|
Plagegeister aller Art und deren Bekämpfung: Kann Taskmanager nicht startenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
11.12.2011, 20:21 | #1 |
| Kann Taskmanager nicht starten ich habe den ukash virus bekommen und habe von AgentSmith1 tipps bekommen wie ich es wegbekomme. ich habe zuerst das programm "tdsskiller" runtergeladen und es anschließend gestartet. danach habe ich avira de cleaner runtergeladen und ebenfals gestartet. beide programme haben meinen gesammten pc nach viren durchsucht und alle gelöscht. dann hat mein pc wieder normal funktioniert, aber der Taskmanager funktioniert nicht und ich weiß nicht woran das liegt deswegen wollte ich fragen ob ihr mir vll helfen könnt ? Vielen Dank schon mal im vorraus =) |
11.12.2011, 21:14 | #2 |
| Kann Taskmanager nicht starten Hi,
__________________wird von ukash disabled... Poste mal ein OTL-Log... OTL Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop * Doppelklick auf die OTL.exe * Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen * Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output * Unter Extra Registry, wähle bitte Use SafeList * Klicke nun auf Run Scan links oben * Wenn der Scan beendet wurde werden 2 Logfiles erstellt * Poste die Logfiles hier in den Thread. chris
__________________ |
11.12.2011, 21:43 | #3 |
| Kann Taskmanager nicht starten OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 11.12.2011 21:27:17 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Latif\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 21,13% Memory free 8,00 Gb Paging File | 4,29 Gb Available in Paging File | 53,63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 458,87 Gb Total Space | 283,22 Gb Free Space | 61,72% Space Free | Partition Type: NTFS Drive D: | 458,87 Gb Total Space | 458,58 Gb Free Space | 99,94% Space Free | Partition Type: NTFS Computer Name: LATIF-PC | User Name: Latif | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Latif\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\Latif\Downloads\iBot.exe (iBot) PRC - c:\program files (x86)\silkroad\sro_client.exe () PRC - C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH) PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) PRC - C:\Users\Latif\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc) PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) PRC - C:\Fraps\fraps.exe (Beepa P/L) PRC - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe () PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.) PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer) PRC - C:\Users\Latif\Desktop\SilkTool.exe (Fossinator) ========== Modules (No Company Name) ========== MOD - c:\program files (x86)\silkroad\sro_client.exe () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\plugins\appscanner_plugin.dll () MOD - C:\Users\Latif\Downloads\iBot.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\QtGui4.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\QtCore4.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\QtNetwork4.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg4.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif4.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Users\Latif\AppData\Local\Google\Chrome\Application\6.0.472.63\pdf.dll () MOD - C:\Users\Latif\AppData\Local\Google\Chrome\Application\6.0.472.63\avutil-50.dll () MOD - C:\Users\Latif\AppData\Local\Google\Chrome\Application\6.0.472.63\avformat-52.dll () MOD - C:\Users\Latif\AppData\Local\Google\Chrome\Application\6.0.472.63\avcodec-52.dll () MOD - C:\Users\Latif\AppData\Local\Google\Chrome\Application\6.0.472.63\gcswf32.dll () MOD - C:\Users\Latif\Downloads\edxSilkroadDll5.dll () MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll () MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.) SRV:64bit: - (RichVideo64) -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe () SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_d768ebc.dll () SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe () SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.) SRV - (Autodesk Content Service) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe () SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe () SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated) SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe () SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe () SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.) DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation) DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x1301&r=17361010s907pe438x1m5w44i1t20s IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x1301&r=17361010s907pe438x1m5w44i1t20s IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x1301&r=17361010s907pe438x1m5w44i1t20s IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeo0.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x1301&r=17361010s907pe438x1m5w44i1t20s IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050 IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeo0.