Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: der computer ist für die verletzung der gesetze blockiet worden!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 06.08.2012, 08:12   #1
niti1988
 
der computer ist für die verletzung der gesetze blockiet worden! - Standard

der computer ist für die verletzung der gesetze blockiet worden!



Hallo,

Also ich kenn mich nicht recht gut aus aber ich hab mal den otl scan gemacht und zwei txt. dateien bekommen:
habe gestern den polizeivirus gehabt, und heute habe ich eine systemwiederherstellung gemacht, hat wieder alles funktioniert nur weiß ich nicht ob der virus jetzt noch im pc ist oder nicht kann mir da wer helfen bitte?

Extras.txt

OTL Extras logfile created on: 8/6/2012 8:46:57 AM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Anita\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

1.93 Gb Total Physical Memory | 0.66 Gb Available Physical Memory | 34.17% Memory free
3.86 Gb Paging File | 2.39 Gb Available in Paging File | 61.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 280.79 Gb Total Space | 89.50 Gb Free Space | 31.87% Space Free | Partition Type: NTFS
Drive F: | 1.99 Gb Total Space | 0.01 Gb Free Space | 0.37% Space Free | Partition Type: FAT32
Drive J: | 2.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: ANITA-HP | User Name: Anita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1500055201-2305092131-526482335-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E63C1D-8D05-4E3C-9A2B-69B2434B1B8F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{0761C39F-0F02-42E9-A6F3-FE13E2EB5217}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3C8CC9C0-214F-43D8-BC5C-F8F249ED11A1}" = lport=137 | protocol=17 | dir=in | app=system |
"{4B8983AF-E771-4E0A-9963-5B95CBFA80A1}" = lport=139 | protocol=6 | dir=in | app=system |
"{60445DB8-4B22-41D0-8339-07E256E02D14}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{61C36E70-36E2-452B-90BF-CF9BD4040F21}" = rport=445 | protocol=6 | dir=out | app=system |
"{68BD3B5E-BA19-4F55-BBD4-636B5D2B08A9}" = rport=137 | protocol=17 | dir=out | app=system |
"{6F3B8937-2703-46C7-9E89-611E177CAFDB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{85AE2B11-A84C-4790-B3CB-88C327D717B0}" = rport=139 | protocol=6 | dir=out | app=system |
"{87399AB8-98B4-45A5-9ED8-2CAD8BBAFE0F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{96B1293E-E083-48E9-A376-936D9C582794}" = lport=138 | protocol=17 | dir=in | app=system |
"{9B213277-6523-4591-BA59-6CC56253A723}" = lport=445 | protocol=6 | dir=in | app=system |
"{C1A68497-F47E-45B8-BAE1-DFBA4DC29EB9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D62188D4-AE1C-4656-B370-4F50E0C91228}" = rport=138 | protocol=17 | dir=out | app=system |
"{FB6B7B3E-FC41-4BE6-BBF9-954DA84FBFDF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FE8ECB7B-BC2B-4AE7-BF73-794E340BB77F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04102E85-7B9F-44EF-A9FF-CEF40883472B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1885650D-5B72-4EB6-9557-FAE533C1C9B7}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{1AC0F0AA-D023-46A2-84C9-2AFEA5C21B5C}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{24118B07-29C9-44EC-9AC2-A6D2B32BB72E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{28B80893-576C-48E6-ABEB-E9FB647EBA4F}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{2DEF2932-1475-4367-B51A-B8B2F370BDB9}" = protocol=6 | dir=in | app=c:\program files (x86)\mcafee\managed virusscan\agent\myagtsvc.exe |
"{2ED240DA-8006-4821-959B-CB0A7270F424}" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.exe |
"{37496FF5-AD4B-41D7-80D7-94205680535E}" = protocol=17 | dir=in | app=c:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{53B2501E-8506-49B0-95C4-E09CF431056F}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{615A27E7-B11B-41AB-8394-6C04434D5F3E}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{61B308F7-FE7A-45F9-BCFD-BF5B5A01A30B}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{63DF8725-59A3-48AD-AF1C-F74CFB8CB898}" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.patch.exe |
"{6F3A50F7-5499-40D0-9372-3464420954C2}" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.patch.exe |
"{703CBBFB-83EF-45B7-89A5-C25ACAFF76BD}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{768BA583-F15E-4793-B05E-ABCFE1581BC5}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{8BE998E9-F885-480F-B3FC-457715692C63}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8CA6F511-47E2-49E9-90B4-B8D3B453BDDB}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{9311A265-5A0F-4AAE-97CA-0B6773F4AFB4}" = protocol=6 | dir=in | app=c:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{97ADDA35-0392-42E8-B79A-BF06283568CC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A82234C1-3A97-4995-ABC3-214AEBC7E08B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A848CE43-F567-4381-9648-CB97A26446F0}" = dir=in | app=c:\users\anita\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{A9F1A5A1-095F-4EC4-888C-792147786BF5}" = protocol=17 | dir=in | app=c:\program files (x86)\mcafee\managed virusscan\agent\myagtsvc.exe |
"{AA0C1ADB-9C62-4CA9-848D-62FC251C80E9}" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.exe |
"{AD192918-F204-4F1C-BAE9-BF5C4E769322}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B49CCACE-0E28-4E35-8C2B-9BEDF3AAEFFE}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C664E82C-66E1-4321-AF1D-946A436B2EC9}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{CE073DEC-331A-42E0-8B57-8F6D46C35848}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{DEBD91C0-650C-49B6-A3A7-B0C558947863}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"{E3321955-3AEC-414F-AC42-FE34BCB4258F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E5E0AF18-D7C2-416D-8A41-06A66FC26E6B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"TCP Query User{0AF8510E-E8E2-45F7-BB3D-F521EECBB0E5}C:\program files (x86)\atube catcher\yct.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atube catcher\yct.exe |
"TCP Query User{22E25053-F900-4107-8C08-E89E47937BE4}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{3AD5D3F5-9A80-4CBE-84BD-F3C6C7C23BEC}C:\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe |
"TCP Query User{3BDAE99F-8D4D-47B6-B0B1-14D2AF82BD46}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{4052483F-AC58-49D8-A81F-BF08DF236465}C:\users\anita\downloads\cityvillebot\cvbot.exe" = protocol=6 | dir=in | app=c:\users\anita\downloads\cityvillebot\cvbot.exe |
"TCP Query User{40E07635-F56A-4155-8B6A-369528C0B989}C:\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe |
