Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Vista: Nach Entfernung des Trojaners Windows Recovery leerer Desktop

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.06.2011, 14:51   #1
JenJen2485
 
Vista: Nach Entfernung des Trojaners Windows Recovery leerer Desktop - Standard

Vista: Nach Entfernung des Trojaners Windows Recovery leerer Desktop



Hallo!
Ich bin ganz neu in diesem Forum, was mir schon vor meiner Registration super geholfen hat. Dafür schonmal ein riesiges Dankeschön
So konnte ich nämlich heute morgen diesen dämlichen Trojaner "Windows Recovery" von Labtop meines Bruders entfernen. Habe jetzt nur noch folgende Probleme: der Desktop ist schwarz, Dateien werden nur nach Suche angezeigt, Symbole erscheinen durchsichtig. Da ein ähnliches Thema hier schon gepostet worden ist, bin ich deshalb jetzt soweit, dass ich OTL (deutsche Version) runterladen konnte und jetzt zwei logfiles davon habe. Ab jetzt bin im mit meinem Latein am Ende Ich weiß ja noch nicht mal, was ich da getan habe.
Ich entschuldige mich schon vorher, wenn dies alles ein bischen unbeholfen klingt, aber ich habe von dieser Thematik null Ahnung.
Bitte helft einem PC-Loser wie mir.
Danke!

Hier die zwei logfiles

1. Extras.Txt-EditorOTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 10.06.2011 18:24:00 - Run 4
OTL by OldTimer - Version 3.2.23.0     Folder = c:\Users\Daniel\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 61,62% Memory free
6,19 Gb Paging File | 5,07 Gb Available in Paging File | 81,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 65,23 Gb Free Space | 43,76% Space Free | Partition Type: NTFS
Drive D: | 139,28 Gb Total Space | 139,23 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
 
