| |
| |||||||
Log-Analyse und Auswertung: Bundespolizei Virus 100€Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.03.2012, 22:43
| #1 |
| |  Bundespolizei Virus 100€ Windowsuptade 100 Euro Bundespolizei Virus 100€ trojaner OTL Logfile: Code:
ATTFilter OTL logfile created on: 24.03.2012 22:49:56 - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Bingöl\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,68 Gb Total Physical Memory | 6,75 Gb Available Physical Memory | 87,94% Memory free 15,36 Gb Paging File | 14,47 Gb Available in Paging File | 94,25% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 684,54 Gb Total Space | 609,61 Gb Free Space | 89,05% Space Free | Partition Type: NTFS Drive E: | 7,50 Gb Total Space | 1,54 Gb Free Space | 20,52% Space Free | Partition Type: FAT32 Computer Name: BINGÖL-PC | User Name: Bingöl | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.03.24 22:49:15 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Bingöl\Downloads\OTL.exe PRC - [2012.03.19 21:56:01 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ========== Modules (No Company Name) ========== MOD - [2012.03.19 21:56:01 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2011.12.25 01:05:00 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ========== Win32 Services (SafeList) ========== SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011.07.03 20:09:40 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.03.13 18:31:05 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.10.27 21:02:56 | 001,620,584 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.09.21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.08.10 10:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2010.06.29 00:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2010.06.11 14:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2010.06.02 00:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2010.05.27 04:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService) SRV - [2010.04.13 18:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 05:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010.03.18 05:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Stopped] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2010.01.09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2009.11.02 12:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.10.01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011.10.01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011.10.01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011.10.01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011.07.03 20:09:42 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.07.03 20:09:42 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.05.10 07:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl) DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.10.28 03:06:00 | 000,024,680 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2010.09.22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010.09.22 02:47:10 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010.08.25 18:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010.07.09 04:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2010.06.21 10:45:56 | 000,287,232 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2010.06.03 20:59:00 | 004,171,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2010.05.15 14:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:64bit: - [2010.04.20 03:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2010.04.13 18:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.04.13 11:15:04 | 000,135,560 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2010.02.27 00:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009.11.02 12:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2009.09.17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.03 04:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009.06.03 04:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009.06.03 04:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Acer | MSN IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Acer | MSN IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Acer | MSN IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Acer | MSN IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Acer | MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\..\SearchScopes,DefaultScope = {F373571C-3CC0-450A-9C06-BF62B028B947} IE - HKCU\..\SearchScopes\{F373571C-3CC0-450A-9C06-BF62B028B947}: "URL" = hxxp://search.softonic.com/MON00015/tb_v1?q={searchTerms}&SearchSource=4&cc= IE - HKCU\..\SearchScopes\{F4514CA2-E6B4-4B94-9EB9-0999FE5F3974}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Bingöl\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.19 21:56:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.02.18 21:47:28 | 000,000,000 | ---D | M] [2012.02.18 21:18:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bingöl\AppData\Roaming\mozilla\Extensions [2012.02.18 21:18:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.03.19 21:56:01 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.04.14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll [2011.10.20 03:42:12 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012.02.16 12:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.02.16 11:48:01 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.02.16 12:02:53 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.02.16 12:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.16 12:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.16 12:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKCU..\Run: [Facebook Update] C:\Users\Bingöl\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [Update] C:\Users\Bingöl\AppData\Roaming\0.6234948104388318.