"TCP Query User{4687FD7F-6ABF-420D-B824-55B326305351}C:\users\anita\appdata\local\temp\rar$ex00.291\cityvillebot\cvbot.exe" = protocol=6 | dir=in | app=c:\users\anita\appdata\local\temp\rar$ex00.291\cityvillebot\cvbot.exe |
"TCP Query User{4F1FF232-5BB1-4C38-9CD2-CD1729C41685}C:\program files (x86)\charles\charles.exe" = protocol=6 | dir=in | app=c:\program files (x86)\charles\charles.exe |
"TCP Query User{55871ABD-B205-4098-A540-FAD82B998618}C:\program files (x86)\free video zilla\fvzilla.exe" = protocol=6 | dir=in | app=c:\program files (x86)\free video zilla\fvzilla.exe |
"TCP Query User{6717B152-B224-4AB4-8612-C94780C2BD1A}C:\program files (x86)\cityvillebot\cvbot.exe" = protocol=6 | dir=in | app=c:\program files (x86)\cityvillebot\cvbot.exe |
"TCP Query User{67A3B968-82B2-4494-B40A-AE5F899BC8F9}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{8628F8DF-60EA-478D-B11E-4716228613F0}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{875608D7-5B91-47AF-9B62-F8173272E852}C:\users\anita\desktop\cityvillebot\cvbot.exe" = protocol=6 | dir=in | app=c:\users\anita\desktop\cityvillebot\cvbot.exe |
"TCP Query User{AF39A942-33CE-4D05-B1EB-CE21F9344D7F}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{C292882C-890A-4AD3-9123-7E532CB50414}C:\users\anita\appdata\local\temp\rar$ex00.059\cityvillebot\cvbot.exe" = protocol=6 | dir=in | app=c:\users\anita\appdata\local\temp\rar$ex00.059\cityvillebot\cvbot.exe |
"TCP Query User{CA011C06-006B-4D6D-8D3F-0E94CF188531}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe |
"TCP Query User{FF0A36DA-6309-4ADB-9A99-36C50E2B3781}C:\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\world of warcraft\backgrounddownloader.exe |
"UDP Query User{00688CF9-CE55-47E1-952F-C33FF05DD236}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{03BC6F65-FF80-43F3-9D4B-7DA0CD74BAED}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe |
"UDP Query User{03E02DE5-A0D3-454E-8233-77C965910280}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{113C7DEC-B501-4DE0-A9C3-1686F9407672}C:\users\anita\desktop\cityvillebot\cvbot.exe" = protocol=17 | dir=in | app=c:\users\anita\desktop\cityvillebot\cvbot.exe |
"UDP Query User{28615E4C-92B2-446D-91DF-39AFB995B079}C:\users\anita\appdata\local\temp\rar$ex00.291\cityvillebot\cvbot.exe" = protocol=17 | dir=in | app=c:\users\anita\appdata\local\temp\rar$ex00.291\cityvillebot\cvbot.exe |
"UDP Query User{3277CD53-4C5B-4926-93B7-8E1B69898BC9}C:\program files (x86)\cityvillebot\cvbot.exe" = protocol=17 | dir=in | app=c:\program files (x86)\cityvillebot\cvbot.exe |
"UDP Query User{3352ACC7-B79A-4A7B-8FA6-FE763F5BA8E2}C:\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\world of warcraft\temp\wow-4.2.1.2609-enus-tools-downloader.exe |
"UDP Query User{3B2829FC-A1C7-4922-A110-A0A6D130BF69}C:\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\world of warcraft\temp\wow-4.2.1.2617-enus-tools-downloader.exe |
"UDP Query User{4D7F92D1-1AA7-47F8-AE86-A5F86A40201B}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{4F720C23-DB2D-40D8-9D1A-23A8D256FD60}C:\program files (x86)\atube catcher\yct.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atube catcher\yct.exe |
"UDP Query User{620DD6C1-24DA-4848-AEA8-49248ED143C7}C:\program files (x86)\free video zilla\fvzilla.exe" = protocol=17 | dir=in | app=c:\program files (x86)\free video zilla\fvzilla.exe |
"UDP Query User{6ABDFD60-B699-4FD7-9CBD-51A82A90A4B8}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{CDCAC197-7386-4EC3-9102-A01066AAF70E}C:\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\world of warcraft\backgrounddownloader.exe |
"UDP Query User{CFCB15DB-CE9F-40A8-98C0-6C98CE7FD1C5}C:\users\anita\downloads\cityvillebot\cvbot.exe" = protocol=17 | dir=in | app=c:\users\anita\downloads\cityvillebot\cvbot.exe |
"UDP Query User{E7199946-E4E5-468C-B8F2-E14490C1BBE3}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{F2052407-5D79-4CC8-922D-DD25872FD7E0}C:\users\anita\appdata\local\temp\rar$ex00.059\cityvillebot\cvbot.exe" = protocol=17 | dir=in | app=c:\users\anita\appdata\local\temp\rar$ex00.059\cityvillebot\cvbot.exe |
"UDP Query User{F92F0183-751F-4A59-8245-1E6F7EF99B5B}C:\program files (x86)\charles\charles.exe" = protocol=17 | dir=in | app=c:\program files (x86)\charles\charles.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{35E7875D-C1E5-4D7D-99AF-07CA5F4250BB}" = NXPowerLite
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}" = HP HotKey Support
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Lexmark Z500-Z600 Series" = Lexmark Z500-Z600 Series
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Ralink Motorola BC4 Bluetooth 3.0+HS Adapter_is1" = Ralink Motorola BC4 Bluetooth 3.0+HS Adapter
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1061DF04-CF33-40B0-8360-D07C9BBEB122}" = HP Wireless Assistant
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{206E1EEB-027A-4FC0-B4ED-6E48203BD49A}" = HP ESU for Microsoft Windows 7
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A0FD0E8-7825-468D-8808-A5D63B11777B}" = HP Software Framework
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{436bfd62-0f20-49b6-9a64-3bfbedc4ed67}" = Nero 9 Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{5E6ACA2E-60D5-461C-8FD3-04BA9C174B27}_is1" = Mouse Recorder Pro 1.3
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BB5E925-A3DD-48C2-9A82-017AF5982FFE}" = Facebook Messenger 2.1.4590.0
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT3090 802.11b/g/n WiFi Adapter
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = HP Webcam Driver
"{E0D51394-1D45-460A-B62D-383BC4F8B335}" = QuickTime
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA8BFB25-BF48-4F8B-8859-B30810745190}" = LightScribe System Software
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Pro" = DAEMON Tools Pro
"DealPly" = DealPly
"DivX Setup.divx.com" = DivX Setup
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"IsoBuster_is1" = IsoBuster 2.8.5
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PDF Complete" = PDF Complete Special Edition
"The KMPlayer" = The KMPlayer (remove only)
"Tobit Radio.fx Server" = Radio.fx
"UltraISO_is1" = UltraISO Premium V9.52
"VLC media player" = VLC media player 1.1.5
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1500055201-2305092131-526482335-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4/25/2012 11:32:16 AM | Computer Name = Anita-HP | Source = CVHSVC | ID = 100
Description = Nur zur Information. Error: BITS connection error Type: 150::InternetConnectionFailure.