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "iLivid Web Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.1&q=" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "" FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPGameWebStarter: C:\Program Files (x86)\WEBZEN\WebzenGameStarter\NPGameWebStarter.dll (WEBZEN) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.09.30 21:57:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.08.22 17:51:17 | 000,000,000 | ---D | M] [2011.09.11 11:48:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Latif\AppData\Roaming\mozilla\Extensions [2011.12.08 19:59:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Latif\AppData\Roaming\mozilla\Firefox\Profiles\vy4h9v67.default\extensions [2011.12.08 19:59:18 | 000,000,000 | ---D | M] (Winload Community Toolbar) -- C:\Users\Latif\AppData\Roaming\mozilla\Firefox\Profiles\vy4h9v67.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f} [2011.12.08 19:59:43 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Latif\AppData\Roaming\mozilla\Firefox\Profiles\vy4h9v67.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.12.08 19:59:59 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Latif\AppData\Roaming\mozilla\Firefox\Profiles\vy4h9v67.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.10.13 14:31:42 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Latif\AppData\Roaming\mozilla\Firefox\Profiles\vy4h9v67.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2010.10.05 23:01:45 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Latif\AppData\Roaming\mozilla\Firefox\Profiles\vy4h9v67.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.07.04 14:54:25 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Latif\AppData\Roaming\mozilla\Firefox\Profiles\vy4h9v67.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} [2011.07.09 22:38:06 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Latif\AppData\Roaming\mozilla\Firefox\Profiles\vy4h9v67.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2011.04.16 00:27:41 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Latif\AppData\Roaming\mozilla\Firefox\Profiles\vy4h9v67.default\extensions\engine@conduit.com [2011.08.15 18:20:27 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Latif\AppData\Roaming\mozilla\Firefox\Profiles\vy4h9v67.default\extensions\ffxtlbr@babylon.com [2011.09.04 20:48:12 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Latif\AppData\Roaming\mozilla\Firefox\Profiles\vy4h9v67.default\extensions\ffxtlbr@Facemoods.com [2011.11.11 15:17:49 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Latif\AppData\Roaming\mozilla\Firefox\Profiles\vy4h9v67.default\extensions\plugin@yontoo.com [2011.11.29 17:58:50 | 000,000,000 | ---D | M] ("Nero Toolbar") -- C:\Users\Latif\AppData\Roaming\mozilla\Firefox\Profiles\vy4h9v67.default\extensions\toolbar@ask.com [2011.08.31 10:25:08 | 000,000,917 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\conduit.xml [2011.12.10 01:27:38 | 000,000,950 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\icqplugin-1.xml [2011.09.16 14:16:42 | 000,000,950 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\icqplugin-10.xml [2011.09.19 16:37:52 | 000,000,950 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\icqplugin-11.xml [2011.10.05 17:44:14 | 000,000,950 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\icqplugin-12.xml [2011.11.15 18:31:15 | 000,000,950 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\icqplugin-13.xml [2011.12.10 01:38:05 | 000,000,950 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\icqplugin-14.xml [2011.04.01 15:49:34 | 000,000,950 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\icqplugin-2.xml [2011.04.30 18:34:22 | 000,000,950 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\icqplugin-3.xml [2011.05.04 19:04:53 | 000,000,950 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\icqplugin-4.xml [2011.05.04 19:05:43 | 000,000,950 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\icqplugin-5.xml [2011.06.26 14:08:33 | 000,000,950 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\icqplugin-6.xml [2011.07.10 23:13:12 | 000,000,950 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\icqplugin-7.xml [2011.09.02 23:56:27 | 000,000,950 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\icqplugin-8.xml [2011.09.06 15:47:06 | 000,000,950 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\icqplugin-9.xml [2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\icqplugin.xml [2011.10.13 14:23:49 | 000,002,516 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\SearchResults.xml [2011.07.09 22:37:43 | 000,003,915 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\SweetIM Search.xml [2011.07.09 22:37:59 | 000,003,915 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Mozilla\Firefox\Profiles\vy4h9v67.default\searchplugins\sweetim.xml [2011.11.23 18:34:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010.11.07 21:56:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011.11.23 18:34:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.05.22 17:22:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} () (No name found) -- C:\USERS\LATIF\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VY4H9V67.DEFAULT\EXTENSIONS\{2BFC8624-5B8A-4060-B86A-E78CCBC38509}.XPI [2011.09.30 21:57:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.04.14 04:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.09.30 21:57:45 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.09.30 21:57:45 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.09.30 21:57:45 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.09.30 21:57:45 