| |
| |||||||
Log-Analyse und Auswertung: Onlinebanking Postbank durch Trojaner blockiertWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
22.05.2013, 21:39
| #1 |
 |  Onlinebanking Postbank durch Trojaner blockiert Ich komme nicht mehr ins Onlinebanking der Postbank. Immer wenn ich die Onlineseite starte und mich eingeloggt habe, verlangt das System die Eingabe einer Tan-Nummer. Diese bekomme ich dann auch umgehend auf mein Handy geschickt. Und zwar, um eine Überweisung bei der Western Union über 450 Euro auszuführen. Habe ich natürlich nicht gemacht. Nach Recherche im Internet weist die Postbank auf Trojaner hin, die bei Aktivierung des Postbankonlinebankings auf eine andere Seite lotsen, die haargenau so aussieht. Ich habe dann mehrere Antivirusprogramme laufen lassen und die Probleme, die die Programme anzeigten, entfernt. Der Rechner wurde dann zwar wieder schneller, das Postbankproblem bleibt aber. Dementsprechend muß der Trojaner noch vorhanden sein. Wie bekomme ich dieses Mistding wieder los? Hier mein OTL-Editor:OTL Logfile: Code:
ATTFilter OTL logfile created on: 22.05.2013 21:42:35 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Guido\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,99 Gb Total Physical Memory | 1,27 Gb Available Physical Memory | 42,35% Memory free 6,21 Gb Paging File | 4,29 Gb Available in Paging File | 69,03% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 455,99 Gb Total Space | 64,96 Gb Free Space | 14,25% Space Free | Partition Type: NTFS Computer Name: GUIDO-PC | User Name: Guido | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Guido\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.) PRC - C:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) PRC - C:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.) PRC - C:\Program Files\BlueStacks\HD-SharedFolder.exe (BlueStack Systems) PRC - C:\Program Files\BlueStacks\HD-BlockDevice.exe (BlueStack Systems) PRC - C:\Program Files\BlueStacks\HD-Network.exe (BlueStack Systems) PRC - C:\Program Files\Search Results Toolbar\Datamngr\datamngrUI.exe (Bandoo Media Inc) PRC - C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.) PRC - C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe (Nitro PDF Software) PRC - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe (Nitro PDF Software) PRC - C:\Users\Guido\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.) PRC - C:\Program Files\FS\Spyro Portal\FlashPortal.exe (FS) PRC - C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe (Freemake) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Canon\IJPLM\ijplmsvc.exe () PRC - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) PRC - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.) PRC - C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.) PRC - C:\Windows\PLFSetI.exe () PRC - C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe (Acer Incorporated) PRC - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated) PRC - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe (Acer Incorporated) PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.) PRC - C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) PRC - C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink) PRC - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) PRC - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () PRC - C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe () PRC - C:\Program Files\Lexmark X1100 Series\LXBKbmgr.exe (Lexmark International, Inc.) PRC - C:\Program Files\Lexmark X1100 Series\LXBKbmon.exe (Lexmark International, Inc.) PRC - C:\Windows\System32\lxbkcoms.exe ( ) PRC - C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\a1fe8589d1da1fca2fb44d351fe0598f\HD-Agent.ni.exe () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\88d16c876f27d3d2276494202c830597\JSON.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3da65115bf9debbf564861f6b123a2e4\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e9ea3e70247b4aa4a8b260426db3aa6b\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9b2eef59d0cfc5aff182d0951de5f040\Accessibility.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\Google\Google Desktop Search\gzlib.dll () MOD - C:\Windows\PLFSetI.exe () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3440.38412__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3440.38483__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3440.38394__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3440.38413__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3440.38464__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3440.38446__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3440.38408__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3440.38437__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3440.38403__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3440.38439__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3440.38414__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3440.38404__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3440.38459__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3440.38451__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3440.38414__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3440.38483__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3440.38451__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3440.38444__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3440.38438__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3440.38403__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3440.38450__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3440.38484__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3440.38482__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3440.38418__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3440.38443__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3440.38438__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3440.38433__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3440.38445__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3440.38418__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3400.34760__90ba9c70f846762e\CLI.