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Bingöl\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bingöl\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Bingöl\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bingöl\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3731DCB1-C0F4-49A3-BF32-1DFF6F9972A8}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3EA68F5A-0C86-47D5-87EB-E9B369B9AAB8}: DhcpNameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4046A7FF-2699-462C-913A-7A28C3454144}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.03.24 22:38:27 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{6456B680-C7AF-47D0-AD4A-6BEE8B0E14FA} [2012.03.24 22:38:17 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{5A83224E-2AA6-4AD0-A6FD-2439EB9FB025} [2012.03.24 21:52:52 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{DC1280FF-461C-4E87-97C0-7681FBF635E2} [2012.03.24 21:52:42 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F26E6375-BE4C-48BA-99DD-686FE9AC3F81} [2012.03.24 19:51:37 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{A13A88C8-7A76-46F5-8C09-7032133B5FA4} [2012.03.24 19:51:27 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{ADED043E-375E-4C65-BFEC-9A7B658748F5} [2012.03.24 10:12:53 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{7D671DCE-F17B-47A1-BA1A-A1104D808579} [2012.03.24 10:12:36 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{C05993A2-3C17-403F-969D-9FCA0BD85FCB} [2012.03.23 23:38:57 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{CFFB0A59-4595-46FB-8C81-3794A8F0E800} [2012.03.23 23:38:46 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F68BE879-12DF-4725-85D7-67A82F93C04E} [2012.03.23 20:24:20 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{DA3EC927-BCFC-45D3-8E27-BE4FBC2D1698} [2012.03.23 20:24:10 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{9398865F-0FDE-402A-8719-CA9B25783FE4} [2012.03.23 18:29:40 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{492D470C-50C1-474C-8B68-DC394F2ED550} [2012.03.23 18:29:30 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{73495D02-8E9B-4349-87E6-D230A90BE9B1} [2012.03.23 17:00:27 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{DF5BA59A-A8A8-4596-872E-D4199EA37176} [2012.03.23 17:00:16 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{C8ECB52F-5548-43E6-8220-9157F7B326F7} [2012.03.23 16:36:55 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{06C8622D-7C2A-400E-BF74-17552ADDEEDC} [2012.03.23 16:36:44 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F28B7388-D62F-4F1A-86DF-58169E9DFF42} [2012.03.23 15:28:30 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Roaming\FileZilla [2012.03.23 15:28:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client [2012.03.23 15:28:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client [2012.03.23 15:27:44 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{C2184BC8-A43E-4168-8AA7-59B229701C2F} [2012.03.23 15:27:33 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{9B1C0EF3-5C21-4F2E-97EE-F82415777720} [2012.03.22 21:28:08 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{8E7CC0F2-7025-4938-BA5E-A0C67930AE73} [2012.03.22 21:27:58 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F61A6236-1E38-447C-BF58-654889BFA700} [2012.03.21 22:49:39 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\Facebook [2012.03.21 21:48:01 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{8E794847-2A19-4844-A29D-48007F08ABD9} [2012.03.21 21:47:50 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{6AA71A3D-E0F3-457E-9660-FB8BC9BC363D} [2012.03.21 18:32:25 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F87C3E06-4CBF-4BFB-891A-5E6A9072BBEC} [2012.03.21 18:32:14 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{32C391B9-754B-4791-B9C8-264E43949012} [2012.03.21 11:02:41 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{E7EDCB97-334F-4F6B-AE3E-5A09AC0BA2EB} [2012.03.21 11:01:01 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{31C35B13-53F3-41F2-B509-3401B9F1B564} [2012.03.20 23:51:06 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{5D1B67B1-BB65-4698-9981-DF11B9833886} [2012.03.20 23:50:52 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{E1000213-9C63-4EA4-8173-E18A0B16C0FD} [2012.03.20 15:59:32 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{BA137F1C-0265-479A-9CC8-6285A4B59CA3} [2012.03.20 15:59:21 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{388837D3-7662-4D6F-A70B-3EFF2C25404B} [2012.03.20 13:00:05 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F455EE3A-B696-4BFF-A8D3-52B69A8C0554} [2012.03.20 12:59:54 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{DCDC6F35-9D1B-4033-BB56-85B41249BD39} [2012.03.20 09:18:37 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{A4DE5A33-9DE8-4EA6-9C3E-8FD72AA6BC4A} [2012.03.20 09:18:27 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{D398854D-0EE3-42D2-B5E8-478C42BB826A} [2012.03.19 22:09:51 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{B55BF828-ADBD-4C19-A3C6-CDB0BB14035D} [2012.03.19 22:09:41 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{DA6F90B4-8760-413D-9AEA-5BAF11CF308A} [2012.03.19 21:56:09 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{46F1027A-A8E1-41DC-B632-126C6D7B9F0F} [2012.03.19 21:55:57 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{7B32C1D6-A0F9-4F25-8777-010D582304AA} [2012.03.19 20:22:15 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{67339CF3-AD31-4824-9E6C-18838C025231} [2012.03.19 20:22:05 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{63688D47-205C-4241-8686-36B6CEF5BDEC} [2012.03.19 18:53:15 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{5FBD7AFD-0246-4553-AC49-BE9FA3C6FDB8} [2012.03.19 18:53:04 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{33DCC59C-7A60-4157-93D1-C0D40E15BB0B} [2012.03.19 18:09:18 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{01DECAAA-9795-4BFB-B741-D04BED96B65B} [2012.03.19 18:09:08 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{D56BEFFF-CBB8-4CFD-BCCB-F65D0DB70488} [2012.03.19 17:18:37 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{EC7A7CDA-46C5-4821-BC19-20A576176F7F} [2012.03.19 17:18:27 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{E8488707-E1D8-4BED-B508-D5F7AF2E2CEC} [2012.03.19 12:47:17 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{4F39774B-04B5-4429-A748-BDCA284AE2D0} [2012.03.19 12:45:09 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{09CCB4DA-AC10-43A3-9ECD-5B2D03E8D443} [2012.03.18 22:26:59 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{83E848DF-229C-4FE9-9E93-00F2032F28D0} [2012.03.18 22:26:49 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{9D45FB23-FE8B-4D1F-B7DE-1F0377CC0504} [2012.03.18 15:46:57 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{C0BF8B04-6BA4-4574-85CF-740F55CE35BD} [2012.03.18 15:46:46 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{B5B0596A-50DE-4DD0-9917-DEED394D2BD4} [2012.03.18 14:22:19 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{07A54C46-5569-4D8A-9691-5C2A9C2FA23A} [2012.03.18 14:22:09 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{2A050203-5BD3-4217-A247-391D00C442B2} [2012.03.17 23:55:32 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{22A02F6D-8C73-440E-92C5-D243865CDF75} [2012.03.17 23:55:21 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{C7903A8E-7C72-4166-92CE-46B530234230} [2012.03.17 20:46:50 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{7B9E7988-10CF-42A9-8AB0-05ED6DCE40FF} [2012.03.17 20:46:40 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{659F2D70-63AA-4EF8-87E5-883F9EC7FC3C} [2012.03.17 19:27:17 