Computer Name: BIGBOSS | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01D00DBA-3C83-485D-9517-DBEBE9F623A6}" = lport=6998 | protocol=6 | dir=in | name=6998 | 
"{05D1D336-9F27-49AC-9991-D7E0A81A0DC4}" = lport=6964 | protocol=6 | dir=in | name=6964 | 
"{07607321-0BFD-4705-89BC-789C1A094EEC}" = lport=6904 | protocol=6 | dir=in | name=6904 | 
"{0867C216-8767-47A5-A57C-7F532289C30E}" = lport=6917 | protocol=6 | dir=in | name=6917 | 
"{08E56B6A-CE15-4407-B975-ACB87A0CE104}" = lport=6977 | protocol=6 | dir=in | name=6977 | 
"{0B27A3D3-AA74-4E3A-9F66-901EA22780AC}" = lport=6995 | protocol=6 | dir=in | name=6995 | 
"{0BE85E33-7AEF-46EB-B15C-98CC14E14670}" = lport=6975 | protocol=6 | dir=in | name=6975 | 
"{0C7DA759-1FE3-473B-AD0B-685BDC7139A2}" = lport=6997 | protocol=6 | dir=in | name=6997 | 
"{0FA1BA80-5014-4870-8508-B9F05CEBA9E9}" = lport=6963 | protocol=6 | dir=in | name=6963 | 
"{14A3D396-15A8-497E-8489-4FF59CD63396}" = lport=6979 | protocol=6 | dir=in | name=6979 | 
"{16ADD2A1-F6DA-4EF2-8C69-ADA93C1834DB}" = lport=6916 | protocol=6 | dir=in | name=6916 | 
"{16D6E603-4108-482A-BCA5-314AE61AD90A}" = lport=6959 | protocol=6 | dir=in | name=6959 | 
"{18625126-CAD5-4DEC-AB3F-910239B77F48}" = lport=6941 | protocol=6 | dir=in | name=6941 | 
"{19353689-AD20-4C2A-9410-6B752A7A17F3}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{1AD6F884-DFEC-4510-8CA3-B0AB3AE73B8F}" = lport=6957 | protocol=6 | dir=in | name=6957 | 
"{1D5B557C-4726-4C4E-A438-2AB1B8EEBD51}" = lport=6934 | protocol=6 | dir=in | name=6934 | 
"{1E0C74C3-992B-4DAA-8EAD-E82401393AAB}" = lport=6933 | protocol=6 | dir=in | name=6933 | 
"{1E99071A-C7F6-4F82-B7D1-B92FABE21240}" = lport=6949 | protocol=6 | dir=in | name=6949 | 
"{1F86F617-E81A-47C1-975F-EC2C7C54F7D9}" = lport=6955 | protocol=6 | dir=in | name=6955 | 
"{1FC38FD8-BF85-4A44-8954-59D7F86BB663}" = lport=6962 | protocol=6 | dir=in | name=6962 | 
"{220D7BB7-2BF8-487F-BCFA-9922113AACEE}" = lport=6889 | protocol=6 | dir=in | name=6889 | 
"{225FD921-8160-4E5A-9A99-C4CF5EAEDB66}" = lport=6965 | protocol=6 | dir=in | name=6965 | 
"{2318BDA1-B8FD-4326-B88E-DBDBB6F514AF}" = lport=6958 | protocol=6 | dir=in | name=6958 | 
"{2462FC77-4492-4AC8-9863-511B530733D7}" = lport=6883 | protocol=6 | dir=in | name=6883 | 
"{27F01A59-CA19-4402-B884-54B244E0B907}" = lport=6948 | protocol=6 | dir=in | name=6948 | 
"{2A322CC6-E82A-4127-B261-9711E2CC899F}" = lport=6938 | protocol=6 | dir=in | name=6938 | 
"{2D55325A-123A-4D94-A9DA-C9C1C9E8297A}" = lport=6915 | protocol=6 | dir=in | name=6915 | 
"{2D8BDE3D-E136-4AC0-B521-23CF7428155A}" = lport=6907 | protocol=6 | dir=in | name=6907 | 
"{31EF5D44-2379-4E9A-9595-B79B6759BDC6}" = lport=6967 | protocol=6 | dir=in | name=6967 | 
"{32859E4D-E259-477C-8EC9-C1CD37373625}" = lport=6966 | protocol=6 | dir=in | name=6966 | 
"{34DBF6EB-3C70-4B08-AC74-605B4CAFD2BE}" = lport=6951 | protocol=6 | dir=in | name=6951 | 
"{352D8BCB-E1F7-4BBF-82D1-22E42BAF564C}" = lport=6976 | protocol=6 | dir=in | name=6976 | 
"{35906158-0799-4C38-8B6E-499E369A3558}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | 
"{3612A1D4-5FC0-4702-8C21-D8A5ECE6F8BD}" = lport=6921 | protocol=6 | dir=in | name=6921 | 
"{36DBDBD9-FBCB-4C4D-89B7-27C85BEDD3D4}" = lport=6885 | protocol=6 | dir=in | name=6885 | 
"{3A53AF0F-C74F-44C2-998E-364B64549BDA}" = lport=6988 | protocol=6 | dir=in | name=6988 | 
"{3B125FAF-4D9F-43FA-8243-DF513192EA08}" = lport=6972 | protocol=6 | dir=in | name=6972 | 
"{3C1EC9DE-2224-41C0-8D89-92AA9D283149}" = lport=6893 | protocol=6 | dir=in | name=6893 | 
"{423A6CB4-8C42-45E2-A16B-940C8E114F60}" = lport=6891 | protocol=6 | dir=in | name=6891 | 
"{432ABC77-592B-444D-84E9-5E0992C5BC6F}" = lport=6956 | protocol=6 | dir=in | name=6956 | 
"{45727B9F-F758-4E19-8EBE-D833DCE6C1C1}" = lport=6928 | protocol=6 | dir=in | name=6928 | 
"{45A37DE6-BA11-43EF-8688-861C4E5EF8CA}" = lport=6919 | protocol=6 | dir=in | name=6919 | 
"{4794F88C-3D8E-4906-ABB4-E643E6E020FD}" = lport=6947 | protocol=6 | dir=in | name=6947 | 
"{48D9E9F0-3035-4433-9507-93DA61BEE755}" = lport=6903 | protocol=6 | dir=in | name=6903 | 
"{4EFE7D71-D155-4E84-99D1-80572FFD091C}" = lport=6886 | protocol=6 | dir=in | name=6886 | 
"{521860F1-6C8C-4221-9F88-E6C35389E4C9}" = lport=6906 | protocol=6 | dir=in | name=6906 | 
"{52DB3CB6-6C62-4864-B352-4A18630F52C4}" = lport=6884 | protocol=6 | dir=in | name=6884 | 
"{533F1897-473B-4819-942F-D46A749953EF}" = lport=6902 | protocol=6 | dir=in | name=6902 | 
"{535F9706-0A47-41D7-B423-45F233FC5AC5}" = lport=6984 | protocol=6 | dir=in | name=6984 | 
"{541C7412-4404-4FCC-97DD-2E5F190685D6}" = lport=6989 | protocol=6 | dir=in | name=6989 | 
"{54768992-73A7-43E3-935A-8597E221A531}" = lport=6930 | protocol=6 | dir=in | name=6930 | 
"{605AA26B-1C92-46E8-907A-491E749B064D}" = lport=6901 | protocol=6 | dir=in | name=6901 | 
"{60A88DF8-09F8-45E8-93A5-2414B786C888}" = lport=6970 | protocol=6 | dir=in | name=6970 | 
"{621D4CDE-D8D1-4C09-9244-6ABD0AD867DE}" = lport=6939 | protocol=6 | dir=in | name=6939 | 
"{62CEF309-F185-458D-AF9F-E828B4C541B0}" = lport=6905 | protocol=6 | dir=in | name=6905 | 
"{64511616-23C6-4A43-A09F-21166F5C313D}" = lport=6896 | protocol=6 | dir=in | name=6896 | 
"{65EEE036-C1D5-42E7-AAC7-68F93A1DC2CF}" = lport=6910 | protocol=6 | dir=in | name=6910 | 
"{66952B4E-1E66-4AB4-B298-BD7C23B8F5EF}" = lport=6898 | protocol=6 | dir=in | name=6898 | 
"{68BD35F2-83D7-4EDE-BA70-615129680E63}" = lport=6971 | protocol=6 | dir=in | name=6971 | 
"{6A13E485-0F44-4437-8CF2-E926C4049BCE}" = lport=6918 | protocol=6 | dir=in | name=6918 | 
"{6DC83D77-7BF5-4595-AE27-7E200CD5A1FC}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{6DDD66EA-8CBA-41DF-B79A-199FCFAD4847}" = lport=6996 | protocol=6 | dir=in | name=6996 | 
"{6E548CF4-64CA-4918-B89A-62C58EB6267F}" = lport=1119 | protocol=6 | dir=in | name=blizzard | 
"{6F09A6CC-11BA-4733-A55B-A93B8F85C0E9}" = lport=6961 | protocol=6 | dir=in | name=6961 | 
"{70EDDAC6-5ADD-49EC-8437-BEE400BB00B4}" = lport=6935 | protocol=6 | dir=in | name=6935 | 
"{71569123-ACF5-453D-8204-63A7CFDC1E98}" = lport=6932 | protocol=6 | dir=in | name=6932 | 
"{85617337-E67E-4ED2-99FF-6634E5E92094}" = lport=6924 | protocol=6 | dir=in | name=6924 | 
"{86D65DB2-9336-4BF2-BE4B-C574B8AF1D86}" = lport=6990 | protocol=6 | dir=in | name=6990 | 
"{87860F4E-D620-4DB5-A09E-FB0F9AD79644}" = lport=6982 | protocol=6 | dir=in | name=6982 | 
"{8C9374CB-4CF8-4E8D-94A5-EDE8596F6EB8}" = lport=6926 | protocol=6 | dir=in | name=6926 | 
"{8FF855A7-336C-41A5-AE25-8C59D810D053}" = lport=6953 | protocol=6 | dir=in | name=6953 | 
"{9142F0ED-245D-42A4-805E-EF8A69EB8CF2}" = lport=6980 | protocol=6 | dir=in | name=6980 | 
"{95090565-CD4D-40CA-9DAC-F2258427FDF9}" = lport=6912 | protocol=6 | dir=in | name=6912 | 
"{956750D1-D5C0-4A67-B475-A03ACBA7649A}" = lport=6946 | protocol=6 | dir=in | name=6946 | 
"{9B7A2F35-EF49-4981-A1D9-156E83C0457B}" = lport=6945 | protocol=6 | dir=in | name=6945 | 
"{9D550483-DA44-4E8F-B174-5C5ABBEF9B85}" = lport=6931 | protocol=6 | dir=in | name=6931 | 