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3400.34770__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3440.38437__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3400.34782__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3400.34781__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3400.34788__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3440.38438__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3400.34755__90ba9c70f846762e\LOG.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3440.38445__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3400.34756__90ba9c70f846762e\NEWAEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3400.34807__90ba9c70f846762e\CLI.Foundation.XManifest.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3400.34788__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3400.34779__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3400.34768__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3400.34781__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3400.34770__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3400.34764__90ba9c70f846762e\CLI.Component.Client.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3400.34778__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3400.34767__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3400.34762__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3400.34774__90ba9c70f846762e\MOM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3400.34789__90ba9c70f846762e\DEM.Graphics.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3400.34767__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3400.34779__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3400.34778__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3400.34777__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3400.34792__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3400.34791__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3400.34775__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3400.34791__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll () MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3440.38506__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3440.38472__90ba9c70f846762e\CLI.Component.Systemtray.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3440.38408__90ba9c70f846762e\CLI.Component.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3440.38478__90ba9c70f846762e\MOM.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3440.38476__90ba9c70f846762e\LOG.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3400.34783__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3440.38393__90ba9c70f846762e\CLI.Component.SkinFactory.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3440.38392__90ba9c70f846762e\CLI.Component.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3400.34781__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3400.34780__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3400.34776__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3440.38488__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3400.34762__90ba9c70f846762e\CLI.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3400.34782__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3400.34764__90ba9c70f846762e\LOG.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3400.34773__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3400.34778__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3400.34776__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3400.34776__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3400.34766__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3400.34775__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3400.34774__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3400.34775__90ba9c70f846762e\APM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3400.34767__90ba9c70f846762e\AEM.Server.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll () MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3440.38390__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3440.38399__90ba9c70f846762e\CLI.Component.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3440.38392__90ba9c70f846762e\APM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3440.38390__90ba9c70f846762e\AEM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3400.34772__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3400.34783__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3440.38478__90ba9c70f846762e\CCC.Implementation.dll () MOD - C:\Windows\System32\atitmmxx.dll () MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files\NewTech Infosystems\Acer Backup Manager\sqlite3.dll () MOD - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll () MOD - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll () MOD - C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe () MOD - C:\Program Files\Steganos Safe OEM\wxbase28uh_net_vc.dll () MOD - C:\Program Files\Steganos Safe OEM\wxmsw28uh_core_vc.dll () MOD - C:\Program Files\Steganos Safe OEM\wxbase28uh_vc.dll () MOD - C:\Program Files\Steganos Safe OEM\wxmsw28uh_adv_vc.dll () MOD - C:\Program Files\Steganos Safe OEM\wxmsw28uh_html_vc.dll () MOD - C:\Program Files\Steganos Safe OEM\ShellExtension.dll () MOD - C:\Program Files\Common Files\Ulead Systems\AutoDetector\DetMethod.dll () MOD - C:\Program Files\Launch Manager\PowerUtl.