| |
| |||||||
Log-Analyse und Auswertung: Windows Security Center: Warnung - PC gesperrt!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
05.02.2012, 15:10
| #3 |
 |  Windows Security Center: Warnung - PC gesperrt! Hallo Kira,
__________________erstmal danke für deine Antwort! Hier nun meine Dateien: 1. Fixen mit OTL Code:
ATTFilter All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{EEE6C35D-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll not found.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\searchplugin folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\modules folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\META-INF folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\defaults folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\components folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\chrome folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f} folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\META-INF folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults\preferences folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\defaults folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\chrome folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\chrome folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\searchplugin folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\META-INF folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\lib folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\defaults folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\chrome folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\engine@conduit.com folder moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\bing.xml moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\crawlersrch.xml moved successfully.
Unable to fix default_search_provider items.
File C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
C:\Programme\Crawler\Toolbar\ctbr.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}\ deleted successfully.
C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield deleted successfully.
C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater deleted successfully.
C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM deleted successfully.
C:\Programme\SweetIM\Messenger\SweetIM.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\vasja deleted successfully.
C:\Users\Nadia\AppData\Local\Temp\0.8343861309758063.exe moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
ADS C:\ProgramData\TEMP:814B9485 deleted successfully.
ADS C:\ProgramData\TEMP:3064D21D deleted successfully.
ADS C:\ProgramData\TEMP:ADE16379 deleted successfully.
ADS C:\ProgramData\TEMP:ABE89FFE deleted successfully.
ADS C:\ProgramData\TEMP:798A3728 deleted successfully.
ADS C:\ProgramData\TEMP:B623B5B8 deleted successfully.
ADS C:\ProgramData\TEMP:4F636E25 deleted successfully.
ADS C:\ProgramData\TEMP:DCAF903C deleted successfully.
ADS C:\ProgramData\TEMP:CE0A077E deleted successfully.
ADS C:\ProgramData\TEMP:9E22BBE8 deleted successfully.
ADS C:\ProgramData\TEMP:8750DCE4 deleted successfully.
ADS C:\ProgramData\TEMP:B203B914 deleted successfully.
ADS C:\ProgramData\TEMP:131C0EE9 deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 75 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Nadia
->Temp folder emptied: 3993999939 bytes
->Temporary Internet Files folder emptied: 221386657 bytes
->Java cache emptied: 4349741 bytes
->FireFox cache emptied: 68862371 bytes
->Google Chrome cache emptied: 538606340 bytes
->Flash cache emptied: 3896467 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 267793964 bytes
RecycleBin emptied: 3147300452 bytes
Total Files Cleaned = 7.864,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 02052012_125612
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Bericht Malwarebytes Anti-Malware Code:
ATTFilter Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.02.05.01 Windows Vista Service Pack 1 x86 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 7.0.6001.18000 Nadia :: NADIA-PC [Administrator] 05.02.2012 13:08:12 mbam-log-2012-02-05 (13-08-12).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 331036 Laufzeit: 48 Minute(n), 58 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\_OTL\MovedFiles\02052012_125612\C_Users\Nadia\AppData\Local\Temp\0.8343861309758063.exe (Trojan.VUPX.ON1) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) bei meiner Liste der installerierten Programme findest du noch das Programm "SweetIM for Messenger 3.0". Beim Versuch das Programm zu deinstallieren kommt ständig die Fehlermeldung: "Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn der Windows Installer nicht richtig installiert wurde. Wenden Sie sich an Supprt um weitere Unterstützung zu erhalten. Liste installierter Programme Code:
ATTFilter 7-Zip 9.20 14.09.2011 3,54MB Acer Backup Manager NewTech Infosystems 21.05.2009 234MB 1.0.0.53 Acer Crystal Eye webcam Ver:1.1.79.326 Chicony Electronics Co.,Ltd. 21.05.2009 1,30MB 1.1.79.326 Acer eRecovery Management Acer Incorporated 21.05.2009 11,7MB 4.00.3005 Acer GridVista Acer Inc. 21.05.2009 1,73MB 2.75.825 Acer PowerSmart Manager Acer Incorporated 21.05.2009 7,83MB 4.02.3006 Acer Product Registration Acer Incorporated 28.03.2010 5,92MB 3.0.0.10 Acer ScreenSaver Acer 21.05.2009 Acer VCM Acer Incorporated 21.05.2009 18,8MB 4.00.3006 Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 30.03.2010 10.0.45.2 Adobe Flash Player 11 Plugin Adobe Systems Incorporated 07.10.2011 11.0.1.152 Adobe Reader 9 - Deutsch Adobe Systems Incorporated 07.04.2009 232MB 9.0.0 Apple Application Support Apple Inc. 15.06.2011 51,0MB 1.5.2 Apple Mobile Device Support Apple Inc. 15.06.2011 22,1MB 3.4.1.2 Apple Software Update Apple Inc. 15.06.2011 2,25MB 2.1.3.127 Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Atheros Communications Inc. 30.03.2009 4,05MB 1.0.0.18 ATI Catalyst Install Manager ATI Technologies, Inc. 21.05.2009 13,8MB 3.0.715.0 Avira AntiVir Personal - Free Antivirus Avira GmbH 16.10.2011 93,7MB 10.2.0.704 BlueJ 2.1.2 Deakin University 05.01.2011 5,51MB Bonjour Apple Inc. 15.06.2011 1,12MB 2.0.5.0 Brother MFL-Pro Suite Brother Industries, Ltd. 29.04.2010 15,2MB 1.00 Canon Easy-PhotoPrint EX 24.08.2011 227MB Canon Easy-WebPrint EX 24.08.2011 6,81MB Canon IJ Network Scanner Selector EX 24.08.2011 8,20MB Canon IJ Network Tool 24.08.2011 2,97MB Canon Kurzwahlprogramm 24.08.2011 8,66MB Canon MP Navigator EX 4.1 24.08.2011 75,3MB Canon MX880 series Benutzerregistrierung 24.08.2011 2,31MB Canon MX880 series MP Drivers 24.08.2011 379MB Canon My Printer 24.08.2011 5,60MB Canon Solution Menu EX 24.08.2011 12,7MB CCleaner Piriform 04.02.2012 4,24MB 3.15 Compatibility Pack für 2007 Office System Microsoft Corporation 10.02.2011 39,9MB 12.0.6425.1000 eSobi v2 esobi Inc. 21.05.2009 22,9MB 2.0.3.000223 Firebird SQL Server - MAGIX Edition MAGIX AG 11.01.2011 10,1MB 2.1.23.0 GIMP 2.6.11 The GIMP Team 06.01.2011 111,1MB 2.6.11 Google Chrome Google Inc. 06.10.2010 123,3MB 16.0.912.77 Google Desktop Google 24.07.2010 61,7MB 5.9.1005.12335 Google Toolbar for Internet Explorer Google Inc. 13.01.2012 66,4MB 7.2.2427.2330 Hex-Editor MX NEXT-Soft 03.04.2010 0,64MB 6.0 Intel® Matrix Storage Manager Intel Corporation 21.05.2009 9,66MB IrfanView (remove only) 25.04.2010 1,61MB iTunes Apple Inc. 15.06.2011 144,0MB 10.3.1.55 J2SE Development Kit 5.0 Update 6 Sun Microsystems, Inc. 05.01.2011 284MB 1.5.0.60 J2SE Runtime Environment 5.0 Update 6 Sun Microsystems, Inc. 05.01.2011 152,3MB 1.5.0.60 Java(TM) 6 Update 26 Sun Microsystems, Inc. 31.03.2010 94,5MB 6.0.260 Launch Manager Acer Inc. 21.05.2009 4,88MB 2.0.03 Malwarebytes Anti-Malware Version 1.60.1.1000 Malwarebytes Corporation 04.02.2012 11,5MB 1.60.1.1000 Medieval II Total War SEGA 19.11.2010 11.624MB 1.03.000 Medieval II Total War : Kingdoms : Americas SEGA 19.11.2010 1.209MB 1.03.000 Medieval II Total War : Kingdoms : Britannia SEGA 19.11.2010 914MB 1.03.000 Medieval II Total War : Kingdoms : Crusades SEGA 19.11.2010 1.107MB 1.03.000 Medieval II Total War : Kingdoms : Teutonic SEGA 19.11.2010 1.037MB 1.03.000 Meltho Version 1.20 Beth Mardutho Institute 10.12.2010 5,99MB 1.2.0.0 Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 12.02.2011 37,0MB Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 19.10.2010 27,8MB Microsoft Office Professional Edition 2003 Microsoft Corporation 12.02.2011 588MB 11.0.8173.0 Microsoft Office Suite Activation Assistant Microsoft Corporation 07.04.2009 8,37MB 2.9 Microsoft PowerPoint Viewer Microsoft Corporation 10.02.2011 148,6MB 14.0.4763.1000 Microsoft Research AutoCollage 2008 version 1.1 Microsoft Research 10.01.2011 7,44MB 1.01.2008 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 07.04.2009 1,74MB 3.1.0000 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 10.02.2011 0,25MB 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 29.01.2012 0,33MB 8.0.59193 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 12.07.2011 0,23MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 29.03.2010 0,58MB 9.0.30729.4148 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 29.01.2012 11,1MB 10.0.40219 Microsoft Works Microsoft Corporation 10.02.2011 378MB 9.7.0621 Mozilla Firefox 9.0.1 (x86 de) Mozilla 10.01.2012 38,3MB 9.0.1 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 07.04.2009 1,29MB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 17.10.2010 1,34MB 4.20.9876.0 NTI Backup Now 5 NewTech Infosystems 07.04.2009 29,5MB 5.1.2.616 NTI Media Maker 8 NewTech Infosystems 07.04.2009 187,5MB 8.0.2.6509 Nvu 1.0 Thorsten Fritz 01.06.2010 22,0MB 1.0 OpenTTD 1.1.0-RC2 OpenTTD 06.03.2011 32,8MB 1.1.0-RC2 Optical Drive Power Management Acer Incorporated 21.05.2009 0,75MB 1.00.3006 Orion Convesoft 21.05.2009 15,0MB 2.5.0 PaperPort Image Printer Nuance Communications, Inc. 29.04.2010 0,38MB 1.00.0000 PC Draft P.E. Demo Microspot 26.03.2011 14,1MB 5.0.6 PDF24 Creator 3.0.0 PDF24.org 05.06.2011 39,4MB PowerDVD CyberLink Corp. 21.05.2009 154,0MB 7.0.4028.0 PSPad editor Jan Fiala 14.09.2011 14,6MB QuickTime Apple Inc. 15.06.2011 73,7MB 7.69.80.9 Realtek High Definition Audio Driver Realtek Semiconductor Corp. 21.05.2009 11,6MB 6.0.1.5830 Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 30.03.2009 6,61MB 6.0.6000.20113 SAMSUNG Mobile Modem Driver Set 23.04.2010 Samsung Mobile phone USB driver Software 23.04.2010 SAMSUNG Mobile USB Modem 1.0 Software 23.04.2010 SAMSUNG Mobile USB Modem Software 23.04.2010 Samsung PC Studio 3 Samsung Electronics Co., Ltd. 23.04.2010 131,0MB 3.2.1.71207 ScanSoft PaperPort 11 Nuance Communications, Inc. 29.04.2010 130,3MB 11.1.0000 Shape Collage Shape Collage Inc. 10.01.2011 0,76MB SimCity™ Societies Reisewelten Electronic Arts 20.11.2010 953MB 1.0.0.1 Skype™ 5.6 Skype Technologies S.A. 18.01.2012 19,5MB 5.6.110 SweetIM for Messenger 3.0 SweetIM Technologies Ltd. 07.04.2010 3,89MB 3.0.0004 Synaptics Pointing Device Driver Synaptics Incorporated 21.05.2009 20,3MB 12.2.2.0 Uninstall 1.0.0.1 18.01.2011 28,6MB Web Security Guard with Crawler Toolbar Crawler, LLC 01.02.2012 15,5MB Windows Live Anmelde-Assistent Microsoft Corporation 29.03.2010 1,93MB 5.000.818.5 Windows Live Essentials Microsoft Corporation 05.01.2011 150,3MB 14.0.8117.0416 Windows Live OneCare safety scanner Microsoft Corporation 14.04.2010 44,7MB Windows Live Sync Microsoft Corporation 05.01.2011 2,79MB 14.0.8117.416 Windows Live-Uploadtool Microsoft Corporation 07.04.2009 0,22MB 14.0.8014.1029 WinRAR 08.01.2011 3,79MB XAMPP 1.7.5 14.09.2011 394MB OTL.txt OTL Logfile: Code:
ATTFilter OTL logfile created on: 05.02.2012 14:42:56 - Run 4 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Nadia\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,90 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 79,76% Memory free 6,00 Gb Paging File | 5,61 Gb Available in Paging File | 93,43% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 288,32 Gb Total Space | 186,23 Gb Free Space | 64,59% Space Free | Partition Type: NTFS Computer Name: NADIA-PC | User Name: Nadia | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.02.02 16:45:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Nadia\Desktop\OTL.exe PRC - [2011.12.21 08:42:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe ========== Modules (No Company Name) ========== MOD - [2011.12.21 08:42:28 | 002,124,760 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2010.03.15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2008.06.11 23:10:08 | 000,016,768 | ---- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\ViewerPS.dll MOD - [2008.03.30 15:22:42 | 000,070,144 | ---- | M] () -- C:\Programme\PSPad editor\PSPadShell.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (McAfee SiteAdvisor Service) SRV - [2011.06.30 16:01:42 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.05.25 08:43:03 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009.05.15 21:39:46 | 000,703,008 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc) SRV - [2009.04.29 16:32:32 | 000,118,784 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Programme\Acer\Optical Drive Power Management\ODDPWRSvc.exe -- (ODDPwrSvc) SRV - [2009.04.11 03:11:20 | 000,117,256 | ---- | M] (Dritek System Inc.) [Auto | Stopped] -- C:\Programme\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2009.04.01 20:06:02 | 000,054,528 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Stopped] -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2009.02.12 01:38:40 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2009.02.05 07:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Programme\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2009.02.03 14:53:00 | 001,155,072 | ---- | M] (MAGIX AG) [Unknown | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2008.08.07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2011.06.30 16:01:43 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.06.30 16:01:43 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.05.10 07:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl) DRV - [2010.06.22 03:51:14 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5) DRV - [2009.05.11 08:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.04.01 20:54:44 | 000,050,176 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C60x86.sys -- (L1C) DRV - [2009.03.19 08:06:28 | 004,386,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag) DRV - [2009.03.19 06:33:14 | 000,093,184 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2009.03.19 06:18:28 | 004,568,064 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdpmd32.sys -- (intelkmd) DRV - [2009.02.21 03:10:00 | 000,153,952 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService) DRV - [2008.09.25 16:37:40 | 003,666,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008.01.21 03:23:27 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID) DRV - [2008.01.21 03:23:27 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan) DRV - [2008.01.21 03:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV - [2007.05.02 10:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2007.05.02 10:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2007.05.02 10:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) DRV - [2006.07.24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.04.07 21:39:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2012.02.02 20:31:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.11 14:17:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.16 19:39:12 | 000,000,000 | ---D | M] [2010.03.29 20:14:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nadia\AppData\Roaming\mozilla\Extensions [2012.02.05 12:56:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions [2011.02.28 14:57:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.06.09 07:26:28 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Nadia\AppData\Roaming\mozilla\Firefox\Profiles\bkz9qik5.