"{9E6007B4-7394-4879-BF9F-8945D52DF10A}" = lport=6892 | protocol=6 | dir=in | name=6892 | 
"{9F0F3A31-F008-4300-B418-B00EBE799D54}" = lport=6887 | protocol=6 | dir=in | name=6887 | 
"{A210CF07-841D-40A0-8859-C3DCC9A4560A}" = lport=6927 | protocol=6 | dir=in | name=6927 | 
"{A3F0092F-753A-42D5-9FDE-9D509354FA1D}" = lport=6981 | protocol=6 | dir=in | name=6981 | 
"{A629614F-5BAE-4D41-815A-C939BDDB4B6A}" = lport=6895 | protocol=6 | dir=in | name=6895 | 
"{A650B2DC-3C24-4320-ACF8-A8740D005791}" = lport=6112 | protocol=6 | dir=in | name=6112 | 
"{A9723846-4DB5-49FB-AB47-D43042D815DA}" = lport=6908 | protocol=6 | dir=in | name=6908 | 
"{A9869F27-66B8-4118-A7A6-74176692E3B3}" = lport=6974 | protocol=6 | dir=in | name=6974 | 
"{AAF73851-57E7-4CAA-ABB1-A00D69220977}" = lport=6909 | protocol=6 | dir=in | name=6909 | 
"{AD479EC8-B876-4530-A090-346E3C38C6A8}" = lport=6936 | protocol=6 | dir=in | name=6936 | 
"{AE26793B-8499-426B-A9D3-EC5A1E165CF5}" = lport=6925 | protocol=6 | dir=in | name=6925 | 
"{B40CF003-09DB-4613-B3EE-69D977E1D7DE}" = lport=6985 | protocol=6 | dir=in | name=6985 | 
"{B9FC2426-BB42-4875-ABB2-F806C29D5335}" = lport=6922 | protocol=6 | dir=in | name=6922 | 
"{BC3636FF-8A84-40E1-873B-EF11FC76A8DD}" = lport=6894 | protocol=6 | dir=in | name=6894 | 
"{BC4A60DF-19D4-4F83-9E5A-F303CCDBC45D}" = lport=6987 | protocol=6 | dir=in | name=6987 | 
"{BC80B29B-D7C2-41F3-BE42-7B634F3DAC4D}" = lport=6913 | protocol=6 | dir=in | name=6913 | 
"{BE9B1EB3-4D3C-42F2-9B91-516FEE0DD0BD}" = lport=6999 | protocol=6 | dir=in | name=6999 | 
"{C351CE86-93B7-4273-B1BE-BA15128E9E10}" = lport=6937 | protocol=6 | dir=in | name=6937 | 
"{C361C150-8BA7-404E-B928-4F1B37759A5F}" = lport=6944 | protocol=6 | dir=in | name=6944 | 
"{C4AC606D-6798-467D-92B2-191D4EE4D3B4}" = lport=6899 | protocol=6 | dir=in | name=6899 | 
"{C879FE58-FE44-4A99-A118-E8D9E8EF3E84}" = lport=6943 | protocol=6 | dir=in | name=6943 | 
"{C9155CFD-4CBB-4034-BBCF-3D987C4EC5E7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{CA209DB1-4013-473F-9584-EB666297028C}" = lport=6920 | protocol=6 | dir=in | name=6920 | 
"{CBE5F1A7-D18A-403A-AA76-459136D8A736}" = lport=6940 | protocol=6 | dir=in | name=6940 | 
"{CF758266-46D5-445F-B9E5-892B45BBCB9F}" = lport=6973 | protocol=6 | dir=in | name=6973 | 
"{CFFB900C-C7FA-48D0-A45A-FA9A0382560A}" = lport=6942 | protocol=6 | dir=in | name=6942 | 
"{D04C7585-B4D3-49DD-A35B-4C722AA9E565}" = lport=6881 | protocol=6 | dir=in | name=6881 | 
"{D13B553F-307E-40ED-9A7F-FED8ED06A817}" = lport=6923 | protocol=6 | dir=in | name=6923 | 
"{D1FD4E9D-9579-42C9-A056-5D79C0781CD1}" = lport=6968 | protocol=6 | dir=in | name=6968 | 
"{D3742779-9B3A-48C2-B205-950FAC1A1E6A}" = lport=6929 | protocol=6 | dir=in | name=6929 | 
"{D3DCE75B-D17C-4986-AE33-B23D91B6C05D}" = lport=6993 | protocol=6 | dir=in | name=6993 | 
"{D5A1C67E-7DFE-44EF-B836-0E8D5188E282}" = lport=6978 | protocol=6 | dir=in | name=6978 | 
"{D8DE00F7-2ED6-490F-940E-DA997D11B1D4}" = lport=49157 | protocol=6 | dir=in | name=akamai netsession interface | 
"{DC34B2C5-9AFE-4659-A5C7-283F1589E365}" = lport=6952 | protocol=6 | dir=in | name=6952 | 
"{DED53C70-A19D-494D-AFB1-760FB997DE01}" = lport=6960 | protocol=6 | dir=in | name=6960 | 
"{DEF2AA40-C56F-4BC7-8B51-6A356CD37CF0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{E2767E25-14C2-4F50-A97B-62AD7B89B867}" = lport=6890 | protocol=6 | dir=in | name=6890 | 
"{E7F95937-258C-4C4F-9DE0-E255A58A5532}" = lport=6950 | protocol=6 | dir=in | name=6950 | 
"{E87C0CEC-7C59-4E94-9AC5-290794043BC0}" = lport=6900 | protocol=6 | dir=in | name=6900 | 
"{E89C22FD-4F30-4896-A1FD-DB0E19C06D9E}" = lport=6914 | protocol=6 | dir=in | name=6914 | 
"{E8CDD8BB-C5A8-4E2F-98E0-4BF0829480A7}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | 
"{E921DA9E-242A-4A37-88AF-226F054CB554}" = lport=6969 | protocol=6 | dir=in | name=6969 | 
"{EAF4DF77-2EB3-499C-95E8-0DA83162ACC0}" = lport=6986 | protocol=6 | dir=in | name=6986 | 
"{EB91D5D3-D3DF-42DE-8D00-306B45D68CBE}" = lport=6882 | protocol=6 | dir=in | name=6882 | 
"{EC31A2CC-E508-46E3-B44E-6408EC4FB9D0}" = lport=6888 | protocol=6 | dir=in | name=6888 | 
"{EFAD4968-9819-48BB-8769-A89244E84C06}" = lport=6954 | protocol=6 | dir=in | name=6954 | 
"{EFDE7D9C-52F3-474E-9D27-64A46596579B}" = lport=6994 | protocol=6 | dir=in | name=6994 | 
"{F422E85D-3E8A-4FBE-994A-0CD3C4B6DE7A}" = lport=6992 | protocol=6 | dir=in | name=6992 | 
"{F4C48A1A-9DD8-44B0-9FEF-B99EE98D7107}" = lport=6911 | protocol=6 | dir=in | name=6911 | 
"{F63C299C-DC1F-4F98-9553-C27D34F62C72}" = lport=6897 | protocol=6 | dir=in | name=6897 | 
"{FB4BA255-6954-4ED2-998E-C66636A6D2B4}" = lport=6983 | protocol=6 | dir=in | name=6983 | 
"{FFB8A759-109D-4167-9376-C573891380AB}" = lport=6991 | protocol=6 | dir=in | name=6991 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0734796E-AA53-489D-B1D3-85EAA345C0C0}" = protocol=17 | dir=in | app=c:\program files\dragon age\bin_ship\daupdatersvc.service.exe | 
"{0A042CE2-24B3-4945-8DAC-EAE01180C822}" = protocol=6 | dir=in | app=c:\program files\dragon age\bin_ship\daorigins.exe | 
"{149DD593-D221-44C9-81A6-7266B36F8C18}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe | 
"{1C3CF5F8-A6BE-42B9-85B4-675915FA37AC}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{1DBE5D73-A545-47F6-B9DF-2B7538419C76}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | 
"{210A2A9B-3129-4F8F-A69D-BC1574CC9E3A}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | 
"{24F483BF-E484-4B05-9FCA-AB9BD2ECA62F}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{2BE74F40-FEE9-4601-9224-01E3C56C2A74}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{2EF5FA49-7FC1-4B84-AE64-8171B9034DFF}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{2EFA4B4B-B6E0-4F09-A27F-D00B00D56A95}" = protocol=17 | dir=in | app=d:\games\world of warcraft\launcher.patch.exe | 
"{3DC6C208-2252-4F7F-B989-33F008D3D72C}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{55F248EA-87E4-4582-B23C-5F5255A10D42}" = protocol=17 | dir=in | app=d:\games\world of warcraft\blizzard downloader.exe | 
"{578FF7D8-6AEE-46AF-BDCB-3E12671DB059}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | 
"{5967EF3C-9D72-41A6-A2DF-4AAC032CED00}" = protocol=6 | dir=in | app=d:\games\world of warcraft\launcher.patch.exe | 
"{5F2D2ADD-1327-46E6-8422-BFC0E0B0361A}" = protocol=17 | dir=in | app=c:\program files\dragon age\daoriginslauncher.exe | 
"{5F7AD4D1-D318-44F0-8391-2D1DDC77809F}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | 
"{62435C55-3B31-4613-9B47-CBED0AEB528D}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | 
"{6840675D-507A-48BC-9265-A446BC9FA9B7}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{727983E3-5A68-4137-B629-2C8BCF421248}" = protocol=17 | dir=in | app=f:\wow\launcher.exe | 
"{7B247521-7CB1-4A35-9591-D870B4554E57}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{87A76B96-0C3C-4F5B-BCB8-CB804B8661FE}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe | 