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (BstHdLogRotatorSvc) -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) SRV - (BstHdAndroidSvc) -- C:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.) SRV - (nlsX86cc) -- C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.) SRV - (NitroDriverReadSpool8) -- C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe (Nitro PDF Software) SRV - (NitroReaderDriverReadSpool3) -- C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe (Nitro PDF Software) SRV - (SpyroService) -- C:\Program Files\FS\Spyro Portal\FlashPortal.exe (FS) SRV - (FreemakeVideoCapture) -- C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe (Freemake) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe () SRV - (ePowerSvc) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe () SRV - (NTI IScheduleSvc) -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) SRV - (HsfXAudioService) -- C:\Windows\System32\XAudio32.dll (Conexant Systems, Inc.) SRV - (CLHNService) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () SRV - (lxbk_device) -- C:\Windows\System32\lxbkcoms.exe ( ) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (BstHdDrv) -- C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys (BlueStack Systems) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.) DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.) DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.) DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys () DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (s1029unic) -- C:\Windows\System32\drivers\s1029unic.sys (MCCI Corporation) DRV - (s1029mdm) -- C:\Windows\System32\drivers\s1029mdm.sys (MCCI Corporation) DRV - (s1029bus) -- C:\Windows\System32\drivers\s1029bus.sys (MCCI Corporation) DRV - (s1029mdfl) -- C:\Windows\System32\drivers\s1029mdfl.sys (MCCI Corporation) DRV - (s1029mgmt) -- C:\Windows\System32\drivers\s1029mgmt.sys (MCCI Corporation) DRV - (s1029obex) -- C:\Windows\System32\drivers\s1029obex.sys (MCCI Corporation) DRV - (s1029nd5) -- C:\Windows\System32\drivers\s1029nd5.sys (MCCI Corporation) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio32.sys (Conexant Systems, Inc.) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Incorporated.) DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.) DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.) DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.) DRV - (SLEE_16_DRIVER) -- C:\Windows\System32\drivers\sleen16.sys (Softwareentwicklung Remus - ArchiCrypt ) DRV - (k57nd60x) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation) DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (hcw95rc) -- C:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.) DRV - (hcw95bda) -- C:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.) DRV - (AF05BDA) -- C:\Windows\System32\drivers\AF05BDA.sys (AfaTech ) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_5738 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_5738 IE - HKLM\..\URLSearchHook: {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=811&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=1612065716524915&q={searchTerms} IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=341&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=9003017034694632&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_5738 IE - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data] IE - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.freenet.de/ IE - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\..\URLSearchHook: {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} IE - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de___DE346 IE - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7ACAW_de___DE346&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=811&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=1612065716524915&q={searchTerms} IE - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=341&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=9003017034694632&q={searchTerms} IE - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_38: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF) FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF.PrevVerNPR: C:\Program Files\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Guido\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmdownloader@gmail.com: C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ [2012.10.28 14:52:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ytfmdownloader@gmail.com: C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ [2012.10.28 14:52:08 | 000,000,000 | ---D | M] [2012.04.13 00:43:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions ========== Chrome ========== CHR - homepage: hxxp://search.bearshare.net CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://search.bearshare.net CHR - Extension: No name found = C:\Users\Guido\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\ CHR - Extension: No name found = C:\Users\Guido\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh\1.0.0_0\ CHR - Extension: No name found = C:\Users\Guido\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.4.5_0\ CHR - Extension: No name found = C:\Users\Guido\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.6.4_0\ CHR - Extension: No name found = C:\Users\Guido\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.6.4_0\funmoods\ O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (FileConverter 1.3 Toolbar) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media Inc) O2 - BHO: (DataMngr) - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media Inc) O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (FileConverter 1.3 Toolbar) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Search Results Toolbar\Datamngr\datamngrUI.exe (Bandoo Media Inc) O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.) O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [lxbkbmgr.exe] C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.) O4 - HKLM..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4 - HKLM..\Run: [SAFEOEM HotKeys] C:\Program Files\Steganos Safe OEM\SteganosHotKeyService.exe () O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000..\Run: [IExplorer Util] C:\Users\Guido\AppData\Roaming\ie_util.exe File not found O4 - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000..