Error - 4/25/2012 6:30:42 PM | Computer Name = Anita-HP | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
in Zeile 2. Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error - 4/26/2012 7:42:01 PM | Computer Name = Anita-HP | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error - 4/26/2012 7:52:27 PM | Computer Name = Anita-HP | Source = CVHSVC | ID = 100
Description = Nur zur Information. Error: BITS connection error Type: 150::InternetConnectionFailure.


Error - 4/26/2012 11:13:08 PM | Computer Name = Anita-HP | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error - 4/26/2012 11:13:08 PM | Computer Name = Anita-HP | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error - 4/27/2012 7:02:17 PM | Computer Name = Anita-HP | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
in Zeile 2. Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error - 4/28/2012 5:07:43 PM | Computer Name = Anita-HP | Source = CVHSVC | ID = 100
Description = Nur zur Information. Error: BITS connection error Type: 150::InternetConnectionFailure.


Error - 4/29/2012 1:05:46 PM | Computer Name = Anita-HP | Source = Windows Backup | ID = 4104
Description =

Error - 4/29/2012 5:37:54 PM | Computer Name = Anita-HP | Source = CVHSVC | ID = 100
Description = Nur zur Information. Error: BITS connection error Type: 150::InternetConnectionFailure.


[ System Events ]
Error - 8/6/2012 2:02:52 AM | Computer Name = Anita-HP | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 8/6/2012 2:02:52 AM | Computer Name = Anita-HP | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 8/6/2012 2:02:52 AM | Computer Name = Anita-HP | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 8/6/2012 2:02:52 AM | Computer Name = Anita-HP | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 8/6/2012 2:02:57 AM | Computer Name = Anita-HP | Source = DCOM | ID = 10005
Description =

Error - 8/6/2012 2:03:48 AM | Computer Name = Anita-HP | Source = DCOM | ID = 10005
Description =

Error - 8/6/2012 2:06:45 AM | Computer Name = Anita-HP | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060

Error - 8/6/2012 2:06:48 AM | Computer Name = Anita-HP | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist
von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.

Error - 8/6/2012 2:06:48 AM | Computer Name = Anita-HP | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig:
BFE. Dieser Dienst ist eventuell nicht installiert.

Error - 8/6/2012 2:09:54 AM | Computer Name = Anita-HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HP Health Check Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2


< End of report >

OTL.txt

OTL logfile created on: 8/6/2012 8:46:57 AM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Anita\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

1.93 Gb Total Physical Memory | 0.66 Gb Available Physical Memory | 34.17% Memory free
3.86 Gb Paging File | 2.39 Gb Available in Paging File | 61.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 280.79 Gb Total Space | 89.50 Gb Free Space | 31.87% Space Free | Partition Type: NTFS
Drive F: | 1.99 Gb Total Space | 0.01 Gb Free Space | 0.37% Space Free | Partition Type: FAT32
Drive J: | 2.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: ANITA-HP | User Name: Anita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Anita\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe ()
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Macrovision Europe Ltd.)
SRV:64bit: - (Bluetooth Device Manager) -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe (Motorola, Inc.)
SRV:64bit: - (Bluetooth OBEX Service) -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe (Motorola, Inc.)
SRV:64bit: - (Bluetooth Media Service) -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe (Motorola, Inc.)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agr64svc.exe (LSI Corporation)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (lxbc_device) -- C:\Windows\SysNative\lxbccoms.exe ( )
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Radio.fx) -- C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe ()
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (hpHotkeyMonitor) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe (Hewlett-Packard Company)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (STacSV) -- C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe (IDT, Inc.)
SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AESTFilters) -- C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (lxbc_device) -- C:\Windows\SysWOW64\lxbccoms.exe ( )


