina\Desktop\Spybot - Search & Destroy.lnk
[2011.11.05 12:06:49 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.05 12:06:49 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.05 12:04:20 | 000,662,254 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.11.05 12:04:20 | 000,624,136 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.11.05 12:04:20 | 000,133,190 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.11.05 12:04:20 | 000,109,580 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.11.05 11:59:09 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.05 11:59:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.05 11:58:58 | 2615,910,400 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.24 17:03:27 | 000,023,552 | ---- | M] () -- C:\Users\Tina\Documents\neckermann_bestellung_24.10.11.wps
[2011.10.22 10:38:00 | 000,009,728 | ---- | M] () -- C:\Users\Tina\Lebenslauf3. wps.wps
[2011.10.13 17:23:33 | 000,368,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.10.06 07:19:08 | 000,000,456 | ---- | M] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.10.06 07:18:02 | 000,000,320 | ---- | M] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011.10.06 07:18:02 | 000,000,240 | ---- | M] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011.10.01 03:42:56 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.09.23 07:15:48 | 286,572,605 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.09.15 10:38:15 | 000,081,408 | -H-- | M] () -- C:\Users\Tina\Documents\Familienkasse_15.09.11.wps
[2011.09.15 10:38:15 | 000,009,482 | -H-- | M] () -- C:\Users\Tina\AppData\Roaming\wklnhst.dat
[2011.09.14 12:45:46 | 001,053,848 | ---- | M] () -- C:\Windows\System32\ieconfig_1und1_svc.exe
[2011.09.14 12:45:45 | 000,978,576 | ---- | M] (mquadr.at software engineering und consulting GmbH) -- C:\Windows\System32\ieconfig_1und1.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.11.05 13:47:12 | 000,001,459 | ---- | C] () -- C:\Users\Tina\Desktop\iexplore - Verknüpfung.lnk
[2011.11.05 13:31:05 | 000,001,220 | ---- | C] () -- C:\Users\Tina\Desktop\Spybot - Search & Destroy.lnk
[2011.10.24 17:03:27 | 000,023,552 | ---- | C] () -- C:\Users\Tina\Documents\neckermann_bestellung_24.10.11.wps
[2011.10.22 10:36:59 | 000,009,728 | ---- | C] () -- C:\Users\Tina\Lebenslauf3. wps.wps
[2011.10.06 07:18:02 | 000,000,320 | ---- | C] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011.10.06 07:18:02 | 000,000,240 | ---- | C] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011.10.06 07:18:00 | 000,000,456 | ---- | C] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.09.23 07:15:48 | 286,572,605 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.09.16 16:11:35 | 000,116,296 | ---- | C] () -- C:\Windows\System32\NCTWMAProfiles.prx
[2011.09.15 10:27:30 | 000,081,408 | -H-- | C] () -- C:\Users\Tina\Documents\Familienkasse_15.09.11.wps
[2011.09.14 12:45:46 | 001,053,848 | ---- | C] () -- C:\Windows\System32\ieconfig_1und1_svc.exe
[2011.08.25 17:13:26 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2011.03.21 12:22:06 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.05.08 20:14:14 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010.01.10 09:47:01 | 000,000,017 | -H-- | C] () -- C:\Users\Tina\AppData\Local\resmon.resmoncfg
[2010.01.03 17:07:39 | 000,009,482 | -H-- | C] () -- C:\Users\Tina\AppData\Roaming\wklnhst.dat
[2009.11.05 17:09:07 | 000,000,042 | ---- | C] () -- C:\Windows\System32\drivers\VERSION.DAT
[2009.11.05 16:54:13 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009.11.05 16:54:13 | 000,195,854 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.11.05 16:54:13 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2009.10.06 11:51:33 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.09.25 11:39:03 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.07.14 09:47:43 | 000,662,254 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 09:47:43 | 000,133,190 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,368,432 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,624,136 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,109,580 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007.06.05 13:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\System32\PSIService.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:FC4EA67C