\Run: [Ogyxidi] C:\Users\Guido\AppData\Roaming\Hioxa\ymniz.exe (Sysinternals - www.sysinternals.com) O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 File not found O9 - Extra Button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Programs\PartyGaming\PartyGammon\RunBackGammon.exe File not found O9 - Extra 'Tools' menuitem : PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Programs\PartyGaming\PartyGammon\RunBackGammon.exe File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-2479292056-3449645492-3974709493-1000\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38) O16 - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab (Java Plug-in 1.6.0_38) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86BD7927-8685-4264-AEA4-A69B37407E66}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C50B5E64-FEB9-43A5-8D7F-A5168348F856}: DhcpNameServer = 192.168.2.1 O20 - AppInit_DLLs: (C:\PROGRA~2\Wincert\WIN32C~1.DLL) - C:\ProgramData\Wincert\win32cert.dll () O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~2\Datamngr\datamngr.dll) - C:\Program Files\Search Results Toolbar\Datamngr\datamngr.dll (Bandoo Media Inc) O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll) - C:\Program Files\Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media Inc) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img19.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img19.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{2008666a-9ed7-11de-8881-001f16b5c5b1}\Shell - "" = AutoRun O33 - MountPoints2\{2008666a-9ed7-11de-8881-001f16b5c5b1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{20f1377e-e760-11df-9ba2-001f16b5c5b1}\Shell - "" = AutoRun O33 - MountPoints2\{20f1377e-e760-11df-9ba2-001f16b5c5b1}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{3c4f97b7-195e-11e0-bd12-001f16b5c5b1}\Shell - "" = AutoRun O33 - MountPoints2\{3c4f97b7-195e-11e0-bd12-001f16b5c5b1}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{464d1fad-220f-11e0-ba4f-001f16b5c5b1}\Shell - "" = AutoRun O33 - MountPoints2\{464d1fad-220f-11e0-ba4f-001f16b5c5b1}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{464d1fae-220f-11e0-ba4f-001f16b5c5b1}\Shell - "" = AutoRun O33 - MountPoints2\{464d1fae-220f-11e0-ba4f-001f16b5c5b1}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{681d63cc-cc17-11e1-9504-001f16b5c5b1}\Shell - "" = AutoRun O33 - MountPoints2\{681d63cc-cc17-11e1-9504-001f16b5c5b1}\Shell\AutoRun\command - "" = E:\LGAutoRun.exe O33 - MountPoints2\{72fa5ee9-e04b-11df-b792-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{72fa5ee9-e04b-11df-b792-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{97626f6b-e2c7-11df-aa36-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{97626f6b-e2c7-11df-aa36-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{9c8276c6-aeca-11de-84ea-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{9c8276c6-aeca-11de-84ea-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{b9e5ca46-fbcd-11df-b074-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{b9e5ca46-fbcd-11df-b074-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{c896d5c9-9e97-11de-a00c-001f16b5c5b1}\Shell - "" = AutoRun O33 - MountPoints2\{c896d5c9-9e97-11de-a00c-001f16b5c5b1}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{c896d5ea-9e97-11de-a00c-001f16b5c5b1}\Shell - "" = AutoRun O33 - MountPoints2\{c896d5ea-9e97-11de-a00c-001f16b5c5b1}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{c896d626-9e97-11de-a00c-001f16b5c5b1}\Shell - "" = AutoRun O33 - MountPoints2\{c896d626-9e97-11de-a00c-001f16b5c5b1}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{c896d65c-9e97-11de-a00c-001f16b5c5b1}\Shell - "" = AutoRun O33 - MountPoints2\{c896d65c-9e97-11de-a00c-001f16b5c5b1}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{c896d65e-9e97-11de-a00c-001f16b5c5b1}\Shell - "" = AutoRun O33 - MountPoints2\{c896d65e-9e97-11de-a00c-001f16b5c5b1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{ea077e4d-020e-11e0-bdb3-028037ec0200}\Shell - "" = AutoRun O33 - MountPoints2\{ea077e4d-020e-11e0-bdb3-028037ec0200}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{ea077e4f-020e-11e0-bdb3-028037ec0200}\Shell - "" = AutoRun O33 - MountPoints2\{ea077e4f-020e-11e0-bdb3-028037ec0200}\Shell\AutoRun\command - "" = E:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.05.22 21:06:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Guido\Desktop\OTL.exe [2013.05.20 15:46:49 | 000,000,000 | ---D | C] -- C:\Users\Guido\untere Wohnung [2013.05.17 16:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks [2013.05.17 16:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\BlueStacks [2013.05.17 16:48:44 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup [2013.05.17 16:48:43 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks [2013.05.14 17:35:21 | 000,000,000 | ---D | C] -- C:\Users\Guido\AppData\Roaming\Ivly [2013.05.14 17:35:21 | 000,000,000 | ---D | C] -- C:\Users\Guido\AppData\Roaming\Ilvy [2013.05.14 17:35:21 | 000,000,000 | ---D | C] -- C:\Users\Guido\AppData\Roaming\Hioxa [2013.05.09 14:09:36 | 000,000,000 | ---D | C] -- C:\Users\Guido\AppData\Local\libimobiledevice [2013.04.29 21:13:08 | 000,000,000 | ---D | C] -- C:\Users\Guido\Onkel Dieter 3 [2013.04.29 21:09:14 | 000,000,000 | ---D | C] -- C:\Users\Guido\Onkel Dieter 2 [2013.04.29 21:02:56 | 000,000,000 | ---D | C] -- C:\Users\Guido\Onkel Dieter 1 [2011.04.17 20:05:38 | 000,695,296 | R--- | C] (AnjoCaido) -- C:\Users\Guido\Minecraft.exe [2007.08.13 18:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\Guido\AppData\Local\CDRip.dll [2007.01.18 22:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\Guido\AppData\Local\No23 Recorder.exe [2006.12.11 20:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\Guido\AppData\Local\basscd.dll [2006.12.11 20:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\Guido\AppData\Local\bass.dll ========== Files - Modified Within 30 Days ========== [2013.05.22 21:40:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.22 21:25:18 | 000,002,591 | ---- | M] () -- C:\Users\Guido\Desktop\Microsoft Office Word 2007.lnk [2013.05.22 