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (zghsmdm) -- C:\Windows\SysNative\drivers\zghsmdm.sys (ZTE Incorporated)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\androidusb.sys (Google Inc)
DRV:64bit: - (BTMUSB) -- C:\Windows\SysNative\drivers\btmusb.sys (Motorola, Inc.)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (BTMNET) -- C:\Windows\SysNative\drivers\btmnet.sys (Motorola, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (rtsuvc) -- C:\Windows\SysNative\drivers\rtsuvc.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (btmaudio) -- C:\Windows\SysNative\drivers\btmaud.sys (Motorola, Inc.)
DRV:64bit: - (BTMCOM) -- C:\Windows\SysNative\drivers\btmcom.sys (Motorola, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (IntcHdmiAddService) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Company)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (ISODrive) -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/4
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {3419A091-2E44-40B3-A50D-BEA235EBEE82}
IE:64bit: - HKLM\..\SearchScopes\{3419A091-2E44-40B3-A50D-BEA235EBEE82}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {3419A091-2E44-40B3-A50D-BEA235EBEE82}
IE - HKLM\..\SearchScopes\{3419A091-2E44-40B3-A50D-BEA235EBEE82}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox


IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&affID=100474&mntrId=80478b3c000000000000e02a822525a0
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100474&mntrId=80478b3c000000000000e02a822525a0
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\SearchScopes\{3419A091-2E44-40B3-A50D-BEA235EBEE82}: "URL" = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?babsrc=HP_Prot"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {3e9a3920-1b27-11da-8cd6-0800200c9a66}:3.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.5.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.13.2.100012
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.7
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..extensions.enabledItems: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}:2.0
FF - prefs.js..extensions.enabledItems: {c1dffba0-628e-11d9-9669-0800200c9a66}:3.6.3
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.7&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Program Files (x86)\FunWebProducts\Installr\2.bin\NPFunWeb.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Anita\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/09/10 06:59:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/01/31 14:25:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/01/31 14:25:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\2.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files (x86)\Ge org Internet Manager\Bin\addon
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.5.6\extensions\\Components: C:\Program Files (x86)\Flock\components [2011/06/23 11:39:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.5.6\extensions\\Plugins: C:\Program Files (x86)\Flock\plugins [2011/07/30 13:25:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/19 11:26:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/12 21:13:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/19 11:26:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/12 21:13:41 | 000,000,000 | ---D | M]