"{89DE047F-F6FD-4966-AE0A-0390B17D06FD}" = protocol=6 | dir=in | app=c:\program files\dragon age\bin_ship\daupdatersvc.service.exe | 
"{8BFC8B30-F342-4108-AEAA-F6DE60205C6E}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{9598CF45-AD1A-4E76-8FFF-4F0F366B1AB9}" = protocol=6 | dir=in | app=f:\wow\launcher.exe | 
"{A46DC16F-0433-47C2-8496-061964B1BA41}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{A66B6F2E-AF4C-4394-8CDC-2DD5449F1E3A}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | 
"{AB8813BA-8235-4CCF-91AB-888F6174F1F3}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe | 
"{AF3C94BF-1ED6-4E86-917F-FE5BC5B131B1}" = protocol=17 | dir=in | app=c:\program files\dragon age\bin_ship\daorigins.exe | 
"{B0523148-04CD-4FFB-AA97-C0A6B8BA76DE}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | 
"{B821FA35-8798-454D-8960-3CC73D93DEFC}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{B9E8BE1F-4074-4981-BF49-541E55585744}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{C3A6CD38-7A62-484F-9665-15F8444D5FE4}" = protocol=6 | dir=in | app=d:\games\world of warcraft\blizzard downloader.exe | 
"{C6DCA9D3-0ECA-4377-9C9A-33D35BFA7623}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe | 
"{D47C2D22-B5CD-4914-8DB8-25BFD63FA70E}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{D73E522B-B4D8-4BA7-9EB4-0FAB5D073070}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{DA05A784-E518-461D-B74D-1BE62A8AB500}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | 
"{E7B2B984-0D79-477C-9A1A-3D2D90C21150}" = protocol=6 | dir=in | app=c:\program files\dragon age\daoriginslauncher.exe | 
"{EE6020D0-6FD5-42E6-B75B-F5DAE3FA4654}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{F439294E-07F8-45FD-8F1A-AF933B8628EB}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{FBB9C8A2-991B-4B7E-9EA9-142BBFAFAB7D}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"TCP Query User{0F053FAC-D6C3-46CC-AEF3-0A3A5FDE6D44}D:\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\games\world of warcraft\launcher.exe | 
"TCP Query User{227F7143-EB8E-4E6E-833A-EBFBAB6BEA7B}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"TCP Query User{2F1E5499-910A-4EAD-98B1-45295CE41644}D:\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=d:\games\world of warcraft\launcher.exe | 
"TCP Query User{36A223C6-1C02-478E-BD54-4B6E07510B16}D:\games\trackmania\tmforever.exe" = protocol=6 | dir=in | app=d:\games\trackmania\tmforever.exe | 
"TCP Query User{3F7B8A06-CCB9-409D-950D-DC5E9B92BCDC}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"TCP Query User{4FAE5B92-E723-4064-B3D0-FE6731526EA4}D:\games\world of warcraft\repair.exe" = protocol=6 | dir=in | app=d:\games\world of warcraft\repair.exe | 
"TCP Query User{FB07C90C-E887-4307-A320-A0E2880BF591}C:\program files\firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\firefox\firefox.exe | 
"UDP Query User{2BFD51EC-D445-4CA9-9886-35A76F7C1C2A}D:\games\world of warcraft\repair.exe" = protocol=17 | dir=in | app=d:\games\world of warcraft\repair.exe | 
"UDP Query User{63A4DB77-A8E6-47D2-9B90-772FD6736A07}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"UDP Query User{88ACA124-B671-4FAB-A035-F2377EA16494}C:\program files\firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\firefox\firefox.exe | 
"UDP Query User{A62B39FD-19A5-4696-ACBE-3C56B1F2D8FE}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe | 
"UDP Query User{E82E997B-2CFB-42F1-A344-F91BC96E79F4}D:\games\trackmania\tmforever.exe" = protocol=17 | dir=in | app=d:\games\trackmania\tmforever.exe | 
"UDP Query User{EDA55F2B-2F41-444E-98CC-AA7D24AA2E55}D:\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\games\world of warcraft\launcher.exe | 
"UDP Query User{F74BA1DE-AF60-45D7-ABF7-E4250533D209}D:\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=d:\games\world of warcraft\launcher.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office 5.0.36
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{080FE95E-5A89-4A54-BAAA-D769971B7C2D}" = Corel Home Office 5.0.36
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software  1.14.17.1
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 26
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{43B74FAB-FB58-447D-8D3A-5F638AF36FD1}" = Netzmanager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{62CF8923-31DC-4285-A23C-17CE5AA6A679}" = Express Gate
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70AA9B4F-64F7-4B0D-ADD8-05802D61AF72}" = Windows Live Toolbar
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7988ba74-4a27-4685-991a-53f072f22808}" = F2200_Help
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear eXtreme
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{e97a9fd7-2fa1-4474-820d-3f8893a5b78a}" = F2200
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{eca3039b-e429-420f-bd5e-7dec0683fc32}" = DJ_AIO_03_F2200_ProductContext
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"7-Zip" = 7-Zip 4.57
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Akamai" = Akamai NetSession Interface
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"Netzmanager" = Netzmanager
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa2" = Picasa 2
"PROHYBRIDR" = 2007 Microsoft Office system
"SearchAnonymizer" = SearchAnonymizer
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"VLC media player" = VLC media player 0.9.8a
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 26.07.2010 07:36:19 | Computer Name = Daniel-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 26.07.2010 07:36:19 | Computer Name = Daniel-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 26.07.2010 13:33:01 | Computer Name = Daniel-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 26.07.2010 13:33:17 | Computer Name = Daniel-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 26.07.2010 13:33:17 | Computer Name = Daniel-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 26.07.2010 13:36:01 | Computer Name = Daniel-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 26.07.2010 20:44:43 | Computer Name = Daniel-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 26.07.2010 20:45:55 | Computer Name = Daniel-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 26.07.2010 20:46:05 | Computer Name = Daniel-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 26.07.2010 20:46:05 | Computer Name = Daniel-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
[ System Events ]
Error - 10.06.2011 08:54:31 | Computer Name = BigBoss | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 10.06.2011 09:08:10 | Computer Name = BigBoss | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 10.06.2011 09:11:26 | Computer Name = BigBoss | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 10.06.2011 09:22:17 | Computer Name = BigBoss | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 10.06.2011 um 15:20:20 unerwartet heruntergefahren.
 