@Alternate Data Stream - 233 bytes -> C:\ProgramData\Temp:3B812EE0
@Alternate Data Stream - 227 bytes -> C:\ProgramData\Temp:F1175E1D
@Alternate Data Stream - 226 bytes -> C:\ProgramData\Temp:270A3983
@Alternate Data Stream - 223 bytes -> C:\ProgramData\Temp:4EE95FE7
@Alternate Data Stream - 222 bytes -> C:\ProgramData\Temp:6C5EC3CD
@Alternate Data Stream - 220 bytes -> C:\ProgramData\Temp:99A29126
@Alternate Data Stream - 207 bytes -> C:\ProgramData\Temp:5BC73C48
@Alternate Data Stream - 205 bytes -> C:\ProgramData\Temp:C20426BD
@Alternate Data Stream - 202 bytes -> C:\ProgramData\Temp:7BA83BF4
@Alternate Data Stream - 158 bytes -> C:\ProgramData\Temp:7A0FEE87
@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:2B1EA607
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:140AD176
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:C48A983C
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:5D10C56A
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:8BFA0030
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:0D278FB5
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:123A86B5
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:4B1195DD
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:FED25C29
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:008586AE
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:5080697C
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:F8F070C2
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:DD04902E
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:370E4EFB
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:C8AC644A
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:737160C1
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:CB16385F
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:C5E2BAEE
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:5C6EBC69
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:072F1F69
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:61F0C8FB
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:A3E39C6A
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:A2FF62A6
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:598E0FFA
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:870649A4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:55F44B88
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:AC95B5ED
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:581B0446
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:C3C72D5F
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:9ACB70D7
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:C22674B6
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:32A82570
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:BE6B5FC3
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:2F141B68
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:9A6EBBF2
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:7B52659E
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:B8384DB6
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:7547DA5B
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:75CC0165
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:0F0A5896
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:90B52091
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:331B76C7
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:0ED4AC2F
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:7C412B92
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:43301D1D
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:561B1D2B
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:225CD7D5
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:A7DA2BCD
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:D0668210
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:090FB735
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:C07A6A6B
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:08D8BB20
< End of report >
Code:
OTL Extras logfile created on: 05.11.2011 13:59:01 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Tina\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 56,88% Memory free