[2011/03/03 10:51:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anita\AppData\Roaming\mozilla\Extensions
[2011/03/03 10:51:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anita\AppData\Roaming\mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2012/08/04 06:07:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anita\AppData\Roaming\mozilla\Firefox\Profiles\zllphj7p.default\extensions
[2012/07/07 12:08:44 | 000,000,000 | ---D | M] (PitchDark) -- C:\Users\Anita\AppData\Roaming\mozilla\Firefox\Profiles\zllphj7p.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2012/07/23 14:08:52 | 000,000,000 | ---D | M] (German Dictionary, extended for Austria) -- C:\Users\Anita\AppData\Roaming\mozilla\Firefox\Profiles\zllphj7p.default\extensions\de-AT@dictionaries.addons.mozilla.org
[2011/02/03 19:33:47 | 000,001,832 | ---- | M] () -- C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\zllphj7p.default\searchplugins\bing.xml
[2012/08/04 05:46:31 | 000,000,950 | ---- | M] () -- C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\zllphj7p.default\searchplugins\icqplugin-1.xml
[2012/05/12 21:14:54 | 000,000,950 | ---- | M] () -- C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\zllphj7p.default\searchplugins\icqplugin-10.xml
[2012/05/15 20:18:36 | 000,000,950 | ---- | M] () -- C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\zllphj7p.default\searchplugins\icqplugin-11.xml
[2011/08/17 20:58:44 | 000,000,950 | ---- | M] () -- C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\zllphj7p.default\searchplugins\icqplugin-2.xml
[2011/09/02 11:52:31 | 000,000,950 | ---- | M] () -- C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\zllphj7p.default\searchplugins\icqplugin-3.xml
[2011/09/13 07:50:42 | 000,000,950 | ---- | M] () -- C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\zllphj7p.default\searchplugins\icqplugin-4.xml
[2011/10/12 10:34:05 | 000,000,950 | ---- | M] () -- C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\zllphj7p.default\searchplugins\icqplugin-5.xml
[2011/11/10 19:53:41 | 000,000,950 | ---- | M] () -- C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\zllphj7p.default\searchplugins\icqplugin-6.xml
[2011/12/22 20:05:59 | 000,000,950 | ---- | M] () -- C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\zllphj7p.default\searchplugins\icqplugin-7.xml
[2012/02/02 17:01:00 | 000,000,950 | ---- | M] () -- C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\zllphj7p.default\searchplugins\icqplugin-8.xml
[2012/03/14 21:28:17 | 000,000,950 | ---- | M] () -- C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\zllphj7p.default\searchplugins\icqplugin-9.xml
[2011/06/22 12:34:14 | 000,001,056 | ---- | M] () -- C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\zllphj7p.default\searchplugins\icqplugin.xml
[2011/02/03 19:33:45 | 000,009,966 | ---- | M] () -- C:\Users\Anita\AppData\Roaming\Mozilla\Firefox\Profiles\zllphj7p.default\searchplugins\mywebsearch.xml
[2012/06/06 10:45:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/02/10 20:18:03 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/08/04 06:07:48 | 000,021,524 | ---- | M] () (No name found) -- C:\USERS\ANITA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLLPHJ7P.DEFAULT\EXTENSIONS\LEETHAX@LEETHAX.NET.XPI
[2012/07/19 11:26:52 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/06/20 20:12:16 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/10/27 08:47:57 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/06/20 20:12:16 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/20 20:12:16 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/06/20 20:12:16 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/06/20 20:12:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/06/20 20:12:16 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O3 - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24372355-2731-4E2F-8D17-81FDE2AF7DEF}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63EBB47E-3CF1-4C95-8CAD-5184A5C4CE07}: DhcpNameServer = 10.0.3.1 194.228.41.65 194.228.41.113
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/30 22:53:28 | 000,000,048 | R--- | M] () - J:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{6c5e4413-459a-11e0-890f-6431506c3935}\Shell - "" = AutoRun
O33 - MountPoints2\{6c5e4413-459a-11e0-890f-6431506c3935}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{8a4f8e88-45a4-11e1-9a0c-e02a822525a0}\Shell - "" = AutoRun
O33 - MountPoints2\{8a4f8e88-45a4-11e1-9a0c-e02a822525a0}\Shell\AutoRun\command - "" = D:\autorun.exe
O33 - MountPoints2\{8a4f8e88-45a4-11e1-9a0c-e02a822525a0}\Shell\readit\command - "" = notepad readme.doc
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/06 08:29:56 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Anita\Desktop\OTL.exe
[2012/08/05 23:07:59 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Roaming\hellomoto
[2012/08/03 14:05:06 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{B4142080-AD02-4FAC-A7C2-5ED7E1702CC7}
[2012/08/03 14:01:35 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\Macromedia
[2012/08/03 13:58:29 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/08/03 13:58:26 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Macromed
[2012/08/03 13:54:36 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{FAF02FCA-9D2F-4F73-B5E6-D480E3B2F3D9}
[2012/08/03 10:18:30 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Roaming\TuneUp Software
[2012/08/03 10:18:14 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012/08/03 10:18:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/08/03 10:18:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/08/03 10:11:49 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Roaming\OpenCandy
[2012/08/03 10:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
[2012/08/03 10:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.2
[2012/08/01 17:10:14 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{134240C0-60FB-42E4-B630-F5B4A5F45A07}
[2012/07/30 14:56:51 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{3C5C8EED-DAF1-49C5-982D-0F6AAB4DD74F}
[2012/07/30 14:55:34 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{863DED0D-BB44-4D28-9072-C05A59205057}
[2012/07/27 06:19:58 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012/07/25 15:31:56 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{D19D8109-0854-4507-ABFC-08EEB23517DA}
[2012/07/24 21:26:18 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{579B0E1F-54D4-490B-8340-F1CE5A2832C3}
[2012/07/24 09:25:14 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{30F579C7-4C84-4F4E-9461-7A8139CBFF3B}
[2012/07/23 20:52:59 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{C2613698-24D2-4A3B-ABD4-3D6B1E2BC2C4}
[2012/07/23 08:52:21 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{35261C4E-CEAD-4849-A131-2BF4A8950721}
[2012/07/22 20:50:51 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{09D93C69-E484-4C6C-8C1C-839B54F78988}
[2012/07/22 20:49:52 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{DF43893B-E122-4524-AC38-7170777B2243}
[2012/07/20 12:46:47 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{C10E3839-62A0-4EEA-81D3-94046B665495}
[2012/07/20 12:45:27 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{F95FA567-B018-4961-8491-95021242F0B9}
[2012/07/19 16:24:40 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Roaming\Apple Computer
[2012/07/19 16:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/07/19 16:23:54 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\GEARAspi64.dll
[2012/07/19 16:23:54 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysWow64\GEARAspi.dll
[2012/07/19 16:23:54 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\drivers\GEARAspiWDM.sys
[2012/07/19 16:23:54 | 000,000,000 | ---D | C] -- C:\windows\SysNative\DRVSTORE
[2012/07/19 16:22:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/07/19 16:22:52 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/07/19 16:22:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/07/19 16:22:52 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/07/19 16:20:46 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\Apple
[2012/07/19 16:20:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/07/19 16:20:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/07/19 16:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/07/19 16:19:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/07/19 16:19:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/07/19 16:19:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/07/19 00:11:40 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{C1BD0F7E-715B-44F6-B09B-BE7DCAB3D272}
[2012/07/19 00:10:34 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{81D5D725-2834-422F-9EA4-C8371E4FB7A5}
[2012/07/12 10:33:31 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2012/07/12 10:33:31 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2012/07/12 10:26:22 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Local\{ED51566B-DAB9-468D-AFC2-B4CFE09BF8A1}
[2012/07/12 09:55:01 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/07/12 09:55:01 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/07/12 09:55:00 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/07/12 09:55:00 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/07/12 09:54:59 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/07/12 09:54:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/07/12 09:54:59 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/07/12 09:54:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/07/12 09:54:57 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/07/12 09:54:57 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/07/12 09:54:57 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/07/12 09:54:57 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/07/12 09:54:56 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/07/11 22:03:55 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cdosys.dll
[2012/07/11 22:03:54 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdosys.dll
[2012/07/11 22:03:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2012/07/11 22:03:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2012/07/11 22:02:47 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll

========== Files - Modified Within 30 Days ==========

[2012/08/06 09:00:23 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/08/06 08:59:09 | 000,001,138 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1500055201-2305092131-526482335-1001UA.job
[2012/08/06 08:30:06 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Anita\Desktop\OTL.exe
[2012/08/06 08:15:06 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/06 08:15:04 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/06 08:13:32 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/06 08:06:49 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/06 08:06:32 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/08/05 06:07:02 | 000,001,116 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1500055201-2305092131-526482335-1001Core.job
[2012/08/03 15:01:38 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/08/03 15:01:38 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/03 13:52:42 | 000,003,728 | ---- | M] () -- C:\bootsqm.dat
[2012/08/03 10:11:41 | 000,001,085 | ---- | M] () -- C:\Users\Anita\Desktop\Cheat Engine.lnk
[2012/07/28 19:39:19 | 001,509,052 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/07/28 19:39:19 | 000,658,390 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2012/07/28 19:39:19 | 000,619,636 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/07/28 19:39:19 | 000,131,490 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2012/07/28 19:39:19 | 000,107,698 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/07/25 18:04:35 | 000,321,786 | R--- | M] () -- C:\Users\Anita\Desktop\2009RKL_EPG_AbweichungenvomEherecht_PlenumNR_Final.pdf
[2012/07/19 16:24:29 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/07/13 14:47:34 | 000,272,842 | R--- | M] () -- C:\Users\Anita\Desktop\Domino_tierABC.pdf
[2012/07/13 14:35:54 | 000,004,096 | -H-- | M] () -- C:\Users\Anita\AppData\Local\keyfile3.drm
[2012/07/12 10:21:10 | 004,938,352 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2012/08/03 13:58:45 | 000,000,884 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/08/03 13:52:42 | 000,003,728 | ---- | C] () -- C:\bootsqm.dat
[2012/08/03 10:11:41 | 000,001,085 | ---- | C] () -- C:\Users\Anita\Desktop\Cheat Engine.lnk
[2012/07/25 18:04:33 | 000,321,786 | R--- | C] () -- C:\Users\Anita\Desktop\2009RKL_EPG_AbweichungenvomEherecht_PlenumNR_Final.pdf
[2012/07/19 16:24:29 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/07/19 16:20:36 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/07/13 14:47:33 | 000,272,842 | R--- | C] () -- C:\Users\Anita\Desktop\Domino_tierABC.pdf
[2012/07/13 14:35:54 | 000,004,096 | -H-- | C] () -- C:\Users\Anita\AppData\Local\keyfile3.drm
[2012/06/10 20:43:56 | 000,210,032 | ---- | C] () -- C:\windows\SysWow64\DBCLIENT.DLL
[2012/05/05 19:18:27 | 000,000,290 | ---- | C] () -- C:\windows\Lexstat.ini
[2012/05/05 19:17:35 | 000,995,328 | ---- | C] ( ) -- C:\windows\SysWow64\lxbcusb1.dll
[2012/05/05 19:17:35 | 000,643,072 | ---- | C] ( ) -- C:\windows\SysWow64\lxbcpmui.dll
[2012/05/05 19:17:35 | 000,413,696 | ---- | C] () -- C:\windows\SysWow64\lxbcutil.dll
[2012/05/05 19:17:35 | 000,413,696 | ---- | C] ( ) -- C:\windows\SysWow64\lxbcinpa.dll
[2012/05/05 19:17:35 | 000,397,312 | ---- | C] ( ) -- C:\windows\SysWow64\lxbciesc.dll
[2012/05/05 19:17:35 | 000,274,432 | ---- | C] () -- C:\windows\SysWow64\LXBCinst.dll
[2012/05/05 19:17:34 | 001,224,704 | ---- | C] ( ) -- C:\windows\SysWow64\lxbcserv.dll
[2012/05/05 19:17:34 | 000,696,320 | ---- | C] ( ) -- C:\windows\SysWow64\lxbchbn3.dll
[2012/05/05 19:17:34 | 000,684,032 | ---- | C] ( ) -- C:\windows\SysWow64\lxbccomc.dll
[2012/05/05 19:17:34 | 000,585,728 | ---- | C] ( ) -- C:\windows\SysWow64\lxbclmpm.dll
[2012/05/05 19:17:34 | 000,537,520 | ---- | C] ( ) -- C:\windows\SysWow64\lxbccoms.exe
[2012/05/05 19:17:34 | 000,421,888 | ---- | C] ( ) -- C:\windows\SysWow64\lxbccomm.dll
[2012/05/05 19:17:34 | 000,385,968 | ---- | C] ( ) -- C:\windows\SysWow64\lxbcih.exe
[2012/05/05 19:17:34 | 000,381,872 | ---- | C] ( ) -- C:\windows\SysWow64\lxbccfg.exe
[2012/05/05 19:17:34 | 000,181,168 | ---- | C] ( ) -- C:\windows\SysWow64\lxbcppls.exe
[2012/05/05 19:17:34 | 000,163,840 | ---- | C] ( ) -- C:\windows\SysWow64\lxbcprox.dll
[2012/05/05 19:17:34 | 000,094,208 | ---- | C] ( ) -- C:\windows\SysWow64\lxbcpplc.dll
[2012/04/30 22:23:56 | 000,000,489 | ---- | C] () -- C:\Users\Anita\Toshiba HDD (H) - Verknüpfung.lnk
[2012/03/22 20:27:35 | 000,062,558 | ---- | C] () -- C:\Users\Anita\3221134942_00c66c2eb1.jpg
[2012/01/25 18:10:06 | 000,554,496 | ---- | C] () -- C:\windows\SysWow64\dvmsg.dll
[2011/11/21 11:55:35 | 000,507,469 | R--- | C] () -- C:\Users\Anita\Pinguin_Picknick-Anleitung.pdf
[2011/07/30 21:48:44 | 000,000,032 | -HS- | C] () -- C:\Users\Anita\AppData\Roaming\{b9c903e0-c592-11df-851a-0800200c9a66}.dat
[2011/07/30 13:20:09 | 000,000,400 | ---- | C] () -- C:\windows\ODBC.INI
[2011/06/15 20:50:25 | 000,015,360 | ---- | C] () -- C:\Users\Anita\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/23 11:03:32 | 000,000,268 | RH-- | C] () -- C:\ProgramData\MIDI Configurations
[2011/03/23 11:03:32 | 000,000,268 | RH-- | C] () -- C:\Users\Anita\AppData\Roaming\Light Machine
[2011/03/23 11:03:32 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2011/03/23 11:02:23 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Logs
[2011/03/23 11:02:23 | 000,000,268 | RH-- | C] () -- C:\Users\Anita\AppData\Roaming\Libraries
[2011/03/23 11:02:23 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2011/02/17 20:58:57 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/31 12:55:42 | 001,529,464 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2010/12/05 06:23:50 | 000,014,051 | ---- | C] () -- C:\windows\SysWow64\RaCoInst.dat