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2012.01.11 14:17:00 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.12.21 08:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011.12.21 06:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.12.21 06:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.04.09 11:22:07 | 000,002,047 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml [2011.12.21 06:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.12.21 06:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.12.21 06:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: facemoods (Enabled) CHR - default_search_provider: search_url = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4 CHR - default_search_provider: suggest_url = CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\pdf.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\Nadia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\ CHR - Extension: Google-Suche = C:\Users\Nadia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\ CHR - Extension: Google Mail = C:\Users\Nadia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll File not found O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [ODDPwr] C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe (Acer Incorporated) O4 - HKLM..\Run: [PDFPrint] C:\Programme\pdf24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer) O8 - Extra context menu item: Free YouTube Download - C:\Users\Nadia\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Nadia\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.185.33 83.169.185.97 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10FAFB6D-C08D-4BF5-AC21-787996885DD4}: DhcpNameServer = 83.169.185.33 83.169.185.97 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5707BFAB-1C22-48D6-B5B8-E0846774E567}: DhcpNameServer = 83.169.185.33 83.169.185.97 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll File not found O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) -C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.05 14:43:25 | 000,000,000 | ---D | C] -- C:\Users\Nadia\Desktop\OTL [2012.02.05 14:39:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.02.05 14:39:04 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.02.05 14:01:38 | 000,000,000 | ---D | C] -- C:\Users\Nadia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD [2012.02.05 13:06:41 | 000,000,000 | ---D | C] -- C:\Users\Nadia\AppData\Roaming\Malwarebytes [2012.02.05 13:06:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.02.05 13:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.02.05 13:06:34 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.02.05 13:06:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.02.05 12:56:12 | 000,000,000 | ---D | C] -- C:\_OTL [2012.02.02 20:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler Toolbar [2012.02.02 20:30:59 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler [2012.02.02 17:40:26 | 000,000,000 | ---D | C] -- C:\Users\Nadia\AppData\Local\Norman Malware Cleaner [2012.02.02 16:45:05 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Nadia\Desktop\OTL.exe [2012.01.30 19:00:45 | 000,000,000 | ---D | C] -- C:\Users\Nadia\Documents\AnyDVDHD [2012.01.30 18:51:50 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2012.01.30 18:51:49 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2012.01.30 18:51:49 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2012.01.30 18:51:49 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2012.01.30 18:51:49 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2012.01.30 18:51:07 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2012.01.30 18:50:25 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2012.01.30 18:49:44 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2012.01.30 18:49:04 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2012.01.30 18:48:20 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2012.01.30 18:39:14 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll [2012.01.30 18:39:13 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll [2012.01.30 17:57:30 | 000,000,000 | ---D | C] -- C:\CloneDVDTemp [2012.01.30 17:52:17 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes [2012.01.30 16:56:36 | 000,000,000 | ---D | C] -- C:\Users\Nadia\Desktop\Neuer Ordner (2) [2012.01.30 16:24:32 | 000,000,000 | ---D | C] -- C:\ProgramData\SlySoft [2012.01.30 16:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\SlySoft [2012.01.30 16:19:48 | 000,000,000 | ---D | C] -- C:\Users\Nadia\Desktop\AnyDVD [2012.01.30 15:53:53 | 000,000,000 | ---D | C] -- C:\Users\Nadia\Documents\DVDFab Passkey [2012.01.30 15:53:53 | 000,000,000 | ---D | C] -- C:\ProgramData\dvdfab [2012.01.30 15:47:51 | 000,000,000 | ---D | C] -- C:\Users\Nadia\Desktop\DVDFab [2012.01.19 19:02:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.01.19 19:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012.01.19 19:02:00 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012.01.12 15:46:13 | 000,000,000 | ---D | C] -- C:\Users\Nadia\Desktop\Neuer Ordner [2009.05.22 16:58:35 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll ========== Files - Modified Within 30 Days ========== [2012.02.05 14:39:05 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.02.05 14:30:04 | 000,617,456 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.02.05 14:30:04 | 000,586,568 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.02.05 14:30:04 | 000,122,258 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.02.05 14:30:04 | 000,100,640 