6,50 Gb Paging File | 4,89 Gb Available in Paging File | 75,23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 575,07 Gb Total Space | 483,80 Gb Free Space | 84,13% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 19,91 Gb Free Space | 99,56% Space Free | Partition Type: NTFS
Computer Name: TINA-PC | User Name: Tina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MIF5BA~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0E5E6D29-7F0C-6532-6A11-62629649AD3C}" = CCC Help Finnish
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{1206E622-A6BB-665A-EFE4-AF068CEF85C8}" = Catalyst Control Center InstallProxy
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2562CC92-BCC6-35A7-F2E2-52E82CC2F746}" = Catalyst Control Center Graphics Full New
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = EzCAP Video Grabber
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{2EF0862B-22C7-8AA8-4272-DDB79410C113}" = Catalyst Control Center Graphics Light
"{2EF095CE-24AF-4AAA-BB82-85F988EC51C0}" = 1und1 Internet Explorer Add-On
"{32A546AD-2626-1DF1-0746-123AFA6E265F}" = ATI Catalyst Install Manager
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}" = Firebird SQL Server - MAGIX Edition
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3FBD5F02-D8CF-5800-6333-E66262831496}" = Catalyst Control Center Core Implementation
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4F5B18A3-E921-4FFE-BEF4-ACBB98964FC2}" = AMD USB Filter Driver
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{58A69DDE-F355-8A3B-CF9E-6BC5065A1AE3}" = CCC Help Spanish
"{62D90DFE-48E2-E2A4-C38C-8F3FC018463E}" = ccc-utility
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{744FFCE8-3AB1-BA9E-68BF-D3418909C2A2}" = CCC Help Italian
"{757A9362-BEBA-82B3-7329-40DA11649186}" = CCC Help German
"{759253A9-AB2F-D893-0076-4D61DF925900}" = CCC Help Dutch
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76D57840-661F-5BA8-F9BE-D153227644D7}" = CCC Help French
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{80187789-AC1E-C394-F8A5-1A42C84627F6}" = Catalyst Control Center Graphics Previews Vista
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 2.9.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8AADC86C-5018-4762-A309-3031F68D1008}" = COMPUTERBILD-Abzockschutz
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A062A15F-9CAC-4B88-98DF-87628A0BD721}" = Corel MediaOne
"{A334F1BA-0A1D-4ED6-B4F9-4066157CA15D}" = DE
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.6 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ADDBE07D-95B8-4789-9C76-187FFF9624B4}" = CorelDRAW Essential Edition 3
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BBC5B6BA-A02C-5A78-8767-841733D16451}" = CCC Help English
"{BD11E3C6-065E-40BB-A129-435C4530A159}_is1" = Jewel Master - Cradle Of Rome
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C4AD4C15-B39C-5EDB-4776-4B44B5AE770F}" = CCC Help Danish
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C5EA6F92-E34E-555E-47E7-92B1A1E8D1B3}" = ccc-core-static
"{CB9CC6C9-185F-E771-0633-B4D20E13D6AB}" = CCC Help Japanese
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E5D06831-77CC-05C5-AA43-42AD1CEB451A}" = CCC Help Norwegian
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{EF41AC64-43B4-44A4-39C5-35B7256ED3ED}" = Catalyst Control Center Localization All
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C28B5F-31A3-ACE3-3D4E-86C487ADC139}" = Catalyst Control Center Graphics Full Existing
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0F55285-D935-9245-34E5-91973D110874}" = CCC Help Swedish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F6A6DFF9-F71C-4BA6-B437-F18872866D3D}" = Bing Bar
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"1&1 EasyLogin" = 1&1 EasyLogin
"1und1 Internet Explorer Add-On" = 1und1 Internet Explorer Add-On
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"A0C8AB38D670723BC27436B03381EA98C003CE12" = Windows-Treiberpaket - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ALDI Foto Service D" = ALDI Foto Service
"ALDI Nord Foto Manager Free D" = ALDI Nord Foto Manager Free
"Aldi Nord Fotoservice_is1" = Aldi Nord Fotoservice
"ALDI Nord Online Druck Service D" = ALDI Nord Online Druck Service
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"AVS Update Manager_is1" = AVS Update Manager 1.0
"BFG-Abra Academy" = Abra Academy