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{E46C8E58-51C5-452D-ACA3-7E2C00C1E12D} [2012.03.17 19:27:06 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{A068AAE5-FFCD-4DA2-B7B2-4A77BCC3EF09} [2012.03.17 15:10:48 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{5824E2DB-75E1-4144-8AB5-2B0404F377C0} [2012.03.17 15:10:37 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{47391408-D1D7-47FB-8B34-E74D92BB99D2} [2012.03.17 12:09:13 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{3BE7A87D-1327-47C0-A5F7-FE2AB931A358} [2012.03.17 12:09:02 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{8AFE1771-CA00-4B24-A6F1-F42F84D387EE} [2012.03.17 00:04:49 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{361011C6-4D1F-47CA-806D-7160C27F858C} [2012.03.17 00:04:38 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{94046FDB-8D07-4486-8FC4-58C97A58832A} [2012.03.16 19:31:13 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{8C7ACD52-6545-4AC0-B579-83FF8E5DFE8F} [2012.03.16 19:30:59 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{A6339EED-2472-4809-A53A-A27FAE28A146} [2012.03.16 18:16:55 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{1B3E82AC-CD26-4D87-AEA0-CEB10F156626} [2012.03.16 18:16:43 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{BB741C2F-8A9D-4775-8494-A3209F8AC165} [2012.03.16 16:03:07 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{C6D124B1-0D3B-4E45-8E48-4749B08A5C0D} [2012.03.16 16:02:57 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{681A3D3C-F00C-45DB-877B-384516E5B809} [2012.03.15 22:45:19 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{8032FC1F-8B61-4E82-B093-2E31748B77BB} [2012.03.15 22:45:09 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{95BB48C9-DA0B-4D5E-B2B9-4C3975B2DAEF} [2012.03.15 21:51:18 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{ABD23FCE-5820-4A34-999F-EC8B1FA25ADC} [2012.03.15 21:51:08 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{A9AA6A78-1614-43A5-BFA1-7F46EC8C0140} [2012.03.15 16:25:47 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{EE80FEE7-688D-48D4-9B0E-55E173387AFC} [2012.03.15 16:25:37 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{8B2CA4E3-8711-4371-80F3-716554AD0C27} [2012.03.15 13:13:18 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{C7565C38-CADC-429D-BFD2-5129A6DF1D43} [2012.03.15 13:13:07 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{80C5C148-0685-4E89-9EC8-45A47C8CDD35} [2012.03.15 11:43:54 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{E7DA1421-484D-4BCC-974B-461022015408} [2012.03.15 11:43:43 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{B65D9D38-23DB-4113-9312-C2206F511B1F} [2012.03.14 22:47:06 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{4941EA5A-1911-4B64-80D4-1D163DB0C333} [2012.03.14 22:46:56 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{AA1DB608-14E8-4CD3-A86E-2AE84EA9E39C} [2012.03.14 20:47:00 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{22E85B20-7BBA-4B58-BCCF-88B87D41FC67} [2012.03.14 20:46:49 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{3D67A865-7070-4344-90F9-B35904699B88} [2012.03.14 16:28:54 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{42E79D41-78FA-4762-8D6E-657383935E00} [2012.03.14 16:28:43 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{1A434865-39DE-4663-BAE8-B0C0324E166C} [2012.03.14 16:21:58 | 005,504,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.03.14 16:21:57 | 003,957,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.03.14 16:21:55 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.03.14 13:17:10 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{04103D1B-4DB9-4FA7-82A5-BD47BC07A2AA} [2012.03.14 13:16:59 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{9289F88F-49B7-460A-B13A-E624BDA4694A} [2012.03.14 11:15:21 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012.03.14 11:15:20 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2012.03.14 11:15:20 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2012.03.14 11:15:20 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2012.03.14 11:15:20 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2012.03.14 11:14:46 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012.03.14 11:14:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012.03.14 11:14:45 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012.03.14 11:14:44 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2012.03.14 11:14:44 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2012.03.14 11:10:02 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{31B9C03C-C071-47C6-9BA9-AEAB3250D990} [2012.03.14 11:09:47 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{4CC21B5D-8570-4047-AF59-FC6381B588AC} [2012.03.14 02:44:11 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F2506281-AD8E-47E7-9302-5535A3731F60} [2012.03.14 02:44:01 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{ED199EF4-D289-4171-B744-239F2FC6A9CC} [2012.03.13 22:50:40 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{D3427368-9B44-4B4F-816E-7FFE2F45BF0D} [2012.03.13 22:50:29 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{3D19CA1E-F59F-4850-923C-3A5F39A20CBC} [2012.03.13 19:12:34 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{1583212E-956A-4950-A404-82260464260B} [2012.03.13 19:12:22 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{B22C3E64-DD6D-4C94-8893-DC9D84CA6592} [2012.03.13 15:43:50 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{E1F0A5BE-7F65-4CF0-ADC1-6CACC973EF78} [2012.03.13 15:43:39 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{B1DDFA2A-DC02-425F-BD0E-57C97748EB4C} [2012.03.12 22:31:40 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{2D213852-F260-450A-905E-F7E86A55C0B7} [2012.03.12 22:31:30 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{CE1F0BC4-2FEB-4125-AEE4-3218403168D2} [2012.03.12 21:33:30 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{955B7676-EF91-4936-AF13-50BAC097EE74} [2012.03.12 21:33:19 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{2B2DD031-75AA-40DE-9155-0CC3EBEC2A17} [2012.03.12 18:53:26 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{9B0E258E-1737-48B3-8D23-98E26052A36B} [2012.03.12 18:53:15 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{C6503FD1-E0C5-4B53-852E-1808B824E51A} [2012.03.12 18:20:41 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F37E67F5-C962-4149-91F8-3B53180B6219} [2012.03.12 18:20:31 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{7B337E95-C33C-4F56-8E0A-AA8357F93699} [2012.03.11 22:14:37 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{3ECB9700-F861-4A6E-9D86-32D0D2831FDA} [2012.03.11 22:14:27 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{2C23E2DC-CC49-4BE4-B69F-3E8CF9BBB88A} [2012.03.11 21:53:35 