Error - 10.06.2011 09:24:18 | Computer Name = BigBoss | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 10.06.2011 09:25:20 | Computer Name = BigBoss | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 10.06.2011 11:31:13 | Computer Name = BigBoss | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 10.06.2011 11:34:04 | Computer Name = BigBoss | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 10.06.2011 12:07:09 | Computer Name = BigBoss | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 10.06.2011 12:09:02 | Computer Name = BigBoss | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
 
< End of report >
         
--- --- ---


Und hier der OTL.Txt EditorOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 10.06.2011 18:24:00 - Run 4
OTL by OldTimer - Version 3.2.23.0     Folder = c:\Users\Daniel\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 61,62% Memory free
6,19 Gb Paging File | 5,07 Gb Available in Paging File | 81,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 65,23 Gb Free Space | 43,76% Space Free | Partition Type: NTFS
Drive D: | 139,28 Gb Total Space | 139,23 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
 
Computer Name: BIGBOSS | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - c:\Users\Daniel\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Users\Daniel\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)
PRC - C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe (ASUS)
PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\ASUS\ATK Media\DMedia.exe ()
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
 
 
========== Modules (SafeList) ==========
 
MOD - c:\Users\Daniel\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Akamai) -- c:\program files\common files\akamai\netsession_win_8675ab0.dll ()
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (SearchAnonymizer) -- C:\Users\Daniel\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe ()
SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
SRV - (Netzmanager Service) -- C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (lullaby) -- C:\Windows\system32\DRIVERS\lullaby.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (MTOnlPktAlyX) -- C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {184AA5E6-741D-464a-820E-94B3ABC2F3B4}:1.0
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Firefox\components [2011.05.29 20:08:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Firefox\plugins [2011.05.29 20:08:40 | 000,000,000 | ---D | M]
 