"BFG-Abra Academy - Returning Cast" = Abra Academy™: Returning Cast
"BFG-Around the World in 80 Days" = Around the World in 80 Days
"BFGC" = Big Fish Games: Game Manager
"BFG-Chainz 2 Relinked" = Chainz 2 Relinked
"BFG-Curse of the Pharaoh - Die Traenen der Sachmet" = Curse of the Pharaoh: Die Tränen der Sachmet
"BFG-Die Gestohlene Venus" = Die Gestohlene Venus
"BFG-Dream Day First Home" = Dream Day First Home
"BFG-Faded Reality" = Faded Reality
"BFG-Fishdom" = Fishdom
"BFG-Hidden Mysteries - Buckingham Palace" = Hidden Mysteries™: Buckingham Palace
"BFG-Lost Realms - Das Erbe der Sonnenprinzessin" = Lost Realms: Das Erbe der Sonnenprinzessin
"BFG-Magic Academy" = Magic Academy
"BFG-Mystery PI - The New York Fortune" = Mystery P.I.: The New York Fortune
"BFG-Mysteryville" = Mysteryville
"BFG-Sarah Maribu und die Vergessene Welt" = Sarah Maribu und die Vergessene Welt
"BFG-Schatzinsel 2" = Schatzinsel 2
"BFG-Vacation Quest - The Hawaiian Islands" = Vacation Quest: The Hawaiian Islands
"Canon MG5100 series Benutzerregistrierung" = Canon MG5100 series Benutzerregistrierung
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Chainz 2" = Chainz 2
"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.10.722
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.3
"GMX ProfiFax" = GMX ProfiFax
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"MAGIX Filme auf DVD 7 D" = MAGIX Filme auf DVD 7 7.0.3.0 (D)
"MAGIX Foto Manager 2008 D" = MAGIX Foto Manager 2008 5.0.0.255 (D)
"MAGIX Goya burnR D" = MAGIX Goya burnR 1.3.1.3 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D)
"McAfee Security Scan" = McAfee Security Scan Plus
"MEDION Fotos auf CD & DVD SE Nord D" = MEDION Fotos auf CD & DVD SE Nord
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Mufin MusicFinder Base D" = Mufin MusicFinder Base 1.5.3.250 (D)
"Nokia Ovi Suite" = Nokia Ovi Suite
"Picasa 3" = Picasa 3
"Searchqu 0 MediaBar" = Windows Searchqu Toolbar
"Uninstall_is1" = Uninstall 1.0.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1460742789-3339115732-553396096-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"10 Days Under The Sea Deluxe" = 10 Days Under The Sea Deluxe
"1001 Nights - The Adventures of Sindbad Deluxe" = 1001 Nights - The Adventures of Sindbad Deluxe
"3 Days - Zoo Mystery Deluxe" = 3 Days - Zoo Mystery Deluxe
"Age of Oracles - Tara's Journey Deluxe" = Age of Oracles - Tara's Journey Deluxe
"Becky Brogan - The Mystery of Meane Manor Deluxe" = Becky Brogan - The Mystery of Meane Manor Deluxe
"Bejeweled 2 Deluxe" = Bejeweled 2 Deluxe
"Big City Adventure - New York City Deluxe" = Big City Adventure - New York City Deluxe
"Cate West - The Vanishing Files Deluxe" = Cate West - The Vanishing Files Deluxe
"Chainz 2 Deluxe" = Chainz 2 Deluxe
"Delicious 2 Deluxe" = Delicious 2 Deluxe
"Fishdom - Frosty Splash Deluxe" = Fishdom - Frosty Splash Deluxe
"Fishdom - Spooky Splash Deluxe" = Fishdom - Spooky Splash Deluxe
"Fishdom Deluxe" = Fishdom Deluxe
"Fishdom H2O - Hidden Odyssey Deluxe" = Fishdom H2O - Hidden Odyssey Deluxe
"Hidden Identity - Chicago Blackout Deluxe" = Hidden Identity - Chicago Blackout Deluxe
"Hidden Magic Deluxe" = Hidden Magic Deluxe
"Jane's Hotel - Family Hero Deluxe" = Jane's Hotel - Family Hero Deluxe
"Keys to Manhattan Deluxe" = Keys to Manhattan Deluxe
"Pahelika - Secret Legends Deluxe" = Pahelika - Secret Legends Deluxe
"Zuma Deluxe" = Zuma Deluxe
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 20.10.2011 05:59:40 | Computer Name = Tina-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: CCC.exe, Version: 2.0.0.0, Zeitstempel:
0x49ef8e09 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,
Zeitstempel: 0x4e2111c0 Ausnahmecode: 0xe0434f4d Fehleroffset: 0x0000d36f ID des fehlerhaften
Prozesses: 0x14b0 Startzeit der fehlerhaften Anwendung: 0x01cc8f0ef7f2318b Pfad der
fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: 394c035c-fb02-11e0-8258-4061864c8901
Error - 21.10.2011 14:19:10 | Computer Name = Tina-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: CCC.exe, Version: 2.0.0.0, Zeitstempel:
0x49ef8e09 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,
Zeitstempel: 0x4e2111c0 Ausnahmecode: 0xe0434f4d Fehleroffset: 0x0000d36f ID des fehlerhaften
Prozesses: 0x1448 Startzeit der fehlerhaften Anwendung: 0x01cc901de967400c Pfad der
fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: 2b418e5f-fc11-11e0-855c-4061864c8901
Error - 22.10.2011 05:44:48 | Computer Name = Tina-PC | Source = Application Hang | ID = 1002
Description = Programm IEXPLORE.EXE, Version 8.0.7601.17514 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 80c Startzeit: 01cc909f292904f6 Endzeit: 8 Anwendungspfad: C:\Program
Files\Internet Explorer\IEXPLORE.EXE Berichts-ID: 709afca1-fc92-11e0-9855-4061864c8901
Error - 24.10.2011 09:10:20 | Computer Name = Tina-PC | Source = Application Hang | ID = 1002
Description = Programm IEXPLORE.EXE, Version 8.0.7601.17514 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 16a8 Startzeit: 01cc924e2faa5755 Endzeit: 6 Anwendungspfad:
C:\Program Files\Internet Explorer\IEXPLORE.EXE Berichts-ID: 7c529d09-fe41-11e0-ba80-4061864c8901
Error - 24.10.2011 09:13:49 | Computer Name = Tina-PC | Source = Application Hang | ID = 1002
Description = Programm IEXPLORE.EXE, Version 8.0.7601.17514 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 5a0 Startzeit: 01cc924ea9ef6ad8 Endzeit: 8 Anwendungspfad: C:\Program
Files\Internet Explorer\IEXPLORE.EXE Berichts-ID: f8ccc142-fe41-11e0-ba80-4061864c8901
Error - 24.10.2011 09:16:27 | Computer Name = Tina-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: CCC.exe, Version: 2.0.0.0, Zeitstempel:
0x49ef8e09 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17651,
Zeitstempel: 0x4e2111c0 Ausnahmecode: 0xe0434f4d Fehleroffset: 0x0000d36f ID des fehlerhaften
Prozesses: 0x14d4 Startzeit der fehlerhaften Anwendung: 0x01cc924f1eda525e Pfad der
fehlerhaften Anwendung: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: 60a696bc-fe42-11e0-a404-4061864c8901
Error - 29.10.2011 04:09:35 | Computer Name = Tina-PC | Source = Application Hang | ID = 1002
Description = Programm IEXPLORE.EXE, Version 8.0.7601.17514 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 92c Startzeit: 01cc9611fe392df6 Endzeit: 8 Anwendungspfad: C:\Program
Files\Internet Explorer\IEXPLORE.EXE Berichts-ID: 4e4348f8-0205-11e1-84fd-4061864c8901
Error - 29.10.2011 05:49:05 | Computer Name = Tina-PC | Source = Application Hang | ID = 1002
Description = Programm IEXPLORE.EXE, Version 8.0.7601.17514 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1530 Startzeit: 01cc961fe7f8cea3 Endzeit: 5 Anwendungspfad:
C:\Program Files\Internet Explorer\IEXPLORE.EXE Berichts-ID: 327b6d2b-0213-11e1-bfb0-4061864c8901
Error - 29.10.2011 05:49:30 | Computer Name = Tina-PC | Source = Application Hang | ID = 1002
Description = Programm IEXPLORE.EXE, Version 8.0.7601.17514 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 954 Startzeit: 01cc96200271c68e Endzeit: 21 Anwendungspfad:
C:\Program Files\Internet Explorer\IEXPLORE.EXE Berichts-ID: 48e18cb1-0213-11e1-bfb0-4061864c8901
Error - 30.10.2011 05:53:28 | Computer Name = Tina-PC | Source = Application Hang | ID = 1002
Description = Programm IEXPLORE.EXE, Version 8.0.7601.17514 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1184 Startzeit: 01cc96e9ada4388f Endzeit: 11 Anwendungspfad:
C:\Program Files\Internet Explorer\IEXPLORE.EXE Berichts-ID: fa40be47-02dc-11e1-8180-4061864c8901
[ System Events ]
Error - 20.10.2011 07:37:41 | Computer Name = Tina-PC | Source = DCOM | ID = 10016
Description =
Error - 20.10.2011 07:42:45 | Computer Name = Tina-PC | Source = DCOM | ID = 10016
Description =
Error - 20.10.2011 07:42:47 | Computer Name = Tina-PC | Source = DCOM | ID = 10016
Description =
Error - 20.10.2011 07:48:24 | Computer Name = Tina-PC | Source = DCOM | ID = 10016
Description =
Error - 20.10.2011 07:48:26 | Computer Name = Tina-PC | Source = DCOM | ID = 10016
Description =
Error - 21.10.2011 09:59:50 | Computer Name = Tina-PC | Source = DCOM | ID = 10016
Description =
Error - 21.10.2011 09:59:50 | Computer Name = Tina-PC | Source = DCOM | ID = 10016
Description =
Error - 21.10.2011 10:11:38 | Computer Name = Tina-PC | Source = DCOM | ID = 10016
Description =
Error - 21.10.2011 10:11:40 | Computer Name = Tina-PC | Source = DCOM | ID = 10016
Description =
Error - 24.10.2011 02:22:42 | Computer Name = Tina-PC | Source = Microsoft-Windows-Application-Experience | ID = 205
Description = Der Dienst "Programmkompatibilitäts-Assistent" konnte Phase 2 nicht
initialisieren.
< End of report >
MfG
ralle69 |