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{8DA531A3-B276-45E3-84B6-4A7C4426ACA9} [2012.03.11 21:53:27 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\Desktop\Neuer Ordner [2012.03.11 21:53:25 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{C585AEF1-FB8F-492D-9645-D37101420578} [2012.03.11 20:53:34 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{1A924678-5A3F-42AD-9288-C6CB6AF32639} [2012.03.11 20:53:23 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{41415214-80DD-4F29-ADD9-D4FF4C0D6FB5} [2012.03.11 17:18:18 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{FD9EA0CC-4BD1-4A99-9029-71A9583F4285} [2012.03.11 17:18:07 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{6C7A5B1D-2735-46B7-A5A1-3033D1AE372C} [2012.03.11 15:30:41 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{826758CF-B849-4184-8A03-FE4567AD56B7} [2012.03.11 15:30:31 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{6AF16FDB-29BB-4C9B-83F3-8BB9D0C991A9} [2012.03.11 15:17:19 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{B410D666-1E26-4AEC-90D3-40AC20278DE3} [2012.03.11 12:33:35 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{FD5FDBFB-8387-4F43-992F-B34BECB4708D} [2012.03.11 12:33:28 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{9707A2AC-27B6-4AD9-957F-D6B3AFB4AD93} [2012.03.10 23:10:39 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Roaming\redsn0w [2012.03.10 22:32:03 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{055799D1-8F10-4663-BE61-086694BB85CB} [2012.03.10 22:31:53 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{A338F7AF-E4DC-4D4C-BDEC-16EFF9CFB2C7} [2012.03.10 14:56:51 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{9FBAA3D1-B188-4A36-9792-790A9CCE4D19} [2012.03.10 14:56:40 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{B769BC7D-4949-4E9C-AA29-4F2D3489F514} [2012.03.10 13:53:35 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{955A9A41-047A-46AB-93D1-D9A9AAFC57BA} [2012.03.10 13:53:25 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{408D75FF-8570-44BD-87AB-23EBB21CE450} [2012.03.10 13:21:19 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{60B20618-E9AF-49BB-93CB-C26D481FFEBE} [2012.03.10 13:19:07 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{FD91A048-8631-4B84-9E98-2186BA9496E7} [2012.03.10 00:26:07 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{585F654C-6DE3-453D-8319-F6E460F23EDC} [2012.03.10 00:25:57 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{8D460E55-B14B-41F7-8184-62B6E66DFE37} [2012.03.09 21:34:33 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{5F2F3CB4-1357-4B29-AD9A-63C9741849E3} [2012.03.09 21:34:22 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{006B79B9-80C5-4BFD-9CF8-AFAA20CD1998} [2012.03.09 19:54:23 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{B3B6D496-FE64-4194-961A-FDC8072B1069} [2012.03.09 19:54:12 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{67977D08-B116-413F-ADCB-069AD2F80F2F} [2012.03.09 18:28:19 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{658DFD43-CB6C-4E57-9461-C0CEA4293660} [2012.03.09 17:29:48 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{2AE63051-4AC4-4665-9F49-FDD1565FC9ED} [2012.03.09 17:29:38 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{2425B6D0-FDED-42F0-AB92-8085B587D9A8} [2012.03.09 15:49:57 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{0C301EE8-9F9D-4270-A40B-72685C42C46D} [2012.03.09 15:49:47 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{8FB8BDDF-0CED-4E9D-BEB0-59EC191FD7D0} [2012.03.09 13:29:47 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{361A45FE-2619-42C2-9B05-F4C23D09C9F0} [2012.03.09 13:29:37 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{3075DB4A-E7BF-4F34-ACAA-A86BE2F907F1} [2012.03.09 11:27:25 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F01E3BCB-064A-42EF-B2FA-67C49261A9A9} [2012.03.09 11:27:14 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{59BB8BC1-C809-49E0-A813-27DB0543D2AA} [2012.03.08 22:41:33 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{5D03A383-2A41-4E71-BFDC-1C6147159DCB} [2012.03.08 22:41:22 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F4C1A506-CF3A-4A9C-8B48-8F7977B70118} [2012.03.07 22:21:12 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{B2217959-2C0B-4B16-9290-A4098E413807} [2012.03.07 22:21:02 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{DBD40138-FFC3-4FC7-A123-83FE78C02D76} [2012.03.07 20:11:44 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{66F55738-DCA8-4837-8E14-82E371891141} [2012.03.07 20:11:34 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{5015FEC8-8A26-4949-8189-856D92E189DA} [2012.03.07 14:16:51 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{43840F12-D221-42A9-8938-A5DC377237A0} [2012.03.07 14:16:40 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{EF8B529A-D2B1-485C-A3AD-CE97449B1505} [2012.03.07 09:54:24 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{CC98474C-4446-4E0E-8F29-5030C40F570C} [2012.03.07 09:54:13 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F7DCDE61-45ED-404B-B7EB-0F4CE4C15878} [2012.03.06 22:42:25 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F9B62779-2201-4AE8-B889-913F5C4C44ED} [2012.03.06 22:42:15 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{6DBDFD23-00E7-4F24-924F-3B54ACF7742F} [2012.03.06 19:26:57 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{6124ED6A-AA5B-4045-BB13-843D0558D64C} [2012.03.06 19:26:46 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{D7C3F597-2C5E-464C-9F07-B1446E23909B} [2012.03.06 17:52:28 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{3DAF0DCC-2079-4F5F-81BD-05ABE98DE84C} [2012.03.06 17:52:18 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{AA720E05-908E-4DA2-971F-5FDDB8F7BD7C} [2012.03.06 12:19:22 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{DC3AC109-CED5-4261-8750-619E4C392FF4} [2012.03.06 12:16:16 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{D5C98796-0914-4DBA-B3E7-03C0030B6513} [2012.03.05 23:33:14 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{6BF1776B-A456-4A7D-AB7A-0915507AF4F5} [2012.03.05 23:33:03 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{E3C63B43-B1AA-49C4-B5EE-B8420740A462} [2012.03.05 15:45:02 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{00907C2D-249C-4506-AD46-57B143D457D3} [2012.03.05 15:43:25 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{8A3EAF2B-CFA3-4CA5-91C0-157B67A1D793} [2012.03.04 21:54:34 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{2E3E0541-325B-4B49-85C6-DE52D285BEC9} [2012.03.04 21:54:23 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{A5AFC41C-89D6-443C-A023-AB2D1F0C209C} [2012.03.04 14:32:32 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{B9C80A3B-6930-423D-A129-F849B120AA61} [2012.03.04 