[2009.01.16 23:37:57 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions
[2011.06.09 19:08:00 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\uk7bwr0v.default\extensions
[2011.06.10 15:05:15 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\uk7bwr0v.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.10 15:05:15 | 000,000,000 | -H-D | M] (Yahoo! Toolbar) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\uk7bwr0v.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.06.10 15:05:15 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\uk7bwr0v.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.01.24 17:34:17 | 000,001,097 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\icqplugin-1.xml
[2011.03.25 16:50:11 | 000,000,950 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\icqplugin-10.xml
[2011.04.22 23:59:53 | 000,000,950 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\icqplugin-11.xml
[2011.01.24 17:34:17 | 000,001,097 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\icqplugin-2.xml
[2011.01.24 17:34:17 | 000,001,097 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\icqplugin-3.xml
[2011.01.24 17:34:17 | 000,001,097 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\icqplugin-4.xml
[2011.01.24 17:34:17 | 000,001,097 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\icqplugin-5.xml
[2011.01.24 17:34:17 | 000,001,097 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\icqplugin-6.xml
[2011.01.24 17:34:17 | 000,001,097 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\icqplugin-7.xml
[2011.01.27 19:30:41 | 000,001,097 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\icqplugin-8.xml
[2011.03.05 15:20:20 | 000,000,950 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\icqplugin-9.xml
[2011.01.11 22:49:02 | 000,000,168 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\icqplugin.gif
[2011.01.11 22:49:02 | 000,000,618 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\icqplugin.src
[2011.01.24 17:34:17 | 000,001,180 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\icqplugin.xml
[2011.01.24 17:34:17 | 000,001,864 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\{0ACC31C1-3FC9-4A72-A9FB-D5CBBD43A2C8}.xml
[2011.01.24 17:34:17 | 000,002,071 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\{1FE87FC7-D3D8-4C11-A713-7E4399B71ACA}.xml
[2011.01.27 19:30:41 | 000,001,088 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\{23157B52-0481-46D6-9AB8-FCC9DD7A3F19}.xml
[2011.01.24 17:34:17 | 000,002,182 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\uk7bwr0v.default\searchplugins\{D227A0D6-C416-479C-86A8-6ADE51124CEE}.xml
[2009.05.08 18:50:13 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009.09.25 18:22:30 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009.12.01 20:33:48 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.04.05 13:00:00 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
[2010.05.05 15:35:27 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.16 14:21:23 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.12.12 17:31:22 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.19 18:30:04 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.06.08 17:57:57 | 000,000,000 | -H-D | M] (Java String Helper) -- C:\USERS\DANIEL\APPDATA\ROAMING\5016
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE ()
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Ocs_SM] C:\Users\Daniel\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IcqUpdater]  File not found
O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk = C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13d732dc-1dbf-11e0-93e5-00261881d2d3}\Shell - "" = AutoRun
O33 - MountPoints2\{13d732dc-1dbf-11e0-93e5-00261881d2d3}\Shell\AutoRun\command - "" = F:\pushinst.exe
O33 - MountPoints2\{30c8ea12-d423-11dd-9473-0023547f8e84}\Shell - "" = AutoRun
O33 - MountPoints2\{30c8ea12-d423-11dd-9473-0023547f8e84}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{30c8ea4c-d423-11dd-9473-0023547f8e84}\Shell - "" = AutoRun
O33 - MountPoints2\{30c8ea4c-d423-11dd-9473-0023547f8e84}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{37ae35c9-d4d1-11dd-bdea-0023547f8e84}\Shell - "" = AutoRun
O33 - MountPoints2\{37ae35c9-d4d1-11dd-bdea-0023547f8e84}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.06.10 18:12:54 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.06.10 18:12:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.06.10 18:12:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.06.10 15:11:50 | 000,000,000 | ---D | C] -- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011.06.10 11:11:57 | 000,000,000 | -H-D | C] -- C:\Users\Daniel\AppData\Roaming\Malwarebytes
[2011.06.10 11:11:46 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.06.10 11:11:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.06.10 11:11:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes
[2011.06.10 11:11:38 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.06.10 11:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.06.10 10:57:13 | 000,000,000 | -H-D | C] -- C:\Users\Daniel\Desktop\lp
[2011.06.10 10:56:39 | 000,000,000 | -H-D | C] -- C:\Users\Daniel\Desktop\dgrdg
[2011.06.10 09:57:59 | 000,000,000 | -H-D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Restore
[2011.06.08 17:57:57 | 000,000,000 | -H-D | C] -- C:\Users\Daniel\AppData\Roaming\5016
[2011.05.29 19:49:07 | 000,000,000 | -H-D | C] -- C:\Users\Daniel\AppData\Roaming\UAs
[2011.05.29 19:32:50 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.05.29 19:32:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.05.29 19:32:49 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.05.29 19:32:49 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.05.29 19:32:49 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.05.29 19:32:49 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.05.29 19:32:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.05.29 19:32:49 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.05.29 19:32:48 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.05.29 19:32:48 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.05.29 19:32:48 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.05.29 19:32:48 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.05.29 19:32:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.05.29 19:32:48 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.05.29 19:32:48 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.05.29 19:32:48 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.05.29 19:32:48 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.05.29 19:32:47 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.05.29 19:32:47 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.05.29 19:32:47 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.05.29 19:32:47 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.05.29 19:32:47 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.05.29 19:32:47 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.05.29 19:32:47 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.05.29 19:32:46 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.05.29 19:32:46 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.05.29 19:32:46 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.05.29 19:32:46 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.05.29 19:32:46 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.05.29 19:32:46 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.05.29 19:32:46 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.05.29 19:32:45 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.05.29 19:32:45 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.05.29 19:32:45 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.05.29 19:32:45 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.05.29 19:32:45 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.05.29 19:32:45 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.05.29 19:32:45 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.05.29 19:32:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.05.14 20:08:21 | 000,000,000 | -H-D | C] -- C:\Users\Daniel\Desktop\20 Jahre Live in Frankfurt
[2011.05.14 20:07:55 | 000,000,000 | -H-D | C] -- C:\Users\Daniel\Desktop\Onkelz
[2008.06.03 08:41:51 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[1 C:\Users\Daniel\AppData\Roaming\*.tmp files -> C:\Users\Daniel\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.06.10 18:07:25 | 000,000,680 | ---- | M] () -- C:\Users\Daniel\AppData\Local\d3d9caps.dat
[2011.06.10 18:06:09 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2011.06.10 18:06:03 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.06.10 18:05:40 | 000,005,184 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.10 18:05:40 | 000,005,184 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.10 18:05:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.10 18:05:24 | 3218,235,392 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.10 17:52:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.06.10 17:50:15 | 000,000,000 | ---- | M] () -- C:\Users\Daniel\defogger_reenable