========== LOP Check ==========

[2011/11/25 15:13:32 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Anarchy
[2011/10/27 08:47:54 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Babylon
[2011/02/07 20:35:28 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Canneverbe Limited
[2011/02/17 22:58:51 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Charles
[2011/09/21 21:16:11 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Cocoon Software
[2011/07/29 16:41:21 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\com.socialbox.socialbox
[2012/01/24 20:14:56 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\DAEMON Tools Pro
[2011/08/08 22:16:35 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\DVDVideoSoft
[2011/08/08 22:16:28 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/06/23 11:39:29 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Flock
[2011/07/24 13:15:53 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Friday's games
[2011/03/02 09:14:08 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\FVZilla
[2011/02/24 16:40:51 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Ge org Internet Manager
[2011/10/27 08:53:33 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\GetRightToGo
[2012/08/05 23:08:07 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\hellomoto
[2012/06/30 22:36:19 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\ICQ
[2011/01/31 14:25:32 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Local
[2011/11/27 19:42:45 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\MPEG Streamclip
[2012/06/10 20:46:42 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\mresreg
[2011/03/23 11:42:17 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Nikon
[2012/08/03 10:11:49 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\OpenCandy
[2011/02/19 13:08:24 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\OpenOffice.org
[2011/02/28 20:12:54 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Petrax Software
[2011/08/23 09:28:20 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Phantasmat_intenium_se
[2011/03/23 10:28:54 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Samsung
[2012/07/18 18:06:43 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\SoftGrid Client
[2012/08/03 14:05:20 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Spotify
[2011/10/27 08:48:01 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\SumatraPDF
[2012/01/25 18:11:55 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Tobit
[2011/01/31 12:59:48 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\TP
[2011/08/14 21:53:11 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\TS3Client
[2011/02/28 18:23:49 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\TubeBox
[2012/08/03 14:30:05 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\TuneUp Software
[2011/02/28 14:53:21 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Windows Live Writer
[2011/11/27 19:38:42 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\XMedia Recode
[2012/08/05 06:07:02 | 000,001,116 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1500055201-2305092131-526482335-1001Core.job
[2012/08/06 08:59:09 | 000,001,138 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1500055201-2305092131-526482335-1001UA.job
[2012/04/23 21:04:54 | 000,032,632 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:9AEE100C
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:94A19129

< End of report >

Alt 06.08.2012, 16:00   #2
t'john
/// Helfer-Team
 
der computer ist für die verletzung der gesetze blockiet worden! - Standard

der computer ist für die verletzung der gesetze blockiet worden!





Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:


Code:
ATTFilter
:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {3419A091-2E44-40B3-A50D-BEA235EBEE82} 
IE:64bit: - HKLM\..\SearchScopes\{3419A091-2E44-40B3-A50D-BEA235EBEE82}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 
IE - HKLM\..\URLSearchHook: - No CLSID value found 
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found 
IE - HKLM\..\SearchScopes,DefaultScope = {3419A091-2E44-40B3-A50D-BEA235EBEE82} 
IE - HKLM\..\SearchScopes\{3419A091-2E44-40B3-A50D-BEA235EBEE82}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox 
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found 
IE - HKU\.DEFAULT\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - No CLSID value found 
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0} 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found 
IE - HKU\S-1-5-18\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - No CLSID value found 
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0} 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss&affID=100474&mntrId=80478b3c000000000000e02a822525a0 
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\URLSearchHook: - No CLSID value found 
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found 
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} 
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100474&mntrId=80478b3c000000000000e02a822525a0 
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\SearchScopes\{3419A091-2E44-40B3-A50D-BEA235EBEE82}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox 
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd 
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local 
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" 
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=" 
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)" 
FF - prefs.js..browser.search.useDBForOrder: true 
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?babsrc=HP_Prot" 
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: "" 
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0 
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1" 
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false 
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: "" 
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0 
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: "" 
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0 
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 0 
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1" 
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888 
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: "" 
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false 
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: "" 
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0 
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1" 
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888 
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1 
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.7&q=" 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found 
FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Program Files (x86)\FunWebProducts\Installr\2.bin\NPFunWeb.dll File not found 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll File not found 
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found. 
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found. 
O3 - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. 
O3 - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found. 
O3 - HKU\S-1-5-21-1500055201-2305092131-526482335-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. 
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found 
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found 
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites) 
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites) 
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites) 
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites) 
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites) 
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites) 
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites) 
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites) 
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites) 
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites) 
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites) 
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites) 
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites) 
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites) 
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites) 
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites) 
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites) 
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites) 
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites) 
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites) 
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites) 
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites) 
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites) 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) 
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) 
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O32 - HKLM CDRom: AutoRun - 1 
O32 - AutoRun File - [2010/04/30 22:53:28 | 000,000,048 | R--- | M] () - J:\autorun.inf -- [ UDF ] 
O33 - MountPoints2\{6c5e4413-459a-11e0-890f-6431506c3935}\Shell - "" = AutoRun 
O33 - MountPoints2\{6c5e4413-459a-11e0-890f-6431506c3935}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a 
O33 - MountPoints2\{8a4f8e88-45a4-11e1-9a0c-e02a822525a0}\Shell - "" = AutoRun 
O33 - MountPoints2\{8a4f8e88-45a4-11e1-9a0c-e02a822525a0}\Shell\AutoRun\command - "" = D:\autorun.exe 