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.13 14:23:49 | 000,002,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml [2011.09.30 21:57:45 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.09.30 21:57:45 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Web Search () CHR - default_search_provider: search_url = hxxp://www.searchqu.com/web?src=crb&appid=119&systemid=406&sr=0&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - Extension: Facemoods = C:\Users\Latif\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\ CHR - Extension: ICQ Sparberater = C:\Users\Latif\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpllndkedbnmonoomepeeglghdelffo\1.3.668_0\ O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\BROWSE~1.DLL (Bandoo Media, inc) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7018.1622\swg64.dll (Google Inc.) O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll File not found O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.) O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll (facemoods.com BHO) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WI3C8A~1\Datamngr\BROWSE~1.DLL (Bandoo Media, inc) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.) O2 - BHO: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeo0.dll (Conduit Ltd.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com) O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC) O2 - BHO: (ICQ Sparberater) - {FE163F11-1919-4257-A280-FF5AF8DAEECB} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh) O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll File not found O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeo0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll (facemoods.com) O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Program Files (x86)\Winload\prxtbWinl.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Veoh Web Player Toolbar) - {CD90BF73-20F6-44EF-993D-BB920303BD2E} - C:\Program Files (x86)\Veoh_Web_Player\prxtbVeo0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE (Bandoo Media, inc) O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe (facemoods.com) O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Latif\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKCU..\Run: [Corel Photo Downloader] "c:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup File not found O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) O4 - Startup: C:\Users\Latif\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O8:64bit: - Extra context menu item: &Alles mit FlashGet laden - C:\Program Files (x86)\FlashGet\jc_all.htm () O8:64bit: - Extra context menu item: &Mit FlashGet laden - C:\Program Files (x86)\FlashGet\jc_link.htm () O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Latif\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: &Alles mit FlashGet laden - C:\Program Files (x86)\FlashGet\jc_all.htm () O8 - Extra context menu item: &Mit FlashGet laden - C:\Program Files (x86)\FlashGet\jc_link.htm () O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Latif\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe (FlashGet.com) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\Windows\SysNative\nvLsp64.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {5C1B293E-DA77-4AFF-8B52-63DEF8C8A071} hxxp://download.netmarble.net/ActiveX/NMAutoUpdateX/NMAutoUpdateX_1.0.1.1_20091109.cab (NetmarbleAutoUpdater Class) O16 - DPF: {89F434A7-4A49-4394-AC02-007480331AE2} hxxp://download.netmarble.net/ActiveX/NMAutoUpdateX/SystemIDInfo/NMSystemIDInfo_1.0.0.1.cab (NetmarbleSystemIDInfo Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} hxxp://download.netmarble.net/kdefence/100929/kdfense8.cab (Kdfense8 Control) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A4F0A5F-8EA0-44EA-AF9A-AB6E3FBD2D6E}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll File not found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll File not found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\dssrequest - No CLSID value found O18 - Protocol\Handler\sacore - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (c:\progra~2\wi3c8a~1\datamngr\datamngr.dll) -c:\progra~2\wi3c8a~1\datamngr\datamngr.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (c:\progra~2\wi3c8a~1\datamngr\iebho.dll) -c:\progra~2\wi3c8a~1\datamngr\iebho.dll (Bandoo Media, inc) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.12.10 17:06:54 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.12.11 21:24:56 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Latif\Desktop\OTL.exe [2011.12.09 17:35:33 | 001,024,760 | ---- | C] (Fossinator) -- C:\Users\Latif\Desktop\SilkTool.exe [2011.12.08 16:44:47 | 001,577,776 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Latif\Desktop\tdsskiller.exe [2011.12.07 22:41:22 | 000,000,000 | ---D | C] -- C:\Users\Latif\AppData\Local\{02FC8308-1546-47F3-8555-E57F6B269934} [2011.12.07 22:40:57 | 000,000,000 | ---D | C] -- C:\Users\Latif\AppData\Local\{65A4CA1C-BB40-4CB1-B028-E1E64CF08FCC} [2011.12.07 22:15:31 | 000,000,000 | ---D | C] -- C:\Users\Latif\AppData\Local\{044112C4-B751-4A83-BD2B-236DA3616A25} [2011.12.05 17:55:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue [2011.12.05 17:52:27 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10 [2011.12.05 17:52:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink [2011.12.05 16:59:29 | 