21:06:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Guido\Desktop\OTL.exe [2013.05.22 21:01:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.22 20:58:32 | 000,628,992 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.05.22 20:58:32 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.05.22 20:58:32 | 000,126,704 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.05.22 20:58:32 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.05.22 20:54:35 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.22 20:51:12 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.22 20:51:11 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.22 20:51:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.22 20:47:38 | 000,001,935 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.05.21 16:33:40 | 000,002,633 | ---- | M] () -- C:\Users\Guido\Desktop\Microsoft Office PowerPoint 2007.lnk [2013.05.18 12:40:52 | 000,007,160 | ---- | M] () -- C:\Users\Guido\AppData\Local\d3d9caps.dat [2013.05.17 16:49:38 | 000,001,640 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk [2013.05.16 03:32:23 | 000,406,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.05.12 23:02:07 | 000,003,072 | ---- | M] () -- C:\Users\Guido\AppData\Roaming\fotobook Designer Prefsv3 [2013.05.10 22:27:18 | 000,145,920 | ---- | M] () -- C:\Users\Guido\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.05.09 19:19:22 | 000,002,593 | ---- | M] () -- C:\Users\Guido\Desktop\Microsoft Office Excel 2007.lnk [2013.05.01 09:02:45 | 000,002,722 | ---- | M] () -- C:\Users\Guido\AppData\Local\recently-used.xbel ========== Files Created - No Company Name ========== [2013.05.17 16:49:38 | 000,001,640 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk [2013.05.01 09:02:45 | 000,002,722 | ---- | C] () -- C:\Users\Guido\AppData\Local\recently-used.xbel [2013.04.17 21:39:06 | 000,003,072 | ---- | C] () -- C:\Users\Guido\AppData\Roaming\fotobook Designer Prefsv3 [2012.11.01 13:00:37 | 000,412,640 | ---- | C] () -- C:\Users\Guido\Unbenannt.xcf [2012.03.11 18:29:16 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll [2011.12.01 10:00:17 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe [2010.11.18 22:47:54 | 000,000,930 | ---- | C] () -- C:\ProgramData\AF9005 BDA Tuner Filter.DTV [2010.09.18 11:53:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.03.05 03:05:06 | 000,001,463 | ---- | C] () -- C:\Users\Guido\AppData\Local\RecConfig.xml [2009.10.02 23:40:52 | 000,007,160 | ---- | C] () -- C:\Users\Guido\AppData\Local\d3d9caps.dat [2009.09.10 18:27:24 | 000,145,920 | ---- | C] () -- C:\Users\Guido\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.08.13 18:46:00 | 000,155,136 | ---- | C] () -- C:\Users\Guido\AppData\Local\lame_enc.dll [2006.10.26 02:06:48 | 000,064,000 | ---- | C] () -- C:\Users\Guido\AppData\Local\vorbisenc.dll [2006.10.26 02:06:48 | 000,019,456 | ---- | C] () -- C:\Users\Guido\AppData\Local\vorbisfile.dll [2006.10.26 02:06:46 | 000,143,872 | ---- | C] () -- C:\Users\Guido\AppData\Local\vorbis.dll [2006.10.26 02:06:36 | 000,015,872 | ---- | C] () -- C:\Users\Guido\AppData\Local\ogg.dll [2005.08.23 23:34:06 | 000,029,184 | ---- | C] () -- C:\Users\Guido\AppData\Local\no23xwrapper.dll ========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2010.11.23 18:49:09 | 000,000,000 | -HSD | M] -- C:\Users\Guido\AppData\Roaming\.# [2013.05.21 09:51:09 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\.minecraft [2009.07.26 17:29:35 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Acer GameZone Console [2013.03.03 12:34:30 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Audacity [2013.03.09 16:47:34 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\BOM [2012.06.09 14:20:53 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Canneverbe Limited [2012.07.24 17:40:42 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Canon [2013.03.21 22:10:43 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\cef-cache [2012.12.28 22:11:06 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Downloaded Installations [2012.11.29 21:01:04 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\DVDVideoSoft [2012.07.10 12:42:06 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\elsterformular [2009.11.02 16:17:09 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\eSobi [2012.12.28 21:36:21 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\FileOpen [2013.04.17 21:37:47 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\fotobook Designer [2010.11.16 18:34:53 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\GetRightToGo [2013.05.14 17:35:21 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Hioxa [2013.05.14 17:35:21 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Ilvy [2013.05.21 16:31:09 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Ivly [2013.03.17 10:14:25 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\MusicNet [2013.01.04 19:13:59 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\MyPhoneExplorer [2013.02.04 16:00:41 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Nitro [2013.04.14 16:09:22 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Nitro PDF [2012.11.29 21:00:57 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\OpenCandy [2013.01.06 17:06:46 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\pacman3d [2012.09.26 15:37:40 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Party [2013.01.06 17:11:07 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\pax_full.exe [2012.12.29 16:36:22 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\pdfforge [2010.03.10 10:48:49 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\PowerCinema [2010.03.10 10:48:56 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\SoftDMA [2012.12.29 16:53:39 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Steganos [2012.10.28 14:52:18 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\TuneUp Software [2009.10.04 14:12:04 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Ulead Systems [2012.07.03 20:01:16 