14:32:21 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{4ED2FDBA-5A26-4804-A128-85510CBA05CF} [2012.03.04 11:31:32 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{E6B699B0-EA3F-4684-B063-FAB645C87807} [2012.03.04 11:31:22 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{C7D75548-94C6-40AA-A72A-A61ADB5ADE6A} [2012.03.04 10:08:52 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{65598CCE-F7A1-41F6-B24F-7DE3220F16E3} [2012.03.04 10:08:42 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{CACCB43A-814A-4A9C-AB2E-7A59F4B1EA5E} [2012.03.03 22:44:28 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{E6AA4074-98FF-4026-99D6-B3609DD9E1E6} [2012.03.03 22:44:17 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{DFBC4B36-14D7-4331-8C8A-1FD000143829} [2012.03.03 19:02:18 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{C8ADE886-7E1C-4FF8-B07C-2A7B591DE5C5} [2012.03.03 19:02:07 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{74633602-30D6-47F9-B4C7-ADFB4B019ADC} [2012.03.03 16:24:54 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{CE7CD549-5DBF-4EAF-9232-4AC0E890FB9D} [2012.03.03 16:22:48 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{33BA0B4E-7D69-40A1-8FD2-FDC487732617} [2012.03.03 12:36:30 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{31A3C579-9921-47D8-B325-73AAB7337941} [2012.03.03 12:36:16 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{97913755-019A-4C41-ACC6-3EAD1BDCAC4F} [2012.03.03 11:57:29 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{B0265718-77A0-4335-BE19-62009CC937BB} [2012.03.03 11:56:54 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{D1173D6E-11FD-4ADF-877B-B65E1230A3D4} [2012.03.02 22:03:30 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{D005EED8-3B1F-4769-8368-1EF01ADB8657} [2012.03.02 22:03:20 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{0F590268-26D2-4A62-8E04-F6B85D792932} [2012.03.02 20:51:37 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{7F228242-F2DF-4D68-88C3-35BFA39E1290} [2012.03.02 20:51:26 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{15FC36FC-24ED-4A95-AF11-3BC0A056A7BA} [2012.03.02 17:16:17 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{84591F5E-3F1E-4847-9926-BD67E1394BF1} [2012.03.02 17:16:07 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{329DA275-AFAF-4135-959B-D00921E22797} [2012.03.02 14:32:20 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{24C22511-2ABE-4A58-AB2A-4D49ADC4E65D} [2012.03.02 14:32:10 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{E2CFAD03-40D9-430F-823A-F15E46ABA315} [2012.03.02 12:21:13 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{7BF39C22-052A-448F-86EF-3EE542763249} [2012.03.02 12:21:01 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{EAA237CE-7576-43F2-9E29-00DFDB693DEC} [2012.03.01 21:42:44 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{CA644D5A-C6CB-4422-89E8-FE738739AF4A} [2012.03.01 21:42:34 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{6B8584CE-CA73-4F99-AA00-A08342994F92} [2012.03.01 20:50:43 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{620936FE-3A7A-4E00-A7E6-3509F1296335} [2012.03.01 20:50:33 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{B59886D7-DA7C-4877-8C91-BF950D844025} [2012.02.29 23:53:19 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{FC4AC293-814A-418F-A138-120550079886} [2012.02.29 23:53:09 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{63B2B5D6-A7E6-4F8B-B88C-E42934CDF4A7} [2012.02.29 20:39:08 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{C20A2149-D312-4F3A-BBB3-5BC3316B8270} [2012.02.29 20:38:58 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{06AE9168-2150-4BC0-B207-1CD121649204} [2012.02.29 19:07:23 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F544A85E-E99E-466C-B40E-DB54B6DB3FC3} [2012.02.29 19:07:13 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{2F64CEE5-93B0-4906-90E8-CBBB747AE58A} [2012.02.29 16:36:46 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{8EB00C00-CB54-43F4-944D-F7E981F57065} [2012.02.29 16:36:35 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{41DDC08B-A83B-4476-81E9-8A36477A2972} [2012.02.29 15:32:53 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{A8D4657F-5607-43B1-ADF0-AB68FF05AE67} [2012.02.29 15:32:42 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{6BF70E79-F843-4E00-A945-A529CD64B45D} [2012.02.29 08:09:11 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{2657D1CB-0F11-4306-88EB-7591C7942F4C} [2012.02.29 08:09:00 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{A5781F9C-E5CD-4064-8C9E-5D49C3A854E7} [2012.02.28 21:30:42 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{72AB78A4-DA5C-461F-9266-0C7DE91B040C} [2012.02.28 21:30:32 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{CA415491-19F4-41A9-B478-9B3BDC584758} [2012.02.28 15:33:25 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{AF270098-276D-4DDA-B71F-2393B37CF191} [2012.02.28 15:33:14 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{E2959102-069A-414D-8316-DBA15B438E00} [2012.02.28 13:50:38 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{8055D912-2DB0-4131-83B5-758A89EBF5D8} [2012.02.28 13:50:28 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{7B0191D4-932A-45E0-89B2-CB23C755CE3F} [2012.02.27 22:52:09 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F9BE79AE-CFDB-401A-89F6-E61E09AE70CB} [2012.02.27 22:51:57 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{662061DC-1EF3-46E8-88BA-C0F90AED81CC} [2012.02.27 21:08:37 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{00F98DD6-6485-48D0-A6C9-9508EEF346FB} [2012.02.27 21:08:26 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{C6A0957E-3087-4EE9-9354-20377604B50B} [2012.02.27 20:31:00 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{83B93A38-3080-4A01-B877-2C0A5A6C4E17} [2012.02.27 20:30:47 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F74C207C-5F33-434B-B608-7BCE8E10DF94} [2012.02.27 19:40:16 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{2E728EC7-1396-4FB9-A9DC-9CD59C8867F7} [2012.02.27 19:40:06 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{B1FE9501-7D32-4593-8630-CBB5BC090D15} [2012.02.27 18:38:25 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{46734292-4D6F-413F-9E90-A70CF0C9D4AE} [2012.02.27 18:38:15 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F3A99406-F34A-4276-8EF4-4D4DBF0265B3} [2012.02.27 17:02:22 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{27F6B5E4-5403-43BC-BB7F-F241DE02444A} [2012.02.27 17:02:12 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{97000A3B-69A5-4D6E-9BB1-E953A7D44A25} [2012.02.27 14:46:17 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{FA0F9D8F-7B96-46EA-A492-879EED2572E0} [2012.02.27 