[2011.06.10 12:05:26 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.06.10 09:58:16 | 000,000,112 | -H-- | M] () -- C:\ProgramData\~36560632
[2011.06.10 09:58:15 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~36560632r
[2011.06.10 09:57:56 | 000,000,344 | -H-- | M] () -- C:\ProgramData\36560632
[2011.06.09 22:09:09 | 000,048,734 | -H-- | M] () -- C:\ProgramData\nvModes.001
[2011.06.09 18:02:55 | 000,000,024 | -H-- | M] () -- C:\Users\Daniel\AppData\Roaming\urhtps.dat
[2011.06.09 16:57:40 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.06.09 16:57:40 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.09 16:57:40 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.06.09 16:57:40 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.08 21:49:15 | 000,312,032 | -H-- | M] () -- C:\Users\Daniel\Desktop\2011-06-04 19.42.24.jpg
[2011.06.07 15:21:02 | 000,048,734 | -H-- | M] () -- C:\ProgramData\nvModes.dat
[2011.06.05 21:58:41 | 001,578,546 | -H-- | M] () -- C:\Users\Daniel\Desktop\2011-06-04 22.49.53.jpg
[2011.06.05 21:57:38 | 001,552,640 | -H-- | M] () -- C:\Users\Daniel\Desktop\2011-06-04 22.49.44.jpg
[2011.06.05 21:57:29 | 001,569,366 | -H-- | M] () -- C:\Users\Daniel\Desktop\2011-06-04 22.49.33.jpg
[2011.06.05 04:31:26 | 000,014,168 | -H-- | M] () -- C:\Users\Daniel\Desktop\2011-06-04 22.49.44-1.jpg
[2011.05.29 19:33:07 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.05.29 19:33:07 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.05.29 19:32:50 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.05.29 19:32:49 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.05.29 19:32:49 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.05.29 19:32:49 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.05.29 19:32:49 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.05.29 19:32:49 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.05.29 19:32:49 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.05.29 19:32:49 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.05.29 19:32:48 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.05.29 19:32:48 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.05.29 19:32:48 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.05.29 19:32:48 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.05.29 19:32:48 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.05.29 19:32:48 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.05.29 19:32:48 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.05.29 19:32:48 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.05.29 19:32:48 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.05.29 19:32:48 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.05.29 19:32:47 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.05.29 19:32:47 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.05.29 19:32:47 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.05.29 19:32:47 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.05.29 19:32:47 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.05.29 19:32:47 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.05.29 19:32:47 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.05.29 19:32:46 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.05.29 19:32:46 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.05.29 19:32:46 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.05.29 19:32:46 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.05.29 19:32:46 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.05.29 19:32:46 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.05.29 19:32:46 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.05.29 19:32:45 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.05.29 19:32:45 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.05.29 19:32:45 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.05.29 19:32:45 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.05.29 19:32:45 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.05.29 19:32:45 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.05.29 19:32:45 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.05.29 19:32:45 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.05.22 21:26:07 | 004,186,240 | -H-- | M] () -- C:\Users\Daniel\Desktop\Snoop Dogg Ft. R.Kelly - PLATINUM   HQ (Download Link)&rlm;.mp3
[2011.05.22 11:53:09 | 001,542,109 | -H-- | M] () -- C:\Users\Daniel\Desktop\2011-05-19 17.28.22.jpg
[2011.05.22 11:33:19 | 003,623,040 | -H-- | M] () -- C:\Users\Daniel\Desktop\LMFAO - Party Rock Anthem [MUSIK VIDEO]&rlm;.mp3
[2011.05.19 17:39:18 | 000,011,521 | -H-- | M] () -- C:\Users\Daniel\Desktop\Bild 090.jpg
[2011.05.18 17:58:59 | 004,530,304 | -H-- | M] () -- C:\Users\Daniel\Desktop\Harris - Kiffer.mp3
[2011.05.13 20:24:20 | 009,844,305 | -H-- | M] () -- C:\Users\Daniel\Desktop\08 Schlechte Zeiten.mp3
[1 C:\Users\Daniel\AppData\Roaming\*.tmp files -> C:\Users\Daniel\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.06.10 17:50:15 | 000,000,000 | ---- | C] () -- C:\Users\Daniel\defogger_reenable
[2011.06.10 15:12:18 | 000,001,675 | ---- | C] () -- C:\Users\Daniel\Desktop\Mozilla Firefox.lnk
[2011.06.10 12:05:26 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.06.10 10:18:36 | 3218,235,392 | -HS- | C] () -- C:\hiberfil.sys
[2011.06.10 09:58:15 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~36560632r
[2011.06.10 09:58:15 | 000,000,112 | -H-- | C] () -- C:\ProgramData\~36560632
[2011.06.10 09:57:56 | 000,000,344 | -H-- | C] () -- C:\ProgramData\36560632
[2011.06.05 11:35:10 | 001,578,546 | -H-- | C] () -- C:\Users\Daniel\Desktop\2011-06-04 22.49.53.jpg
[2011.06.05 11:35:10 | 001,569,366 | -H-- | C] () -- C:\Users\Daniel\Desktop\2011-06-04 22.49.33.jpg
[2011.06.05 11:35:10 | 001,552,640 | -H-- | C] () -- C:\Users\Daniel\Desktop\2011-06-04 22.49.44.jpg
[2011.06.05 11:35:10 | 000,312,032 | -H-- | C] () -- C:\Users\Daniel\Desktop\2011-06-04 19.42.24.jpg
[2011.06.05 11:35:04 | 000,014,168 | -H-- | C] () -- C:\Users\Daniel\Desktop\2011-06-04 22.49.44-1.jpg
[2011.05.29 20:00:59 | 000,000,956 | -H-- | C] () -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.05.29 19:32:48 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.05.22 21:27:34 | 004,186,240 | -H-- | C] () -- C:\Users\Daniel\Desktop\Snoop Dogg Ft. R.Kelly - PLATINUM   HQ (Download Link)&rlm;.mp3
[2011.05.22 11:52:46 | 001,542,109 | -H-- | C] () -- C:\Users\Daniel\Desktop\2011-05-19 17.28.22.jpg
[2011.05.22 11:52:44 | 000,011,521 | -H-- | C] () -- C:\Users\Daniel\Desktop\Bild 090.jpg
[2011.05.22 11:33:50 | 003,623,040 | -H-- | C] () -- C:\Users\Daniel\Desktop\LMFAO - Party Rock Anthem [MUSIK VIDEO]&rlm;.mp3
[2011.05.18 17:59:33 | 004,530,304 | -H-- | C] () -- C:\Users\Daniel\Desktop\Harris - Kiffer.mp3
[2011.05.14 13:09:01 | 009,844,305 | -H-- | C] () -- C:\Users\Daniel\Desktop\08 Schlechte Zeiten.mp3
[2011.04.27 11:53:28 | 000,000,024 | -H-- | C] () -- C:\Users\Daniel\AppData\Roaming\urhtps.dat
[2011.01.22 23:13:39 | 000,000,680 | ---- | C] () -- C:\Users\Daniel\AppData\Local\d3d9caps.dat
[2009.10.28 18:21:46 | 000,179,146 | ---- | C] () -- C:\Windows\hpoins27.dat
[2009.09.17 08:58:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.17 08:58:38 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.08 19:20:35 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2008.12.30 15:37:49 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2008.12.27 19:48:28 | 000,010,752 | -H-- | C] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.27 16:33:14 | 000,048,734 | -H-- | C] () -- C:\ProgramData\nvModes.001
[2008.11.07 17:33:27 | 000,048,734 | -H-- | C] () -- C:\ProgramData\nvModes.dat
[2008.11.07 17:32:54 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2008.11.07 17:24:17 | 000,047,672 | ---- | C] () -- C:\Windows\AsScrProlog.exe
[2008.11.07 16:05:03 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.09.30 17:43:34 | 001,286,152 | ---- | C] () -- C:\Windows\System32\msxml4.dll
[2008.08.09 00:48:20 | 000,090,112 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.06.09 10:45:07 | 001,748,352 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008.05.22 19:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
[2008.05.12 05:20:31 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008.04.16 13:11:34 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.16 13:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.16 13:11:34 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.16 13:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.04.16 12:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2008.01.18 17:56:22 | 000,000,932 | ---- | C] () -- C:\Windows\hpomdl27.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,372,120 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.03.09 03:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
 