000,000,000 | ---D | C] -- C:\Users\Latif\Documents\MAGIX_MusicEditor [2011.12.02 17:06:34 | 000,000,000 | ---D | C] -- C:\Users\Latif\Desktop\WOI_SETUP_V230_1125 [2011.12.02 17:06:12 | 000,000,000 | ---D | C] -- C:\Users\Latif\AppData\Local\PMB Files [2011.12.02 17:06:11 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2011.12.02 17:05:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2011.11.23 20:53:25 | 000,000,000 | ---D | C] -- C:\Users\Latif\Documents\Meine Bewerbungen [2011.11.23 18:38:27 | 000,000,000 | ---D | C] -- C:\Users\Latif\AppData\Roaming\OpenOffice.org [2011.11.23 18:36:23 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3 [2011.11.23 18:35:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2011.11.23 18:33:52 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.11.23 18:33:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.11.23 18:33:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.11.23 18:32:18 | 000,000,000 | ---D | C] -- C:\Users\Latif\Desktop\OpenOffice.org 3.3 (de) Installation Files [2011.11.21 19:31:39 | 000,000,000 | ---D | C] -- C:\Users\Latif\Desktop\Verlag Europa-Lehrmittel [2011.11.21 19:28:52 | 000,232,464 | ---- | C] (Software FX, Inc.) -- C:\Windows\SysWow64\CHART2FX.VBX [2011.11.21 19:28:52 | 000,081,920 | ---- | C] (Borland International) -- C:\Windows\SysWow64\BIVBX11.DLL [2011.11.21 19:28:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Verlag Europa-Lehrmittel [2011.11.21 19:28:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Europa [2011.11.18 23:32:26 | 000,000,000 | ---D | C] -- C:\Users\Latif\AppData\Local\cache [2011.11.18 23:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2011.11.18 23:15:55 | 000,000,000 | ---D | C] -- C:\Users\Latif\Documents\Inventor [2011.11.18 23:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared [2011.11.18 23:08:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk [2011.11.18 23:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared [2011.11.18 23:02:56 | 000,000,000 | ---D | C] -- C:\Users\Latif\AppData\Local\Autodesk [2011.11.18 23:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\Autodesk [2011.11.18 23:02:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk [2011.11.18 23:00:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared [2011.11.18 22:59:30 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2011.11.18 22:59:30 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2011.11.18 22:59:28 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2011.11.18 22:59:28 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2011.11.18 22:59:26 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2011.11.18 22:59:26 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2011.11.18 22:59:22 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2011.11.18 22:59:22 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2011.11.17 15:38:30 | 000,000,000 | ---D | C] -- C:\Users\Latif\Desktop\mustafa [2011.11.12 14:20:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2011.05.30 13:08:45 | 001,226,792 | ---- | C] (Perfect world) -- C:\Program Files (x86)\install.exe [2011.05.30 13:08:42 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\unicows.dll [2011.05.30 13:08:04 | 000,372,736 | ---- | C] (Intel Corporation) -- C:\Program Files (x86)\ijl15.dll [2009.10.17 03:04:41 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Users\Latif\Desktop\*.tmp files -> C:\Users\Latif\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.12.11 21:25:01 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Latif\Desktop\OTL.exe [2011.12.11 21:17:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.12.11 20:52:43 | 663,982,605 | ---- | M] () -- C:\Users\Latif\Desktop\EGSRO.part2.rar [2011.12.11 20:25:27 | 681,574,400 | ---- | M] () -- C:\Users\Latif\Desktop\EGSRO.part1.rar [2011.12.11 20:17:05 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.12.11 17:48:01 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.12.11 17:48:01 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.12.11 17:40:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.12.11 17:40:25 | 3220,082,688 | -HS- | M] () -- C:\hiberfil.sys [2011.12.10 16:58:31 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.12.10 16:58:31 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.12.10 16:58:31 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.12.10 16:58:31 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.12.10 16:58:31 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.12.08 19:52:49 | 000,130,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2011.12.08 16:45:05 | 001,577,776 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Latif\Desktop\tdsskiller.exe [2011.12.07 21:36:03 | 000,001,055 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.18328747837283144.exe.lnk [2011.12.06 23:38:01 | 000,001,708 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDirector 10.lnk [2011.12.06 16:17:27 | 000,000,600 | ---- | M] () -- C:\Users\Latif\PUTTY.RND [2011.12.05 18:27:27 | 000,235,296 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat [2011.12.02 19:36:50 | 000,000,958 | ---- | M] () -- C:\Users\Public\Desktop\War of the Immortals.lnk [2011.11.29 14:56:06 | 002,162,254 | ---- | M] () -- C:\Users\Latif\Desktop\IMG206.jpg [2011.11.29 14:56:04 | 002,062,923 | ---- | M] () -- C:\Users\Latif\Desktop\IMG205.jpg [2011.11.29 14:55:54 | 002,116,082 | ---- | M] () -- C:\Users\Latif\Desktop\IMG204.jpg [2011.11.29 14:55:49 | 001,966,787 | ---- | M] () -- C:\Users\Latif\Desktop\IMG202.jpg [2011.11.29 14:55:45 | 001,964,639 | ---- | M] () -- C:\Users\Latif\Desktop\IMG203.jpg [2011.11.29 14:55:38 | 001,970,069 | ---- | M] () -- C:\Users\Latif\Desktop\IMG201.jpg [2011.11.29 14:53:27 | 001,897,547 | ---- | M] () -- C:\Users\Latif\Desktop\IMG199.jpg [2011.11.29 14:53:20 | 001,907,839 | ---- | M] () -- C:\Users\Latif\Desktop\IMG198.jpg [2011.11.25 13:48:43 | 000,013,533 | ---- | M] () -- C:\Users\Latif\Desktop\getriebe_produktion-c.jpg [2011.11.24 16:24:18 | 000,525,152 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.11.23 18:39:30 | 000,001,243 | ---- | M] () -- C:\Users\Latif\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011.11.23 18:36:23 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk [2011.11.23 18:31:54 | 168,166,968 | ---- | M] () -- C:\Users\Latif\Desktop\OOo_3.3.0_Win_x86_install-wJRE_de.exe [2011.11.21 19:28:49 | 000,000,168 | ---- | M] () -- C:\Windows\ptkfz.INI [2011.11.21 15:55:27 | 001,589,618 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.11.18 23:17:40 | 000,002,063 | ---- | M] () -- C:\Users\Public\Desktop\Inventor Fusion 2012.lnk [2011.11.18 23:11:01 | 000,000,153 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2011.11.18 23:08:14 | 000,002,108 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD 2012 - Deutsch.lnk [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Users\Latif\Desktop\*.tmp files -> C:\Users\Latif\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.12.11 20:30:26 | 663,982,605 | ---- | C] () -- C:\Users\Latif\Desktop\EGSRO.part2.rar [2011.12.11 20:04:06 | 681,574,400 | ---- | C] () -- C:\Users\Latif\Desktop\EGSRO.part1.rar [2011.12.07 21:36:03 | 000,001,055 | ---- | C] () -- C:\Users\Latif\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0.18328747837283144.exe.lnk [2011.12.05 18:27:27 | 000,235,296 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011.12.05 17:52:27 | 000,001,708 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDirector 10.lnk [2011.12.02 19:36:50 | 000,000,958 | ---- | C] () -- C:\Users\Public\Desktop\War of the Immortals.lnk [2011.11.29 14:54:05 | 002,162,254 | ---- | C] () -- C:\Users\Latif\Desktop\IMG206.jpg [2011.11.29 14:53:53 | 002,062,923 | ---- | C] () -- C:\Users\Latif\Desktop\IMG205.jpg [2011.11.29 14:53:48 | 002,116,082 | ---- | C] () -- C:\Users\Latif\Desktop\IMG204.jpg [2011.11.29 14:53:41 | 001,966,787 | ---- | C] () -- C:\Users\Latif\Desktop\IMG202.jpg [2011.11.29 14:53:35 | 001,964,639 | ---- | C] () -- C:\Users\Latif\Desktop\IMG203.jpg [2011.11.29 14:53:28 | 001,970,069 | ---- | C] () -- C:\Users\Latif\Desktop\IMG201.jpg [2011.11.29 14:53:21 | 001,897,547 | ---- | C] () -- C:\Users\Latif\Desktop\IMG199.jpg [2011.11.29 14:53:14 | 001,907,839 | ---- | C] () -- C:\Users\Latif\Desktop\IMG198.jpg [2011.11.25 13:48:43 | 000,013,533 | ---- | C] () -- C:\Users\Latif\Desktop\getriebe_produktion-c.jpg [2011.11.23 18:39:30 | 000,001,243 | ---- | C] () -- C:\Users\Latif\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011.11.23 18:36:23 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk [2011.11.23 18:26:34 | 168,166,968 | ---- | C] () -- C:\Users\Latif\Desktop\OOo_3.3.0_Win_x86_install-wJRE_de.exe [2011.11.21 19:28:53 | 000,402,432 | ---- | C] () -- C:\Windows\SysWow64\C4fox.dll [2011.11.21 19:28:53 | 000,216,064 | ---- | C] () -- C:\Windows\SysWow64\MDI16KH.DLL [2011.11.21 19:28:52 | 000,572,206 | ---- | C] () -- C:\Windows\SysWow64\_C6DBDLL.DLL [2011.11.21 19:28:49 | 000,000,168 | ---- | C] () -- C:\Windows\ptkfz.INI [2011.11.18 23:17:40 | 000,002,063 | ---- | C] () -- C:\Users\Public\Desktop\Inventor Fusion 2012.lnk [2011.11.18 23:11:01 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2011.11.18 23:08:14 | 000,002,108 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD 2012 - Deutsch.lnk [2011.11.18 22:51:56 | 001,589,618 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.11.11 15:35:59 | 000,008,192 | ---- | C] () -- C:\Users\Latif\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.11.11 15:34:32 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011.11.11 15:34:32 | 000,000,088 | RHS- | C] () -- C:\ProgramData\9B34C26361.sys [2011.10.13 15:01:53 | 000,004,873 | ---- | C] () -- C:\ProgramData\qjaxlkio.dss [2011.09.05 21:12:42 | 000,000,028 | ---- | C] () -- C:\Windows\Robota.INI [2011.08.24 15:23:18 | 000,000,502 | ---- | C] () -- C:\Windows\kaillera.ini [2011.08.14 01:42:39 | 000,000,000 | ---- | C] () -- C:\Users\Latif\AppData\Local\{E56FEF0F-5053-4AD6-AB98-B2FF21EC869A} [2011.05.30 13:08:37 | 000,763,189 | ---- | C] () -- C:\Program Files (x86)\setup5.jpg [2011.05.30 13:08:33 | 000,682,545 | ---- | C] () -- C:\Program Files (x86)\setup4.jpg [2011.05.30 13:08:29 | 000,758,423 | ---- | C] () -- C:\Program Files (x86)\setup3.jpg [2011.05.30 13:08:25 | 000,923,287 | ---- | C] () -- C:\Program Files (x86)\setup2.jpg [2011.05.30 13:08:21 | 000,656,303 | ---- | C] () -- C:\Program Files (x86)\setup1.jpg [2011.05.30 13:08:17 | 000,634,966 | ---- | C] () -- C:\Program Files (x86)\setup0.jpg [2011.05.30 13:08:14 | 000,081,803 | ---- | C] () -- C:\Program Files (x86)\Logo.jpg [2011.05.30 13:08:11 | 000,028,672 | ---- | C] () -- C:\Program Files (x86)\JPGI.dll [2011.05.30 