@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:9AEE100C 
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:94A19129 

[2011/10/27 08:47:54 | 000,000,000 | ---D | M] -- C:\Users\Anita\AppData\Roaming\Babylon 
[2012/08/05 23:07:59 | 000,000,000 | ---D | C] -- C:\Users\Anita\AppData\Roaming\hellomoto 
[2012/08/06 09:00:23 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job 
[2012/08/06 08:59:09 | 000,001,138 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1500055201-2305092131-526482335-1001UA.job 
[2012/08/06 08:13:32 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job 
[2012/08/06 08:06:49 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job 

[2012/08/05 06:07:02 | 000,001,116 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1500055201-2305092131-526482335-1001Core.job 

 
:Files

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
         
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
__________________

__________________

Alt 23.08.2012, 00:02   #3
t'john
/// Helfer-Team
 
der computer ist für die verletzung der gesetze blockiet worden! - Standard

der computer ist für die verletzung der gesetze blockiet worden!



Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.
__________________
__________________

Antwort

Themen zu der computer ist für die verletzung der gesetze blockiet worden!
7-zip, autorun, avira, bho, computer, dealply, der computer ist für die verletzung, der computer ist für die verletzung der gesetze blockiet worden, error, excel, fehler, flash player, format, google, google earth, home, install.exe, jdownloader, logfile, microsoft office starter 2010, mozilla, plug-in, realtek, registry, richtlinie, rundll, scan, search the web, security, server, software, svchost.exe, systemwiederherstellung gemacht, tcp, udp, usb, windows



Ähnliche Themen: der computer ist für die verletzung der gesetze blockiet worden!


  1. Polizei-Virus (Der Computer ist für die Verletzung der Gesetze der Rebublik Österreich blockiert worden)
    Log-Analyse und Auswertung - 16.12.2012 (12)
  2. der-computer-ist-fur-die-verletzung-der-gesetze-der-republik-osterreich-blockiert-worden???
    Plagegeister aller Art und deren Bekämpfung - 30.10.2012 (21)
  3. der-computer-ist-fur-die-verletzung-der-gesetze-der-republik-osterreich-blockiert-worden
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (5)
  4. BKA TROJANER: Der Computer ist für die Verletzung der Gesetze der Republik Österreich blockiert worden
    Plagegeister aller Art und deren Bekämpfung - 17.10.2012 (3)
  5. BKA TROJANER _ Der Computer ist für die Verletzung der Gesetze der Republik Österreich blockiert worden
    Log-Analyse und Auswertung - 26.09.2012 (2)
  6. Der Computer ist für die Verletzung der Gesetze der Republik Österreich gesperrt worden
    Log-Analyse und Auswertung - 20.09.2012 (6)
  7. Der Computer ist für die Verletzung der Gesetze der Republik Österreich blockiert worden
    Log-Analyse und Auswertung - 19.09.2012 (3)
  8. Der Computer ist für die Verletzung der Gesetze der Republik Österreich blockiert worden
    Log-Analyse und Auswertung - 15.09.2012 (20)
  9. Der Computer ist für die Verletzung der Gesetze der Republik Österreich blockiert worden
    Log-Analyse und Auswertung - 09.09.2012 (10)
  10. Der Computer ist für die Verletzung der Gesetze der Republik Österreich blockiert worden
    Plagegeister aller Art und deren Bekämpfung - 09.09.2012 (2)
  11. AW: Der Computer ist für die Verletzung der Gesetze der Republik Deutschland blockiert worden
    Plagegeister aller Art und deren Bekämpfung - 27.08.2012 (19)
  12. "Der Computer ist für die Verletzung der Gesetze der Republik Österreich blockiert worden".
    Plagegeister aller Art und deren Bekämpfung - 24.08.2012 (2)
  13. Der Computer ist für die Verletzung der Gesetze der Republik Österreich blockiert worden
    Plagegeister aller Art und deren Bekämpfung - 23.08.2012 (3)
  14. Der Computer ist für die Verletzung der Gesetze der Republik Österreich gesperrt worden.
    Log-Analyse und Auswertung - 14.08.2012 (11)
  15. Der Computer ist für die Verletzung der Gesetze der Republik Österreich gesperrt worden.
    Log-Analyse und Auswertung - 11.08.2012 (2)
  16. Trojaner "der computer ist für die verletzung der gesetze der republik österreich blockiert worden"
    Log-Analyse und Auswertung - 10.08.2012 (1)
  17. der computer ist für die verletzung der gesetze der republik österreich blockiert worden
    Plagegeister aller Art und deren Bekämpfung - 07.08.2012 (6)

Zum Thema der computer ist für die verletzung der gesetze blockiet worden! - Hallo, Also ich kenn mich nicht recht gut aus aber ich hab mal den otl scan gemacht und zwei txt. dateien bekommen: habe gestern den polizeivirus gehabt, und heute habe - der computer ist für die verletzung der gesetze blockiet worden!...
Archiv
Du betrachtest: der computer ist für die verletzung der gesetze blockiet worden! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.