14:46:06 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{7DD8525C-1E4C-4328-B527-1879F18598FF} [2012.02.27 13:50:13 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{BD2C0E78-36DF-44F1-9DD3-D98EA4720989} [2012.02.27 13:50:02 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{CE123F43-E2FC-418C-B476-2C368D4992F6} [2012.02.26 22:13:47 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{B48BEDF4-D625-4E4D-8A78-21CC63D4D90B} [2012.02.26 22:13:37 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{16A7BC99-7692-4D4C-9854-A1DD58F3F22C} [2012.02.26 20:32:36 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{BC5C7B3B-402A-4319-8CF9-75D2BFCC247C} [2012.02.26 20:32:26 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{729E4F5B-0526-4D10-9735-E97C804E4EA5} [2012.02.26 17:00:15 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{EC6BBF1E-2669-4B56-A5CA-D55163BC1976} [2012.02.26 17:00:05 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{F04848C1-48ED-4C81-AD25-AF8F056A9D18} [2012.02.26 13:33:17 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{3E7F9D9B-B763-4C1C-9960-77C3C7CC0E3E} [2012.02.26 13:33:07 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{A66B4A99-9FCB-41DC-9942-964E672C433C} [2012.02.25 19:13:27 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{90B6557F-3A8E-4AF5-A30C-0173AB855E61} [2012.02.25 19:13:17 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{142A836C-B148-4A2C-9FA0-157F4AA82083} [2012.02.25 14:49:00 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{5ECA9711-46A7-4FA4-AAEB-0AF1AB3A35F8} [2012.02.25 14:48:50 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{12E58523-DBA0-4400-A072-2B9623BFF74E} [2012.02.25 14:30:55 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{79905EF0-7268-4ACA-B2BB-25EFA55659FB} [2012.02.25 14:30:45 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{B645375B-9C53-4D70-95BF-2AA33A167759} [2012.02.25 11:29:11 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{908E82BF-657E-4EFE-9F5C-B89ABAF23F58} [2012.02.25 11:28:59 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{99D66F6D-83B1-427B-B6F8-B1EF29F9DF3F} [2012.02.25 10:05:53 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{DDD469E6-296B-45A7-B532-AB45A92D5EF6} [2012.02.25 10:05:42 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{CB04ED68-23BA-4112-8158-300137DC02D3} [2012.02.25 08:50:42 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{CB2FEC44-FFB1-4968-A41B-A1C00CC3A1B8} [2012.02.25 08:50:30 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{2E0CCD8E-C3EA-42F5-8077-A218634CBB75} [2012.02.24 20:07:48 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{C6EDD027-3D8D-4696-B25A-8BEEB249CC95} [2012.02.24 20:07:38 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{31AC2FA4-E323-48F8-9EDF-6E83191FBB59} [2012.02.24 17:48:53 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{48E76D42-83FC-4D33-B807-C83F65802986} [2012.02.24 17:48:42 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{3B93B047-5AB6-4B28-9A6B-8EEC1364D802} [2012.02.24 16:24:13 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{9804B723-0F2C-452C-A9BB-CE2275D4702F} [2012.02.24 16:24:03 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{3FAE1962-85AD-49D8-9871-49DA1BF69638} [2012.02.24 14:36:44 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{4D2F70DD-644A-441F-A94C-000DC599D3E2} [2012.02.24 14:36:33 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{16D1D4F7-6CCC-410E-9FA0-D7D5FD50ACA1} [2012.02.24 12:51:33 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{A2396399-E148-499E-B84F-4C7FC90EEEFE} [2012.02.24 12:51:22 | 000,000,000 | ---D | C] -- C:\Users\Bingöl\AppData\Local\{802A65E7-0D86-4A0D-BD31-706F1EBFF5E3} [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.03.24 22:52:33 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.03.24 22:25:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.03.24 22:25:39 | 1888,518,143 | -HS- | M] () -- C:\hiberfil.sys [2012.03.24 22:21:43 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.03.24 22:19:48 | 000,140,288 | ---- | M] () -- C:\Users\Bingöl\AppData\Roaming\0.6234948104388318.exe [2012.03.24 21:59:38 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.03.24 21:59:38 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.03.24 20:48:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.03.24 19:54:02 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3847288296-3488930947-2008851295-1002UA.job [2012.03.23 20:30:55 | 001,500,294 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.03.23 20:30:55 | 000,654,852 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.03.23 20:30:55 | 000,616,694 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.03.23 20:30:55 | 000,130,434 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.03.23 20:30:55 | 000,106,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.03.23 15:28:28 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk [2012.03.22 22:54:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3847288296-3488930947-2008851295-1002Core.job [2012.03.15 23:46:32 | 000,073,773 | ---- | M] () -- C:\Users\Bingöl\Desktop\225527_119779984770782_100002163438400_162368_6580714_n.jpg [2012.03.15 23:24:41 | 000,045,538 | ---- | M] () -- C:\Users\Bingöl\Desktop\263634_135456873203093_100002163438400_246110_183816_n.jpg [2012.03.14 16:28:02 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.03.11 17:33:08 | 000,006,175 | ---- | M] () -- C:\Users\Bingöl\Desktop\Integration.odt [2012.03.01 21:20:52 | 000,006,542 | ---- | M] () -- C:\Users\Bingöl\Desktop\Gemischte Integrationserfolge in Europas Zuwanderungsland Nummer 1.odt [2012.03.01 17:05:47 | 000,001,183 | ---- | M] () -- C:\Users\Bingöl\Documents\Integration.rtf [2012.02.29 15:39:22 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.03.24 22:19:51 | 000,140,288 | ---- | C] () -- C:\Users\Bingöl\AppData\Roaming\0.6234948104388318.exe [2012.03.23 15:28:28 | 000,002,008 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk [2012.03.21 22:49:43 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3847288296-3488930947-2008851295-1002UA.job [2012.03.21 22:49:42 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3847288296-3488930947-2008851295-1002Core.job [2012.03.15 23:46:32 | 000,073,773 | ---- | C] () -- C:\Users\Bingöl\Desktop\225527_119779984770782_100002163438400_162368_6580714_n.jpg [2012.03.15 23:24:41 | 000,045,538 | ---- | C] () -- C:\Users\Bingöl\Desktop\263634_135456873203093_100002163438400_246110_183816_n.jpg [2012.03.01 21:20:51 | 000,006,542 | ---- | C] () -- C:\Users\Bingöl\Desktop\Gemischte Integrationserfolge in Europas Zuwanderungsland Nummer 1.odt [2012.03.01 21:01:02 | 000,006,175 | ---- | C] () -- C:\Users\Bingöl\Desktop\Integration.odt [2012.03.01 17:05:47 | 000,001,183 | ---- | C] () -- C:\Users\Bingöl\Documents\Integration.rtf [2012.02.29 15:39:22 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2012.02.17 01:08:32 | 000,000,700 | ---- | C] () -- C:\Windows\wininit.ini [2011.09.11 19:46:01 | 001,527,692 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.06.18 15:53:39 | 000,006,656 | ---- | C] () -- C:\Users\Bingöl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.05.29 17:57:55 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2011.05.24 15:52:56 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.03.13 18:24:07 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe [2011.03.13 18:24:07 | 000,193,400 | ---- | C] () -- C:\Windows\flicker.dll [2011.03.13 18:24:07 | 000,066,424 | ---- | C] () -- C:\Windows\setpwlin.exe [2011.03.13 18:24:07 | 000,059,992 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe [2011.03.13 18:24:07 | 000,000,673 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini [2011.03.13 18:24:07 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini [2010.11.17 14:30:01 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2010.11.17 13:56:27 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll [2010.11.17 13:55:51 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.exe [2010.11.17 13:48:15 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2010.11.17 13:48:15 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010.11.17 13:48:15 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2010.11.17 13:48:14 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2010.11.17 13:48:11 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin ========== Alternate Data Streams ========== @Alternate Data Stream - 150 bytes -> C:\ProgramData\Temp:5D7E5A8F @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:CDFF58FE @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:93EB7685 @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:E36F5B57 @Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:E1F04E8D @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:1A60DE96 @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:0B9176C0 @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:798A3728 @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:E3C56885 @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:4D066AD2 < End of report > OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 24.03.2012 22:49:56 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Bingöl\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,68 Gb Total Physical Memory | 6,75 Gb Available Physical Memory | 87,94% Memory free
15,36 Gb Paging File | 14,47 Gb Available in Paging File | 94,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684,54 Gb Total Space | 609,61 Gb Free Space | 89,05% Space Free | Partition Type: NTFS
Drive E: | 7,50 Gb Total Space | 1,54 Gb Free Space | 20,52% Space Free | Partition Type: FAT32
Computer Name: BINGÖL-PC | User Name: Bingöl | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.6.5_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1" = Acer GameZone Console
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}" = Poker Pop
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"FileZilla Client" = FileZilla Client 3.5.3
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.10.11.923
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.815
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"NVIDIA.Updatus" = NVIDIA Updatus
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Revo Uninstaller" = Revo Uninstaller 1.93
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-bit)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 20.11.2011 11:36:47 | Computer Name = Bingöl-PC | Source = Bonjour Service | ID = 100
Description =
Error - 20.11.2011 11:36:47 | Computer Name = Bingöl-PC | Source = Bonjour Service | ID = 100
Description =
Error - 20.11.2011 11:36:50 | Computer Name = Bingöl-PC | Source = Bonjour Service | ID = 100
Description =
Error - 20.11.2011 11:36:50 | Computer Name = Bingöl-PC | Source = Bonjour Service | ID = 100
Description =
Error - 20.11.2011 11:36:50 | Computer Name = Bingöl-PC | Source = Bonjour Service | ID = 100
Description =
Error - 20.11.2011 11:48:01 | Computer Name = Bingöl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Name des fehlerhaften Moduls: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Ausnahmecode: 0xc000000d Fehleroffset: 0x00047f51 ID des fehlerhaften
Prozesses: 0xa4 Startzeit der fehlerhaften Anwendung: 0x01cca79bc6c6143a Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Berichtskennung:
0687d358-138f-11e1-88e2-1c7508dc99e2
Error - 20.11.2011 16:55:28 | Computer Name = Bingöl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Name des fehlerhaften Moduls: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Ausnahmecode: 0xc000000d Fehleroffset: 0x00047f51 ID des fehlerhaften
Prozesses: 0xb70 Startzeit der fehlerhaften Anwendung: 0x01cca7c6ba6fbc4a Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Berichtskennung:
f9b5b3d9-13b9-11e1-9b4d-1c7508dc99e2
Error - 20.11.2011 17:41:52 | Computer Name = Bingöl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ePowerTray.exe, Version: 5.0.3005.0,
Zeitstempel: 0x4c11ccf9 Name des fehlerhaften Moduls: ePowerTray.exe, Version: 5.0.3005.0,
Zeitstempel: 0x4c11ccf9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000001e99
ID
des fehlerhaften Prozesses: 0xe14 Startzeit der fehlerhaften Anwendung: 0x01cca7cd2bceb3f9
Pfad
der fehlerhaften Anwendung: C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
Berichtskennung:
7511316e-13c0-11e1-b74d-1c7508dc99e2
Error - 20.11.2011 17:44:01 | Computer Name = Bingöl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Name des fehlerhaften Moduls: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Ausnahmecode: 0xc000000d Fehleroffset: 0x00047f51 ID des fehlerhaften
Prozesses: 0x9dc Startzeit der fehlerhaften Anwendung: 0x01cca7cd824dfdd3 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Berichtskennung:
c21450ed-13c0-11e1-b74d-1c7508dc99e2
Error - 21.11.2011 07:56:08 | Computer Name = Bingöl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Name des fehlerhaften Moduls: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Ausnahmecode: 0xc000000d Fehleroffset: 0x00047f51 ID des fehlerhaften
Prozesses: 0x2b8 Startzeit der fehlerhaften Anwendung: 0x01cca8448c08d522 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Berichtskennung:
cbce264a-1437-11e1-bf0d-1c7508dc99e2
[ Media Center Events ]
Error - 20.08.2011 18:04:25 | Computer Name = Bingöl-PC | Source = MCUpdate | ID = 0
Description = 00:04:25 - Fehler beim Herstellen der Internetverbindung. 00:04:25
- Serververbindung konnte nicht hergestellt werden..