13:08:08 | 000,004,856 | ---- | C] () -- C:\Program Files (x86)\install.ini [2011.05.30 12:28:40 | 1344,585,209 | ---- | C] () -- C:\Program Files (x86)\data2.pck [2011.05.30 11:28:19 | 2097,169,864 | ---- | C] () -- C:\Program Files (x86)\data1.pck [2011.05.30 11:28:12 | 000,917,568 | ---- | C] () -- C:\Program Files (x86)\check.md [2011.05.30 11:28:10 | 000,000,044 | ---- | C] () -- C:\Program Files (x86)\AutoRun.inf [2010.10.06 15:33:21 | 000,000,000 | ---- | C] () -- C:\Users\Latif\AppData\Roaming\wklnhst.dat [2010.10.02 20:43:45 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2007.04.27 08:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2006.10.10 18:27:09 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin ========== Alternate Data Streams ========== @Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:4D066AD2 @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:AB689DEA @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:5D7E5A8F @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:93DE1838 @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:E1F04E8D @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:E3C56885 @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:ABE89FFE @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:444C53BA @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:0B9176C0 < End of report > |
11.12.2011, 21:43 | #4 |
| Kann Taskmanager nicht starten OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 11.12.2011 21:27:17 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Latif\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 21,13% Memory free 8,00 Gb Paging File | 4,29 Gb Available in Paging File | 53,63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 458,87 Gb Total Space | 283,22 Gb Free Space | 61,72% Space Free | Partition Type: NTFS Drive D: | 458,87 Gb Total Space | 458,58 Gb Free Space | 99,94% Space Free | Partition Type: NTFS Computer Name: LATIF-PC | User Name: Latif | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{03136F9A-A046-B531-412F-C205BD64316C}" = ATI Catalyst Install Manager "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{111ABAC1-37EA-7E8C-C9E6-AB80915EEDD3}" = ATI AVIVO64 Codecs "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{26A24AE4-039D-4CA4-87B4-2F86416025FF}" = Java(TM) 6 Update 25 (64-bit) "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5783F2D7-A001-0407-0102-0060B0CE6BBA}" = AutoCAD 2012 - Deutsch "{5783F2D7-A001-0407-1102-0060B0CE6BBA}" = AutoCAD 2012 Language Pack - Deutsch "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support "{A5EC1C89-DA8E-DD40-5157-530A1C2E500B}" = ccc-utility64 "{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10 "{B6EFD9A5-2ECE-4C22-BAEC-D16E73EA2013}" = iTunes "{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{E552C39C-C70E-464F-9733-8311331BDD90}" = Autodesk Inventor Fusion Plugin Language Pack for AutoCAD 2012 "{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}" = Autodesk Inventor Fusion Plugin for AutoCAD 2012 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012 "{FFF7F80F-929E-497F-A112-B070DE816128}" = Autodesk Inventor Fusion 2012 Language Pack "AutoCAD 2012 - Deutsch" = AutoCAD 2012 - Deutsch "Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012 "Autodesk Inventor Fusion Plugin for AutoCAD 2012" = Autodesk Inventor Fusion plug-in for AutoCAD 2012 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "NewBlue Art Effects for PDR10" = Art Effects for PDR10 "NVIDIA Drivers" = NVIDIA Drivers "WinRAR archiver" = WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{039137CA-30DC-1540-1E8C-33869CAEA7B2}" = CCC Help English "{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service "{098497EF-0004-FADA-7BD6-ABE17F1910FF}" = CCC Help Italian "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{1104E2E0-9378-455d-9E0E-6235A4E52DB0}_is1" = ArchLord "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{165B6E55-1E3B-0929-66FF-77CCE0AD793C}" = Catalyst Control Center Graphics Light "{16D0F2D2-242C-4885-BEF1-4B1655C141AE}" = Bing Bar "{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{198573D8-60B3-4BBA-9B35-A8D2AFA8B5C0}" = MAGIX Music Maker 17 Premium (Sound package) "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1D1D2C61-5DF5-20BD-1CAE-995C7F09856A}" = CCC Help Greek "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1E2D8EE2-6FE2-15C8-B091-0B80D8AB58A4}" = CCC Help Chinese Traditional "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1F9BE94D-A52E-C005-878F-A9AC4E7BD3FE}" = Catalyst Control Center Core Implementation "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{255FC1CF-2620-4B64-BE02-79B9E609BB3D}" = Webzen Game Starter "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 25 "{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2C193B20-9FAC-9AFB-EF0D-B9D57D59C427}" = CCC Help Turkish "{2C494A86-50CB-0C64-FB04-3993C4429DE5}" = CCC Help Norwegian "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance "{324BB225-2A79-E08A-2421-7A4F38BBF541}" = CCC Help Hungarian "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed "{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition "{359B81BB-C2FD-691B-65AB-EAC26A685BE4}" = Catalyst Control Center Graphics Full New "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3DC26E05-22CD-38E4-63FE-A752EF4E918C}" = CCC Help