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Unity [2013.03.23 23:34:45 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\UseNeXT [2013.01.06 17:54:22 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Wildlife Park 2 [2013.01.06 17:56:35 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Wildlife Park 2 - Abenteuer auf der Ranch [2012.06.05 22:36:40 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\Windows Live Writer [2012.07.08 13:08:11 | 000,000,000 | ---D | M] -- C:\Users\Guido\AppData\Roaming\WordToPDF [2012.09.21 18:46:52 | 000,000,000 | ---D | M] -- C:\Users\Sicherheit\AppData\Roaming\PowerCinema ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:798A3728 @Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:CE0A077E < End of report > und der Extras-Editor:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 22.05.2013 21:42:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Guido\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,27 Gb Available Physical Memory | 42,35% Memory free
6,21 Gb Paging File | 4,29 Gb Available in Paging File | 69,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 64,96 Gb Free Space | 14,25% Space Free | Partition Type: NTFS
Computer Name: GUIDO-PC | User Name: Guido | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2479292056-3449645492-3974709493-1000\SOFTWARE\Classes\<extension>]
.html [@ = TorchHTML.WNQRDRLHKAYAJCSGB2H6BDIYMY] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{22444459-4761-48BA-9F45-72CE345E7145}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{299645F0-2C24-433F-A9AB-1F055ED717A9}" = rport=138 | protocol=17 | dir=out | app=system |
"{3EB4D2A5-D551-4B0C-AEB5-1B1AFA2EE6EA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{4597D81B-E5DA-4DB3-A631-9504447402CF}" = lport=138 | protocol=17 | dir=in | app=system |
"{46A49843-EFD4-40C4-9812-C53BE4BE8C63}" = rport=137 | protocol=17 | dir=out | app=system |
"{48AA549E-6CB0-4437-8710-4CD34C97179D}" = rport=139 | protocol=6 | dir=out | app=system |
"{611E7233-5E8E-4843-962C-88553C598FE7}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{64D2B997-7C5A-4BBE-8EA8-B8A5B455C4F0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{697F4D32-0BA2-42B2-8463-5547AD1FE41E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{76555E63-CBD8-4C74-B5E1-B7E3320BFF7C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{78DF719F-29FF-4115-AAEF-C2F2527FE1BC}" = lport=139 | protocol=6 | dir=in | app=system |
"{7F086BA4-E5EE-4191-BF94-0F6A6CC71746}" = rport=445 | protocol=6 | dir=out | app=system |
"{83F672E8-4266-42CB-83C2-3BE20A9E52BA}" = lport=137 | protocol=17 | dir=in | app=system |
"{8EABF21C-7A43-4700-AF27-FBC7FEFD0FC5}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{99C2450F-E428-40FE-9DEC-9DC3729ED491}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{A18F001B-CD46-45CB-B8A2-5E8BD48CAFFC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A5076E40-C470-4A04-829B-D3F877330A3B}" = lport=445 | protocol=6 | dir=in | app=system |
"{AA0B5545-2E9D-4B59-85A4-21B68A0FA270}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6D4711C-47CC-468A-9941-9BDF3BCD1543}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C06E7E2D-2EBC-4995-870F-720061610CA3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EB066731-22CC-4520-803F-A34E50F4130C}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B8DF27F-B59B-478C-A9C2-774AE31F5427}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0D505F0F-38D8-44DE-BDF6-638A98531CFA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{244296A5-6088-4A4E-8A24-715467AFA15D}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{382DF885-C275-4018-A0DF-F5FC0B388BF6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3B36DB5A-3407-4D96-A4BF-24F6B30F3CA3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3C646190-E672-44DB-8BEE-5C881361777C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3FCF5EA5-376D-4B33-8859-8D913A9AD1E2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4402DD63-92A1-4298-B39C-DF3856A5C25E}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{44416420-7649-4DE0-9A31-62F42ACA0AC5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{52EEA51E-D15A-4B10-A45D-A4AF2AF29ED6}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{55A2FE4C-D4D1-48E4-A9B0-4DCF48B64850}" = protocol=17 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{565654F8-F40D-4390-93C6-8058E1ACD914}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{590C0619-0518-4595-8DDF-19EF077A6A17}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{59D7ECC3-1D25-4D86-A5C5-E7571576410B}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{61F64626-C418-4AB6-A7DB-0F2C3C103EBF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6C675CFB-6DD6-4134-8D74-E67B719EABF2}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{6E3A109D-AC1A-485F-800A-32582D09EFA8}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{763F5E67-36E2-44FA-B037-B18A2F7547F6}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{8D514C19-9B7F-4B3D-9039-760270250D49}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{9B072503-62C0-48BF-A00E-98C6751360DF}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{9C4D2F0C-797F-46A1-A1F1-7D87EE39DE26}" = protocol=17 | dir=in | app=c:\windows\system32\lxbkcoms.exe |
"{9C98D24F-A8BB-4410-BD88-168F94E203EB}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{A5991681-B1B2-484B-94C6-CF8D4AA2DBA0}" = protocol=6 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{AE4AF426-0752-41FE-A533-F7886DE302D8}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{AED7C14A-F90F-4AA5-895C-E9FFFDA5627C}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe |
"{B5489057-C9CB-4FA6-B0ED-57FC30B36094}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{BEA626B6-140C-4DC4-AD06-572D004D03BF}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{C1583E57-A6C9-4C67-A4FA-DC560AD7990F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{C923D616-4F6C-4E32-9407-DFF63303A6ED}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CB0091D1-6AC5-413D-BA3E-AC7BF7AE9354}" = protocol=6 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{DBD1E3BD-E754-4828-8A87-9B2684D9A564}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe |
"{DED89334-4FF3-4E05-9CEE-315919EA2D54}" = protocol=17 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{E3EF5A5E-02D4-45C1-AC89-9A1AFC3752FA}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{F753AA40-166D-42B9-8DF7-09C273AEE09D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FD3C145F-CD52-4858-AC78-45C70D193D33}" = dir=in | app=c:\users\guido\appdata\local\torch\plugins\torrent\torchtorrent.exe |
"{FF052B33-F7F0-49EA-8579-A0B8EFFFBBA2}" = protocol=6 | dir=in | app=c:\windows\system32\lxbkcoms.exe |
"{FFA19EB9-F028-4C19-A3CE-F454AC42AE22}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"TCP Query User{82EAE218-DBF8-4A96-A6D6-C08533C30A40}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{8A6B9D98-267F-4DC5-8E0E-C7CCC74C4167}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"TCP Query User{8FAE25AF-2A6D-42AE-860C-3C30D6444836}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{B8933E21-4ABF-4FAA-AA43-C9D4F3A50A75}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{BC4CFE83-9EB8-48C7-ABC9-AEF7407C6E89}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{C9BCD880-82B2-4579-9FFD-62211F6FB8D2}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{300DF0A7-04B1-499A-9AD7-B084E5329931}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{599DA7E1-09FA-4D9F-A767-CD7523FE3E06}C:\program files\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"UDP Query User{5A10A075-564D-4EAC-976A-231F28A32D50}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{62CD9362-16F8-4042-87F0-ABF0C2481349}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{A96CA291-28BD-4EB4-9DA6-5FA950E1EDB7}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{DDA31DA7-2282-4C3F-B0C3-75B49D61730B}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033F0CE1-B6FC-EC7A-7914-81F14C8DBA0F}" = Catalyst Control Center Core Implementation
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05B95480-732A-1081-8A94-D924326AF36F}" = CCC Help English
"{0945589B-6CC4-FA00-3CBE-BD6028B26063}" = CCC Help Turkish
"{0EAE6EF9-010E-0734-D0A0-2BB8040F90EA}" = CCC Help French
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{133C8002-B64F-C9E7-7DAC-21BAE58DC041}" = CCC Help Russian
"{150715F0-2800-A3C5-836E-F4F98AE3A775}" = ccc-core-static
"{1B6C0E95-182C-48E0-9C4B-4F916308249C}" = iTunes
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22EFABF6-7373-7755-4EA4-5240E7CCEEF7}" = Catalyst Control Center Graphics Previews Vista
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 38
"{270629EB-D776-04FC-0631-256177B7A021}" = CCC Help Swedish
"{29D2987A-9FBC-1BD3-E463-12D50D94DBFC}" = Catalyst Control Center Graphics Full New
"{2AB22900-5718-4617-523B-9DFDECB4749D}" = CCC Help Italian
"{32167B80-C0C6-4AB8-A5A6-3177FC8F069A}" = Nitro Pro 8
"{3956AEA0-9299-CA45-5BF1-5A721F8E3A21}" = CCC Help Chinese Traditional
"{3C152296-D7E4-59F4-B07E-43587CE985FE}" = CCC Help Norwegian
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{502D4628-92AD-416A-0580-00D64320DBB7}" = ATI Catalyst Install Manager
"{51B83F5C-5660-4B73-AB18-C68993FEDEB3}" = Catalyst Control Center - Branding
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{53480870-02D8-48FB-BC27-72C956885168}" = O&O MediaRecovery
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5F624839-947D-46EA-BD63-FD847C1AC6F1}" = BearShare
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{63104E84-532C-4011-A4F4-AD6EDF8CC214}" = SpyroDriver
"{66CB1DC8-FBA1-7436-08F3-061F7CB72C80}" = Skins
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6C497312-7C1E-BB3C-D143-B8FD0C894CF1}" = CCC Help Polish
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A92A322-1A10-4153-B551-D547AA9B4649}" = Die Legende von Kongo King
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{88137A28-4E5B-4E56-B90C-E8AE768305A2}" = Rabbids Go Home - DVD
"{88FC0C01-E4AA-3C3E-4612-3F11E69EF188}" = CCC Help German
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98E3A37D-D424-C725-E06A-71C1151F682A}" = CCC Help Finnish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4F72EE-8378-49BD-8C10-301E25907B5B}" = Steganos Safe OEM
"{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller
"{A141F87A-A73B-368D-AB65-A997B3D1D2C4}" = CCC Help Spanish
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4B004B0-B6D3-4BA8-B012-3F79A931CF9E}" = BlueStacks Notification Center
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD2CA33-F716-4D1B-31F9-B52A847C4AF1}" = CCC Help Hungarian
"{AB104276-19BC-D12E-90EE-D358003A4EAF}" = CCC Help Greek
"{ABBD20D8-60E7-885B-734A-DE745BFDF43B}" = CCC Help Czech
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{AEE701D3-6AF7-A8D5-145E-D0C01D528FAD}" = ccc-utility
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B5080F69-EE95-49DC-F8A1-B7CBB2B5028D}" = CCC Help Korean
"{B5BCBD49-202F-4238-8398-D83D423A48B4}" = Windows Live Anmelde-Assistent
"{B6CB5308-3B67-9861-97F5-0EB31CE21E63}" = CCC Help Chinese Standard
"{B7020783-0AB1-8D67-E850-673BD0C61E7F}" = CCC Help Thai
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B81EB1DB-8F56-4852-BCEB-B598DF3F63E6}_is1" = Mustrum 2.1.2
"{B8C72ECE-87C6-4676-B949-519C1954F9F2}" = SpyroPortalDriver
"{BF34527D-7B27-43AD-9994-7B3ABCEF3625}" = Phoenix Backup Professional
"{C649ED6C-2D44-40BA-AE75-0AADD5E411E5}" = Wildlife Park 2 Horses
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0354121-07AF-DE06-1D0F-7490EFE2F67A}" = Catalyst Control Center Graphics Full Existing
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.74.216
"{DA163DB8-C795-9EF2-7CF2-8B570BA9E39E}" = CCC Help Portuguese
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E36BE564-B727-A80D-E9F0-7FFEB69120E5}" = CCC Help Dutch
"{E5A56A6C-7656-969C-457A-E7600A6F169B}" = Catalyst Control Center Graphics Light
"{E5D9A29A-8903-968F-6394-CB8CC151084C}" = Catalyst Control Center Localization All
"{EE03DA2C-2154-7298-4461-F76C615932A9}" = CCC Help Japanese