< End of report >
         
--- --- ---


Wie gesagt, ich habe keinerlei Ahnung von diesem Zeug und was mein kleiner Bruder (14) da gewerkelt hat.

Alt 14.06.2011, 10:29   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Vista: Nach Entfernung des Trojaners Windows Recovery leerer Desktop - Standard

Vista: Nach Entfernung des Trojaners Windows Recovery leerer Desktop



Zitat:
C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
Du hast ja schon Malwarebytes installiert, poste alle davon erstellten Logs.
__________________

__________________

Antwort

Themen zu Vista: Nach Entfernung des Trojaners Windows Recovery leerer Desktop
32 bit, 7-zip, angezeigt, applaus, dankeschön, dateien, desktop, deutsche, entfernung, folge, folgende, forum, gfnexsrv.exe, helft, heute, install.exe, intranet, leerer desktop, logfiles, microsoft office word, morgen, neu, nvlddmkm.sys, office 2007, oldtimer, otl.txt, picasa, plug-in, probleme, recovery, sched.exe, schonmal, schwarz, searchplugins, security update, shell32.dll, start menu, suche, super, thema, trojaner, usb 2.0, version, vista, windows, ähnliches




Ähnliche Themen: Vista: Nach Entfernung des Trojaners Windows Recovery leerer Desktop


  1. Probleme im Internet nach der Entfernung eines Trojaners
    Diskussionsforum - 09.08.2015 (16)
  2. immer leerer Desktop nach dem 'Gema-Virus'
    Log-Analyse und Auswertung - 08.12.2011 (28)
  3. Probleme nach Entfernung des BKA-Trojaners
    Plagegeister aller Art und deren Bekämpfung - 03.12.2011 (21)
  4. Nach Entfernung des Bundespolizei-Trojaners (jashla.exe) startet der Windows-Explorer nicht mehr
    Log-Analyse und Auswertung - 17.08.2011 (4)
  5. Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen
    Log-Analyse und Auswertung - 11.07.2011 (31)
  6. Nach Entfernung von Windows Recovery Virus noch Reste in der Registry
    Plagegeister aller Art und deren Bekämpfung - 09.07.2011 (9)
  7. Windows Recovery: Desktopprobleme nach Entfernung mit Malwarebyte und OTL
    Plagegeister aller Art und deren Bekämpfung - 07.07.2011 (18)
  8. Nach Entfernung von Vista Recovery: Daten weg (?)
    Plagegeister aller Art und deren Bekämpfung - 14.06.2011 (3)
  9. Windows Vista wieder sauber nach entfernen von Vista Recovery?
    Log-Analyse und Auswertung - 14.06.2011 (5)
  10. Problem nach entfernung des Windows Recovery Virus :(
    Plagegeister aller Art und deren Bekämpfung - 11.06.2011 (5)
  11. Windows recovery - leerer Desktop trotz unhide & Loganalyse
    Log-Analyse und Auswertung - 07.05.2011 (19)
  12. Leerer Desktop nach Entfernung von Windows Recovery durch Malewarebytes
    Log-Analyse und Auswertung - 01.05.2011 (7)
  13. Computer startet nicht nach Entfernung von Windows Recovery Virus
    Plagegeister aller Art und deren Bekämpfung - 27.04.2011 (38)
  14. Nach Windows Recovery Befall kein Zugriff mehr auf Dateisystem/Desktop
    Plagegeister aller Art und deren Bekämpfung - 12.04.2011 (29)
  15. Nach Entfernung von Windows Recovery sind Dateien unsichtbar
    Plagegeister aller Art und deren Bekämpfung - 23.03.2011 (1)
  16. Nach Entfernung eines Keyloggers + Trojaners
    Plagegeister aller Art und deren Bekämpfung - 11.09.2009 (39)
  17. RUNDLL-Fehlermeldung nach Entfernung eines Trojaners
    Plagegeister aller Art und deren Bekämpfung - 24.05.2007 (15)

Zum Thema Vista: Nach Entfernung des Trojaners Windows Recovery leerer Desktop - Hallo! Ich bin ganz neu in diesem Forum, was mir schon vor meiner Registration super geholfen hat. Dafür schonmal ein riesiges Dankeschön So konnte ich nämlich heute morgen diesen dämlichen - Vista: Nach Entfernung des Trojaners Windows Recovery leerer Desktop...
Archiv
Du betrachtest: Vista: Nach Entfernung des Trojaners Windows Recovery leerer Desktop auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.