Korean "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{47E16407-05D3-4D2A-B2B9-C30700B7C2AD}" = LogMeIn Hamachi "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{4D65780C-E307-1379-BAC8-B30E51363ECD}" = Catalyst Control Center Graphics Full Existing "{4E38B509-B471-A963-FB30-34E3D7F91421}" = Catalyst Control Center Localization All "{506E0320-F8A1-0983-09D9-33DFBBC425B4}" = CCC Help Chinese Standard "{511FA8D0-78BE-47F9-AEB0-CDF377E3064A}" = MAGIX Music Maker 17 Premium (Instrument package 1) "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync "{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress "{59A1E95E-D712-BF6B-5656-C690E1575B8D}" = Catalyst Control Center InstallProxy "{5D0BAA26-7D88-4343-A507-F439566E1DDD}" = MAGIX Music Maker 17 Premium (Instrument package 2) "{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE "{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012 "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{7024FFDC-0D2D-B3AE-6B52-AF1F5503D9FF}" = CCC Help Portuguese "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6 "{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart "{799A321F-F3E8-4B04-8AF7-2CBB82E56169}" = MAGIX Speed burnR (MSI) "{79A2DA7D-5EA4-B8A6-52D6-75A8F94CA6C5}" = CCC Help Thai "{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime "{7DEAB00D-BE9B-8BE7-2941-76A6422B6F00}" = CCC Help Japanese "{7EDF7572-CC22-C22C-DF2B-BB28C14FBE4A}" = CCC Help Polish "{7EE9145D-C430-44E6-B5ED-61FF9C332101}_is1" = War of the Immortals "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2 "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2 "{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10 "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19 "{888F8AC3-9E79-572B-4DF6-B30C3B82C4AB}" = CCC Help Czech "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console "{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012 "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007 "{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007 "{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007 "{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{949DBB22-2FB7-4de1-804C-23D495A988D8}" = CuteFTP 8 Home "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58 "{97B4DF0B-7499-455F-AFBA-F70F64D6D86A}" = SweetIM for Messenger 3.5 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B8EAE18-A459-2045-FA53-72ED67AD9138}" = CCC Help French "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D134213-C5F4-4D55-9E36-FEB4C12FD27A}" = PC-Trainer Kfz-Technik "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A1194237-547A-461d-BD44-B97B1574A7DA}" = SweetIM Toolbar for Internet Explorer 4.1 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A85BD682-BB11-EFDD-9ED1-93758072FA2D}" = CCC Help Danish "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10 "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.2 MUI "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center "{B352D3F6-352B-4031-9C79-2C7A26062BBC}" = MAGIX Music Maker 17 Premium (Synthesizer and effects) "{B4B04CA4-25F6-4A20-B0CA-51FAEF566E94}" = MAGIX Screenshare "{B77D544F-6D58-B8E4-62F4-8704A59CD186}" = CCC Help Russian "{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup "{C58B395E-7C8F-F714-4A34-64520ED4E9DF}" = ccc-core-static "{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D2734CE1-D0DD-9FEE-C5E6-038D442308F8}" = Catalyst Control Center Graphics Previews Vista "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D9144AC7-8565-B644-FB32-F38121545524}" = CCC Help German "{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade "{DC5DAE33-52D3-40B2-B85A-0F93CBD78A69}" = MAGIX Music Maker 17 Premium Download-Version "{E07C281D-F796-DB19-AFD7-3D186DE2D45F}" = CCC Help Finnish "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide "{e30fce96-c91b-4f1f-af7b-1bf58fdbbf24}" = Nero 9 Essentials "{E4C27ADB-3345-4299-82F8-9250DFF47156}" = MAGIX Music Maker 17 Premium (Demo songs) "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer "{EB6C866D-1695-5781-7023-F1F806522213}" = CCC Help Spanish "{EE10D76C-39B7-40A8-A24C-1BEEACBED160}" = Catalyst Control Center - Branding "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter "{F4884EA7-CF31-4E87-B840-CFE161BD81D3}" = MAGIX Music Maker 17 Premium (Instrument package 3) "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FB26A501-6BA6-459B-89AA-9736730752FB}" = VoiceOver Kit "{FB354938-180A-5AE5-9BAC-6E3D1557CF08}" = CCC Help Dutch "{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool "{FE163F11-1919-4257-A280-FF5AF8DAEECB}" = ICQ Sparberater "{FE383B51-D6DA-CCAB-5B01-2F2042F1FAE4}" = CCC Help Swedish "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Akamai" = Akamai NetSession Interface Service "Any Video Converter_is1" = Any Video Converter 3.3.0 "Avira AntiVir Desktop" = Avira Free Antivirus "BabylonToolbar" = Babylon toolbar on IE "conduitEngine" = Conduit Engine "DMO" = GDMO "DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar "facemoods" = Facemoods Toolbar "FlashGet" = FlashGet 1.9.6.1073 "Fraps" = Fraps (remove only) "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7 "Free Video to iPhone Converter_is1" = Free Video to iPhone Converter version 3.2.12 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.815 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "Hotkey