"{EE9DEA81-3B77-7135-0E5B-B8C3092FE88A}" = CCC Help Danish
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8A3F881-2154-4456-A767-2D638454BCED}" = Nitro Reader 3
"3D Pickman" = 3D Pickman
"Acer Screensaver" = Acer ScreenSaver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Audacity_is1" = Audacity 2.0.2
"Avira AntiVir Desktop" = Avira Free Antivirus
"BearShare" = BearShare
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"BlueStacks App Player" = BlueStacks App Player
"Canon MG5200 series Benutzerregistrierung" = Canon MG5200 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"E.M. Free Photo Collage 1.30_is1" = E.M. Free Photo Collage 1.30
"E.M. Multilayer Image Processing SDK 1.30_is1" = E.M. Multilayer Image Processing SDK 1.30
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileConverter_1.3 Toolbar" = FileConverter 1.3 Toolbar
"Free Audio CD to MP3 Converter_is1" = Free Audio CD to MP3 Converter version 1.3.12.1228
"Free Audio Converter_is1" = Free Audio Converter version 5.0.20.1031
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Freemake Video Downloader_is1" = Freemake Video Downloader
"GIMP-2_is1" = GIMP 2.8.0
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"iLivid" = iLivid
"ilividtoolbargaw" = Search-Results Toolbar
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"Kate's Video Cutter_is1" = Kate's Video Cutter 2.8.4
"Lexmark X1100 Series" = Lexmark X1100 Series
"LG Internet Kit" = LG Internet Kit
"LManager" = Launch Manager
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Midifile Optimizer 7 DEMO_is1" = Midifile Optimizer 7 - Version 7.4.1.9296
"Mobile Partner" = Mobile Partner
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MPE" = MyPhoneExplorer
"PartyGammon" = PartyGammon
"Recuva" = Recuva
"Searchqu Toolbar" = Searchqu Toolbar
"Sweet Home 3D_is1" = Sweet Home 3D version 3.6
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"UseNeXT by Tangysoft_is1" = UseNeXT by Tangysoft
"VLC media player" = VLC media player 1.1.5
"VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German)
"VueScan" = VueScan
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"YTdetect" = Yahoo! Detect
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2479292056-3449645492-3974709493-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"fotobook Designer" = fotobook Designer
"Torch" = Torch
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.02.2013 06:42:28 | Computer Name = Guido-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4067929
Error - 09.02.2013 06:42:28 | Computer Name = Guido-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4067929
Error - 09.02.2013 06:42:30 | Computer Name = Guido-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 09.02.2013 06:42:30 | Computer Name = Guido-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4069691
Error - 09.02.2013 06:42:30 | Computer Name = Guido-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4069691
Error - 09.02.2013 06:42:31 | Computer Name = Guido-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 09.02.2013 06:42:31 | Computer Name = Guido-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4070783
Error - 09.02.2013 06:42:31 | Computer Name = Guido-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4070783
Error - 09.02.2013 06:42:32 | Computer Name = Guido-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 09.02.2013 06:42:32 | Computer Name = Guido-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4071875
Error - 09.02.2013 06:42:32 | Computer Name = Guido-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4071875
[ OSession Events ]
Error - 05.11.2012 11:50:37 | Computer Name = Guido-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6215.1000. This session
lasted 194142 seconds with 2520 seconds of active time. This session ended with
a crash.
Error - 28.11.2012 14:01:02 | Computer Name = Guido-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6215.1000. This session
lasted 2051 seconds with 780 seconds of active time. This session ended with a
crash.
[ System Events ]
Error - 21.05.2013 11:04:32 | Computer Name = Guido-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.05.2013 16:48:36 | Computer Name = Guido-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.05.2013 17:00:25 | Computer Name = Guido-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 22.05.2013 13:08:25 | Computer Name = Guido-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.05.2013 13:09:08 | Computer Name = Guido-PC | Source = DCOM | ID = 10005
Description =
Error - 22.05.2013 13:09:08 | Computer Name = Guido-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 22.05.2013 13:09:08 | Computer Name = Guido-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.05.2013 14:45:12 | Computer Name = Guido-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 22.05.2013 14:47:30 | Computer Name = Guido-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 22.05.2013 14:52:43 | Computer Name = Guido-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Gmer funktioniert nicht bis zum Ende und wird aufgrund eines Problems geschlossen. Wer kann mir helfen?  Mist, falsches Thema erwischt. Diese Hilfe suche sollte iegentlich in 'Plagegeister aller Art und deren Bekämpfung' landen. Wie kann ich den o.a. Beitrag dahin verschieben? Besten Dank an alle im Voraus Mist, falsches Thema erwischt. Diese Hilfe suche sollte iegentlich in 'Plagegeister aller Art und deren Bekämpfung' landen. Wie kann ich den o.a. Beitrag dahin verschieben? Besten Dank an alle im Voraus |
| Themen zu Onlinebanking Postbank durch Trojaner blockiert |
| avira, bandoo, bho, blockiert, bluestacks, bonjour, branding, browser, canon, ebanking, error, euro, excel, firefox, flash player, google, helper, home, iexplore.exe, install.exe, intranet, launch, logfile, monitor.exe, mp3, plagegeister aller art und deren bekämpfung, plug-in, realtek, recuva, registry, scan, search results toolbar, security, software, svchost.exe, system, trojaner, vista |
Baum-Darstellung