Error - 21.08.2011 07:18:59 | Computer Name = Bingöl-PC | Source = MCUpdate | ID = 0
Description = 13:18:59 - Fehler beim Herstellen der Internetverbindung. 13:18:59
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 24.03.2012 17:40:37 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:42:45 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:42:45 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:42:45 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:47:45 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:47:45 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:47:45 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:49:51 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:49:51 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:49:51 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
|
|
24.03.2012, 23:09
| #2 |
| | Bundespolizei Virus 100€ OTL EXTRAS Logfile:
__________________Code:
ATTFilter OTL Extras logfile created on: 24.03.2012 22:49:56 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Bingöl\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,68 Gb Total Physical Memory | 6,75 Gb Available Physical Memory | 87,94% Memory free
15,36 Gb Paging File | 14,47 Gb Available in Paging File | 94,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684,54 Gb Total Space | 609,61 Gb Free Space | 89,05% Space Free | Partition Type: NTFS
Drive E: | 7,50 Gb Total Space | 1,54 Gb Free Space | 20,52% Space Free | Partition Type: FAT32
Computer Name: BINGÖL-PC | User Name: Bingöl | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.6.5_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1" = Acer GameZone Console
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}" = Poker Pop
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"FileZilla Client" = FileZilla Client 3.5.3
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.10.11.923
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.815
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"NVIDIA.Updatus" = NVIDIA Updatus
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Revo Uninstaller" = Revo Uninstaller 1.93
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-bit)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 20.11.2011 11:36:47 | Computer Name = Bingöl-PC | Source = Bonjour Service | ID = 100
Description =
Error - 20.11.2011 11:36:47 | Computer Name = Bingöl-PC | Source = Bonjour Service | ID = 100
Description =
Error - 20.11.2011 11:36:50 | Computer Name = Bingöl-PC | Source = Bonjour Service | ID = 100
Description =
Error - 20.11.2011 11:36:50 | Computer Name = Bingöl-PC | Source = Bonjour Service | ID = 100
Description =
Error - 20.11.2011 11:36:50 | Computer Name = Bingöl-PC | Source = Bonjour Service | ID = 100
Description =
Error - 20.11.2011 11:48:01 | Computer Name = Bingöl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Name des fehlerhaften Moduls: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Ausnahmecode: 0xc000000d Fehleroffset: 0x00047f51 ID des fehlerhaften
Prozesses: 0xa4 Startzeit der fehlerhaften Anwendung: 0x01cca79bc6c6143a Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Berichtskennung:
0687d358-138f-11e1-88e2-1c7508dc99e2
Error - 20.11.2011 16:55:28 | Computer Name = Bingöl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Name des fehlerhaften Moduls: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Ausnahmecode: 0xc000000d Fehleroffset: 0x00047f51 ID des fehlerhaften
Prozesses: 0xb70 Startzeit der fehlerhaften Anwendung: 0x01cca7c6ba6fbc4a Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Berichtskennung:
f9b5b3d9-13b9-11e1-9b4d-1c7508dc99e2
Error - 20.11.2011 17:41:52 | Computer Name = Bingöl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ePowerTray.exe, Version: 5.0.3005.0,
Zeitstempel: 0x4c11ccf9 Name des fehlerhaften Moduls: ePowerTray.exe, Version: 5.0.3005.0,
Zeitstempel: 0x4c11ccf9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000001e99
ID
des fehlerhaften Prozesses: 0xe14 Startzeit der fehlerhaften Anwendung: 0x01cca7cd2bceb3f9
Pfad
der fehlerhaften Anwendung: C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
Berichtskennung:
7511316e-13c0-11e1-b74d-1c7508dc99e2
Error - 20.11.2011 17:44:01 | Computer Name = Bingöl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Name des fehlerhaften Moduls: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Ausnahmecode: 0xc000000d Fehleroffset: 0x00047f51 ID des fehlerhaften
Prozesses: 0x9dc Startzeit der fehlerhaften Anwendung: 0x01cca7cd824dfdd3 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Berichtskennung:
c21450ed-13c0-11e1-b74d-1c7508dc99e2
Error - 21.11.2011 07:56:08 | Computer Name = Bingöl-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Name des fehlerhaften Moduls: daemonu.exe, Version: 2.0.2.414,
Zeitstempel: 0x4cc8d997 Ausnahmecode: 0xc000000d Fehleroffset: 0x00047f51 ID des fehlerhaften
Prozesses: 0x2b8 Startzeit der fehlerhaften Anwendung: 0x01cca8448c08d522 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
Berichtskennung:
cbce264a-1437-11e1-bf0d-1c7508dc99e2
[ Media Center Events ]
Error - 20.08.2011 18:04:25 | Computer Name = Bingöl-PC | Source = MCUpdate | ID = 0
Description = 00:04:25 - Fehler beim Herstellen der Internetverbindung. 00:04:25
- Serververbindung konnte nicht hergestellt werden..
Error - 21.08.2011 07:18:59 | Computer Name = Bingöl-PC | Source = MCUpdate | ID = 0
Description = 13:18:59 - Fehler beim Herstellen der Internetverbindung. 13:18:59
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 24.03.2012 17:40:37 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:42:45 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:42:45 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:42:45 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:47:45 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:47:45 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:47:45 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:49:51 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:49:51 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 24.03.2012 17:49:51 | Computer Name = Bingöl-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
|
|
25.03.2012, 18:50
| #3 |
| /// Malware-holic   | Bundespolizei Virus 100€ hi
__________________dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user. wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts. • Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. Code:
ATTFilter :OTL
O4 - HKCU..\Run: [Update] C:\Users\Bingöl\AppData\Roaming\0.6234948104388318.exe ()
:Files
C:\Users\Bingöl\AppData\Roaming\0.6234948104388318.exe
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]
• Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren. starte in den normalen modus. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die  + E Taste.
__________________ |
|
| Themen zu Bundespolizei Virus 100€ |
| alternate, bundespolizei, bundespolizei virus, install.exe, launch, limited.com/facebook, locker, microsoft office starter 2010, mywinlocker, nvpciflt.sys, plug-in, pmmupdate.exe, revo uninstaller, searchscopes, troja, trojaner, usb 2.0, version=1.0, virus, windows 7 64bit home |
Linear-Darstellung