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.02.05 14:25:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.02.05 14:24:59 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.05 14:24:59 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.05 14:24:22 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.02.05 14:18:06 | 000,002,032 | ---- | M] () -- C:\Users\Nadia\AppData\Local\d3d9caps.dat [2012.02.05 13:06:36 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.02.02 23:03:55 | 000,464,216 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.02.02 16:45:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Nadia\Desktop\OTL.exe [2012.02.02 12:01:20 | 000,000,125 | -HS- | M] () -- C:\ProgramData\.zreglib [2012.01.30 21:50:04 | 000,049,152 | ---- | M] () -- C:\Users\Nadia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.15 22:48:48 | 000,283,205 | ---- | M] () -- C:\Users\Nadia\Desktop\Web-Weiterbildung.pdf [2012.01.11 17:35:25 | 000,035,220 | ---- | M] () -- C:\Users\Nadia\Desktop\de.his.servlet.RequestDispatcherServlet.htm ========== Files Created - No Company Name ========== [2012.02.05 14:39:05 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.02.05 13:06:36 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.01.30 16:24:25 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib [2012.01.15 22:48:48 | 000,283,205 | ---- | C] () -- C:\Users\Nadia\Desktop\Web-Weiterbildung.pdf [2012.01.11 17:35:18 | 000,035,220 | ---- | C] () -- C:\Users\Nadia\Desktop\de.his.servlet.RequestDispatcherServlet.htm [2012.01.11 14:17:01 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.07.14 22:43:23 | 000,000,000 | ---- | C] () -- C:\Users\Nadia\AppData\Local\{02E6A710-921C-4DAE-BB0A-72BAAAA33C11} [2011.07.04 18:02:01 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll [2011.01.12 22:33:20 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2010.12.11 22:36:00 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2010.10.15 12:23:42 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2010.10.13 09:58:53 | 000,000,231 | ---- | C] () -- C:\Windows\POWERPNT.INI [2010.10.13 09:58:46 | 000,000,064 | ---- | C] () -- C:\Windows\exchng32.ini [2010.10.13 09:58:46 | 000,000,026 | ---- | C] () -- C:\Windows\datalink.ini [2010.10.13 09:58:27 | 000,000,032 | ---- | C] () -- C:\Windows\GRAPH5.INI [2010.10.13 09:58:24 | 000,000,000 | ---- | C] () -- C:\Windows\WINHELP.INI [2010.10.13 09:56:46 | 000,000,969 | ---- | C] () -- C:\Windows\ODBCINST.INI [2010.04.30 17:38:16 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010.04.30 17:38:16 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2010.04.30 16:37:00 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf07a.dat [2010.04.30 16:30:29 | 000,031,664 | ---- | C] () -- C:\Windows\maxlink.ini [2010.04.24 09:58:45 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010.04.24 09:46:22 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010.04.08 21:41:19 | 000,002,032 | ---- | C] () -- C:\Users\Nadia\AppData\Local\d3d9caps.dat [2010.03.29 20:37:52 | 000,049,152 | ---- | C] () -- C:\Users\Nadia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.05.22 16:55:41 | 000,982,196 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2009.05.22 16:55:41 | 000,417,344 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2009.05.22 16:55:41 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2009.05.22 16:55:41 | 000,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin [2009.05.22 16:55:41 | 000,097,448 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin [2009.05.22 16:55:41 | 000,000,481 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2009.05.22 16:55:40 | 000,181,944 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2009.05.22 07:33:22 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini [2009.05.22 07:13:09 | 000,106,496 | ---- | C] () -- C:\Windows\FixUVC.exe [2009.05.22 07:11:57 | 000,107,276 | ---- | C] () -- C:\Windows\System32\drivers\RtConvEQ.DAT [2009.05.22 07:11:57 | 000,000,712 | ---- | C] () -- C:\Windows\System32\drivers\SamSfPa.dat [2009.05.22 07:11:57 | 000,000,632 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat [2009.05.22 07:11:57 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat [2009.05.22 07:11:57 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat [2009.05.22 07:11:57 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat [2009.05.22 07:11:57 | 000,000,016 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat [2009.05.22 07:08:28 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009.04.09 03:33:45 | 000,617,456 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.04.09 03:33:45 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.04.09 03:33:45 | 000,122,258 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.04.09 03:33:45 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.04.08 17:59:33 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.04.08 17:59:33 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009.04.01 01:46:06 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll [2009.04.01 01:46:06 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll [2009.04.01 01:46:05 | 000,000,060 | ---- | C] () -- C:\Windows\Prelaunch.ini [2009.04.01 01:46:05 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini [2008.04.08 13:34:26 | 000,000,427 | ---- | C] () -- C:\Windows\System32\atipblup.dat [2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 13:47:37 | 000,464,216 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:33:01 | 000,586,568 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 11:33:01 | 000,100,640 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2003.02.20 19:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI [1995.08.09 23:00:00 | 000,107,008 | ---- | C] () -- C:\Windows\System32\TTEMB32.DLL [1995.08.09 23:00:00 | 000,052,736 | ---- | C] () -- C:\Windows\System32\OPENDEU.DLL [1995.08.09 23:00:00 | 000,010,512 | ---- | C] () -- C:\Windows\System32\VBADE32.DLL [1995.08.09 23:00:00 | 000,002,041 | ---- | C] () -- C:\Windows\MSFNTMAP.INI [1995.08.09 23:00:00 | 000,000,586 | ---- | C] () -- C:\Windows\MSTXTCNV.INI [1995.08.09 23:00:00 | 000,000,280 | ---- | C] () -- C:\Windows\TTEMBED.INI ========== LOP Check ========== [2011.10.08 13:16:46 | 000,000,000 | -HSD | M] -- C:\Users\Nadia\AppData\Roaming\.# [2010.03.30 20:22:09 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\Acer [2009.04.08 19:21:40 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\Acer GameZone Console [2011.10.13 11:47:25 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\Canon [2011.11.09 11:40:22 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\DVDVideoSoft [2011.11.09 11:39:57 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\DVDVideoSoftIEHelpers [2010.03.29 14:15:17 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\EA [2010.10.07 20:45:32 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\eSobi [2011.01.11 19:27:39 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\GetRightToGo [2011.06.24 14:24:26 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\gtk-2.0 [2010.05.31 09:53:28 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\iWin [2011.03.25 19:07:29 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\KompoZer [2011.03.25 18:54:49 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\MAGIX [2010.06.02 21:02:05 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\Nvu [2011.04.24 12:30:31 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\PlayFirst [2010.04.24 18:30:48 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\Samsung [2010.04.01 16:17:21 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\Subversion [2011.02.02 15:03:30 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\TS3Client [2011.08.26 16:46:36 | 000,000,000 | ---D | M] -- C:\Users\Nadia\AppData\Roaming\uTorrent [2012.02.05 14:24:55 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 05.02.2012 14:42:56 - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Nadia\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,90 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 79,76% Memory free
6,00 Gb Paging File | 5,61 Gb Available in Paging File | 93,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,32 Gb Total Space | 186,23 Gb Free Space | 64,59% Space Free | Partition Type: NTFS
Computer Name: NADIA-PC | User Name: Nadia | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1420DD45-3204-41C1-8F06-D5AB6C56F421}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1903C0AD-8DCC-4BCA-AF7E-FBCF12AB29AB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{19A5ADD5-7FB9-4839-B6E9-B2CF4BAA8006}" = rport=139 | protocol=6 | dir=out | app=system |
"{1FBC2510-1FA0-4DB1-8034-919B515ED2FF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2EB20170-FA28-499A-B8C0-9FDCA5AAACEA}" = rport=138 | protocol=17 | dir=out | app=system |
"{4295C35A-3C8C-47EF-9FF9-DD7A08C8CD34}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4400669A-2A49-45A5-818D-14C79F211D22}" = lport=445 | protocol=6 | dir=in | app=system |
"{54613943-CE57-4630-BBFD-DB8B72834044}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7F67BBB7-A48E-4142-A4B7-9D3A2F98A9C8}" = lport=137 | protocol=17 | dir=in | app=system |
"{9550ADD3-516A-43D9-A76A-107AEF8BA826}" = rport=137 | protocol=17 | dir=out | app=system |
"{9B2BC4F0-246B-4271-8591-6DC10A836EF4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ACD1746E-3C8D-41BC-AD1A-4DE7E9E44E54}" = lport=138 | protocol=17 | dir=in | app=system |
"{B58B00E7-E9F9-4A2F-AD31-9EFBD6075752}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BC505EBB-0167-4C64-B97E-6ED4755BBC9D}" = rport=445 | protocol=6 | dir=out | app=system |
"{D3E61A8B-9EE8-41D7-9167-691146E4C269}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E58D169E-63D1-4161-BE36-06ACB5EBBF73}" = lport=139 | protocol=6 | dir=in | app=system |
"{E7CF315E-04E8-4218-98C0-E60D454B2EDA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F4D513ED-D646-47B3-87EF-57D40F4BC053}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F7557EE8-2982-4243-A56E-561E12C0ACB1}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FE8FF7E9-81A9-4CE5-9C43-DC22E2FF2190}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CC17F61-06B8-46F6-900F-30F8558261E5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1213B9CB-AA9E-4520-AA8C-0410E4EB3401}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{2751F58B-DA0B-4764-8A3B-FD5DB20B6095}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3366F917-B26D-4437-97BD-AEFC9AFCD013}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3FAD6E5C-C8B8-46B8-B817-E93EB4BBAD9F}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{4B4BF783-C45D-4A5B-9D0B-5D285CE93118}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5C435EB7-4F72-49EA-A961-C743C6DF4473}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{7C97D2E8-F092-4056-9D0B-329D9A5D6181}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{9BF5761E-DFC1-4C43-AB2F-FA4384A04DCB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AE42203B-94F8-4A94-8AC4-A4F96A3F70B0}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{BC6C9AF2-585B-4EBC-9C7C-95524BD39E52}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |
"{C2BDD57D-BD5B-41C4-9D77-ACFB9F596E5D}" = dir=in | app=c:\program files\acer\acer vcm\rs_service.exe |
"{C63DE288-C1AA-43EA-9C18-FD1BCCEE5E31}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{C7DF10A9-D3DD-4EE5-9A19-2C566755C7FA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D6B1DEA8-4728-4C0D-B381-B6DD42F8C1DA}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{E283F950-5417-47B3-AD50-258B0B9E39E7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E6CD5753-17EB-4A65-A593-78CB3396E1B2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EF71D745-E655-4156-9955-A74FBFC2082B}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"TCP Query User{29609449-18CA-4169-806C-CF9D9EB9E87B}C:\users\nadia\desktop\eclipse-java-galileo-sr2-win32\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\users\nadia\desktop\eclipse-java-galileo-sr2-win32\eclipse\eclipse.exe |
"TCP Query User{2A096C90-455C-4BE0-B5CA-3E874DDD9091}C:\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"TCP Query User{38B984DC-7BDD-46AA-A95D-47FC54676B4D}C:\program files\java\jdk1.5.0_06\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.5.0_06\jre\bin\java.exe |
"TCP Query User{3B65C89F-2295-4EEE-8194-61497252200C}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{5168824F-29A3-4205-9459-C7CC95BD998E}C:\program files\sega\medieval ii total war\medieval2.exe" = protocol=6 | dir=in | app=c:\program files\sega\medieval ii total war\medieval2.exe |
"UDP Query User{480DED7D-CA61-4192-8F79-5CC44E0912E6}C:\program files\java\jdk1.5.0_06\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.5.0_06\jre\bin\java.exe |
"UDP Query User{5E3E8677-ECC0-4560-B652-B26D995615A3}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{72829114-373A-49C8-8868-E85AED0DB0C1}C:\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\xampp\mysql\bin\mysqld.exe |
"UDP Query User{90C16C6E-E37C-41CB-9041-2A175A695C99}C:\program files\sega\medieval ii total war\medieval2.exe" = protocol=17 | dir=in | app=c:\program files\sega\medieval ii total war\medieval2.exe |
"UDP Query User{E32A028A-C1A6-4FCB-A48A-18CFD874FA6F}C:\users\nadia\desktop\eclipse-java-galileo-sr2-win32\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\users\nadia\desktop\eclipse-java-galileo-sr2-win32\eclipse\eclipse.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0038A75F-1F5B-44FB-AA2F-6C6A4E068B1E}" = PC Draft P.E. Demo
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06DDB8E7-34B2-3BCE-3FE4-CB08D02786A6}" = CCC Help Chinese Standard
"{0B076372-FBD5-0EE3-8BBC-9B783CD32738}" = CCC Help Spanish
"{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Societies
"{0FC1D9E0-D9AC-CEDE-049A-C7EA22B79670}" = CCC Help Norwegian
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series" = Canon MX880 series MP Drivers
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1BF56E7E-5921-CDBE-3FB8-5123B35AA0E1}" = Skins
"{1BFD05CA-4659-0FDB-2806-4D087901052B}" = CCC Help Portuguese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2052043E-700A-BCDF-48ED-C7E77568204F}" = ccc-utility
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{21E30739-C840-5946-8C43-05AF23A110F9}" = CCC Help Korean
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{25D5EF0F-721F-B0D3-77DF-B6D9681630DE}" = CCC Help Chinese Traditional
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 26
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{32A3A4F4-B792-11D6-A78A-00B0D0150060}" = J2SE Development Kit 5.0 Update 6
"{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}" = PaperPort Image Printer
"{3D27B9BF-142E-B7AA-EACB-7FC8B6EEBBAC}" = CCC Help Thai
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}" = Firebird SQL Server - MAGIX Edition
"{3EBC0693-0A27-4B50-90A1-A8B688911C7A}" = Samsung PC Studio 3
"{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}" = Microsoft Research AutoCollage 2008 version 1.1
"{458B5643-6830-569F-4A18-7EAF31FCD4DE}" = CCC Help Finnish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5736CB-521F-1C43-A442-0C192ED85D4B}" = Catalyst Control Center Core Implementation
"{4F482CDB-862E-FF9A-F86D-EC5612436A6A}" = Catalyst Control Center Localization All
"{51B83F5C-5660-4B73-AB18-C68993FEDEB3}" = Catalyst Control Center - Branding
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{58DAD6DD-10EF-B671-6DC2-0ED54DE38F4C}" = Catalyst Control Center Graphics Full New
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{711E643E-939E-19EB-43A1-AA5EE3BBB648}" = CCC Help Czech
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{7D587637-2D88-8E68-14C6-8D4F2031F35E}" = Catalyst Control Center Graphics Previews Vista
"{7E517DC5-116C-757D-A4AE-D02F0BFA9257}" = CCC Help Danish
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.0.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{8E34E6E3-35E8-A5A1-EC08-1355C3094E23}" = Catalyst Control Center InstallProxy
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{97FB4EFB-0FAE-1DC9-2C3F-FFA947A9CA18}" = CCC Help Japanese