Utility" = Hotkey Utility "ICQToolbar" = ICQ Toolbar "Identity Card" = Identity Card "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager "InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager "InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10 "kdefense" = K-Defense8 Control - Å°º¸µå º¸¾È "LogMeIn Hamachi" = LogMeIn Hamachi "MAGIX_MSI_mm17dlx" = MAGIX Music Maker 17 Premium Download-Version "Movavi Video Converter 11" = Movavi Video Converter 11 "Mozilla Firefox 7.0.1 (x86 de)" = Mozilla Firefox 7.0.1 (x86 de) "OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch "PhotoScape" = PhotoScape "SearchCore for Browsers" = SearchCore for Browsers "Searchqu 406 MediaBar" = Windows iLivid Toolbar "Silkroad" = Silkroad "TeamSpeak 3 Client" = TeamSpeak 3 Client "TeamViewer 6" = TeamViewer 6 "Uninstall_is1" = Uninstall 1.0.0.1 "Veoh_Web_Player Toolbar" = Veoh Web Player Toolbar "VLC media player" = VLC media player 1.1.4 "WinLiveSuite" = Windows Live Essentials "Winload Toolbar" = Winload Toolbar ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "Google Chrome" = Google Chrome "PhotoFiltre" = PhotoFiltre ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 21.11.2011 12:48:50 | Computer Name = Latif-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 21.11.2011 12:48:51 | Computer Name = Latif-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 21.11.2011 12:48:57 | Computer Name = Latif-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 21.11.2011 12:48:57 | Computer Name = Latif-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 21.11.2011 12:49:02 | Computer Name = Latif-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 21.11.2011 12:49:02 | Computer Name = Latif-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 21.11.2011 12:50:31 | Computer Name = Latif-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 21.11.2011 12:50:31 | Computer Name = Latif-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 22.11.2011 10:55:02 | Computer Name = Latif-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 23.11.2011 10:20:26 | Computer Name = Latif-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . [ System Events ] Error - 07.12.2011 16:41:40 | Computer Name = Latif-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 07.12.2011 17:28:08 | Computer Name = Latif-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 07.12.2011 23:58:51 | Computer Name = Latif-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 08.12.2011 11:09:57 | Computer Name = Latif-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 08.12.2011 14:47:51 | Computer Name = Latif-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 08.12.2011 19:24:21 | Computer Name = Latif-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 08.12.2011 19:30:15 | Computer Name = Latif-PC | Source = Service Control Manager | ID = 7022 Description = Der Dienst "Windows Update" wurde nicht richtig gestartet. Error - 09.12.2011 09:49:33 | Computer Name = Latif-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 10.12.2011 11:52:38 | Computer Name = Latif-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 11.12.2011 12:40:43 | Computer Name = Latif-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 < End of report > |
11.12.2011, 22:09 | #5 |
| Kann Taskmanager nicht starten Hi, askbar ist drauf, lasse es aber mal...
Code:
ATTFilter :OTL O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 @Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:4D066AD2 @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:AB689DEA @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:5D7E5A8F @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:93DE1838 @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:E1F04E8D @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:E3C56885 @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:ABE89FFE @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:444C53BA @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:0B9176C0 :Commands [emptytemp] [CREATERESTOREPOINT] [EMPTYFLASH] [Reboot]
Malwarebytes Antimalware (MAM) Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen: http://filepony.de/download-chameleon/ Danach bitte update der Signaturdateien (Reiter "Update" -> Suche nach Aktualisierungen") Fullscan und alles bereinigen lassen! Log posten. chris
__________________ Don't bring me down Vor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
11.12.2011, 22:30 | #6 |
| Kann Taskmanager nicht starten der taskmanager funktioniert wieder. soll ich das trotzdem mit dem Malwarebytes Anti-Malware machen ? |
11.12.2011, 22:36 | #7 |
| Kann Taskmanager nicht starten Hi, zur Sicherheit ja, ich habe das Log "überflogen"... chris
__________________ Don't bring me down Vor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
11.12.2011, 23:52 | #8 |
| Kann Taskmanager nicht starten danke für die hilfe ich find leider die log datei nich mehr deswegen kann ich den nich posten XD aber es hat alles funktioniert und der taskmanager geht auch wieder =) nochmals danke ^_^ |
Themen zu Kann Taskmanager nicht starten |
arten, avira, cleaner, durchsucht, frage, fragen, funktionier, funktioniert, funktioniert nicht, nicht starten, programm, programme, runtergeladen, schließe, starte, starten, taskma, taskmanager, tdsskiller, tipps, ukash, ukash virus, viren, virus, woran |