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B0F9788-3141-4009-846E-52E59843E963}" = SimCity™ Societies
"{A323DDB1-B841-83F6-C724-ABB7EC52002C}" = CCC Help Italian
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AE09C972-EEB2-4DA5-8090-0FCF54576854}" = Optical Drive Power Management
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF208106-BB8E-5836-6008-9A83F66390B9}" = CCC Help Turkish
"{B185DB30-AA74-ADF3-7B9A-B54575A440F8}" = CCC Help Russian
"{B34E8F86-CD2A-BC3E-5219-51F024538E0D}" = CCC Help Greek
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B6C89654-A6A2-477C-873B-724EC1C56407}" = ScanSoft PaperPort 11
"{BA045F53-BAC9-7ABB-9B11-019448C01A84}" = ccc-core-static
"{BDACCC61-38CA-CB8D-3492-D853DF44C143}" = CCC Help Dutch
"{BDFA049D-0D5D-5D5E-7846-77596368D60B}" = CCC Help Polish
"{BEB89F69-54E4-0838-CCE1-A2F43FC42A4C}" = CCC Help French
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C64DA060-0205-D503-BD0B-679B84DD49A7}" = Catalyst Control Center Graphics Light
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C897FCB3-2F8B-4185-8035-79E2AF3A92A4}" = iTunes
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CC1C0A5A-B9A9-24AF-D58C-FC8764E8C1FD}" = Catalyst Control Center Graphics Full Existing
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.79.326
"{D1C7BB12-BE01-11DC-AAC9-EEBA55D89593}" = SimCity™ Societies Reisewelten
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3DCC04E-2DA1-4280-A9D3-F3BD395C397F}" = Meltho Version 1.20
"{D5F0443B-2EBB-B51A-D497-71F50E6E8D4A}" = CCC Help Hungarian
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DA86B571-BDB9-2FFA-554F-ECA0A79A67EB}" = CCC Help Swedish
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E352F306-9A7C-2373-7D3B-8D5BF6867B22}" = CCC Help German
"{E44E27AA-17F4-9E7D-6132-816420AA9689}" = CCC Help English
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4154AF7-16F9-C6E3-FD79-D56BDB21A027}" = ATI Catalyst Install Manager
"{F6A7F383-24AB-421A-0289-8EE9F812ACA3}" = PX Profile Update
"{F81415D2-CEC9-4F96-9ABA-B2CC5382A930}" = SweetIM for Messenger 3.0
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FFF5F83B-1112-49EF-BABF-C00D2DECC062}" = DSL Connection Manager
"7-Zip" = 7-Zip 9.20
"Acer Screensaver" = Acer ScreenSaver
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BlueJ_is1" = BlueJ 2.1.2
"Canon MX880 series Benutzerregistrierung" = Canon MX880 series Benutzerregistrierung
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"CToolbar_UNINSTALL" = Web Security Guard with Crawler Toolbar
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"IrfanView" = IrfanView (remove only)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"MP Navigator EX 4.1" = Canon MP Navigator EX 4.1
"Nvu_is1" = Nvu 1.0
"OpenTTD" = OpenTTD 1.1.0-RC2
"PSPad editor_is1" = PSPad editor
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"ShapeCollage" = Shape Collage
"Speed Dial Utility" = Canon Kurzwahlprogramm
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"xampp" = XAMPP 1.7.5
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.01.2012 13:01:49 | Computer Name = Nadia-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 30.01.2012 13:01:50 | Computer Name = Nadia-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 30.01.2012 13:01:50 | Computer Name = Nadia-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 30.01.2012 13:01:50 | Computer Name = Nadia-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 30.01.2012 13:01:50 | Computer Name = Nadia-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 30.01.2012 13:04:46 | Computer Name = Nadia-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 30.01.2012 13:04:46 | Computer Name = Nadia-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 30.01.2012 13:04:46 | Computer Name = Nadia-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 30.01.2012 13:04:46 | Computer Name = Nadia-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 30.01.2012 13:04:46 | Computer Name = Nadia-PC | Source = Windows Search Service | ID = 3013
Description =
[ System Events ]
Error - 05.02.2012 09:24:51 | Computer Name = Nadia-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 05.02.2012 09:25:58 | Computer Name = Nadia-PC | Source = DCOM | ID = 10005
Description =
Error - 05.02.2012 09:26:06 | Computer Name = Nadia-PC | Source = DCOM | ID = 10005
Description =
Error - 05.02.2012 09:26:07 | Computer Name = Nadia-PC | Source = DCOM | ID = 10005
Description =
Error - 05.02.2012 09:26:10 | Computer Name = Nadia-PC | Source = DCOM | ID = 10005
Description =
Error - 05.02.2012 09:26:11 | Computer Name = Nadia-PC | Source = DCOM | ID = 10005
Description =
Error - 05.02.2012 09:26:24 | Computer Name = Nadia-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 05.02.2012 09:26:24 | Computer Name = Nadia-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 05.02.2012 09:27:56 | Computer Name = Nadia-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 05.02.2012 09:29:38 | Computer Name = Nadia-PC | Source = DCOM | ID = 10005
Description =
< End of report >
Gruss |
| Themen zu Windows Security Center: Warnung - PC gesperrt! |
| andere, bereinige, brauche, center, erstelle, erstellen, gesperrt, hallo zusammen, pc gesperrt, security, security center, unterstützung, warnung, windows, windows security, windows security center, zusammen |
Baum-Darstellung