Wie werde ich MyStart by Incredibar los?

Darling17 · 05.07.2012, 20:38

Guten Tag, liebe Helfer,

ich habe bei einem Download einer Pdf-creator Freeware die Mystart.incredibar mit auf meinen Computer gezogen.

Ich bin ein ganz einfacher User, hab mich jetzt mal durch die Anleitungen hier gekämpft und hoffe, ich habe genug richtig gemacht, damit mir hier überhaupt jemand helfen kann?

Vielen Dank im Voraus!

1. Malwarebytes Anti-Malware 1.61.0.1400 erstmalig benutzt:
www.malwarebytes.org

Datenbank Version: v2012.07.05.02

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Engel :: ENGEL-PC [Administrator]

05.07.2012 13:47:23
mbam-log-2012-07-05 (12-42-42).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 334958
Laufzeit: 1 Stunde(n), 10 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\Users\Engel\Desktop\Alte Daten\Engel\Eigene Dateien\Lustig\lustig\AKTIV\alkomat.exe (Trojan.Agent) -> Keine Aktion durchgeführt.
C:\Users\Engel\Desktop\ARAG\Persönliches\PPT\XXX\AKTIV\Monsucks.exe (JokeApp.NotFunny) -> Keine Aktion durchgeführt.
C:\Users\Engel\Desktop\Bildbearbeitung\alien_skin_eye_candy_6.1.0_6.5.8_for_photoshop\Alien Skin Eye Candy 6.1.0 (6.5.8) for Photoshop\Core\CORE10k.EXE (Dont.Steal.Our.Software) -> Keine Aktion durchgeführt.

(Ende)

dieses Programm habe ich heute noch 2mal laufen lassen:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.05.02

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Engel :: ENGEL-PC [Administrator]

05.07.2012 20:01:15
mbam-log-2012-07-05 (20-01-15).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 193261
Laufzeit: 3 Minute(n), 2 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.05.02

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Engel :: ENGEL-PC [Administrator]

05.07.2012 20:17:08
mbam-log-2012-07-05 (20-17-08).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 193158
Laufzeit: 2 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

2. habe ich Defogger heruntergeladen und nach der Anleitung ausgeführt - ohne Fehlermeldung etc.

3. OTL ausgeführt:

OTL logfile created on: 7/5/2012 9:11:59 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Engel\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.25 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 58.54% Memory free
6.50 Gb Paging File | 5.00 Gb Available in Paging File | 76.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 1366.16 Gb Total Space | 1249.57 Gb Free Space | 91.47% Space Free | Partition Type: NTFS
Drive D: | 30.00 Gb Total Space | 12.91 Gb Free Space | 43.02% Space Free | Partition Type: NTFS
Drive E: | 702.83 Mb Total Space | 511.38 Mb Free Space | 72.76% Space Free | Partition Type: UDF

Computer Name: ENGEL-PC | User Name: Engel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/05 20:57:35 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Engel\Desktop\OTL.exe
PRC - [2012/07/03 11:17:53 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/07/03 11:17:52 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/07/03 11:17:52 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/07/03 11:17:52 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/06/06 09:14:32 | 000,185,856 | ---- | M] () -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
PRC - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/10/01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/07/28 23:35:52 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011/07/28 23:35:24 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011/07/16 06:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/09/15 11:11:22 | 000,339,312 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
PRC - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
PRC - [2009/12/03 01:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
PRC - [2009/11/02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

========== Modules (No Company Name) ==========

MOD - [2012/07/05 13:26:42 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\c366ebd7f33816762268154efc68176d\System.Core.ni.dll
MOD - [2012/07/05 12:29:55 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc626095c194be137bceb219934b06a7\PresentationFramework.Aero.ni.dll
MOD - [2012/07/05 12:29:40 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll
MOD - [2012/07/05 12:29:08 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\5e398c245811fe932ce6bcf68664e307\UIAutomationTypes.ni.dll
MOD - [2012/07/05 12:29:08 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\68b5806af0df6ce86027bacb7dc37233\UIAutomationProvider.ni.dll
MOD - [2012/07/05 12:29:08 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\34f340b0c113f7216a55dd7c82a69cc2\Accessibility.ni.dll
MOD - [2012/07/05 12:28:59 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll
MOD - [2012/07/05 12:28:54 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b5b9223f5e18a1089a4fe3a896909d9d\System.Xml.ni.dll
MOD - [2012/07/05 12:28:50 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012/07/05 12:28:49 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012/07/05 12:28:44 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2012/04/24 00:37:48 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/04/06 02:49:40 | 005,279,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2012/04/06 02:49:39 | 004,214,784 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2012/03/22 00:29:45 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2011/12/26 21:13:18 | 005,251,072 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2011/07/28 17:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011/04/26 04:38:49 | 000,327,224 | ---- | M] () -- C:\Users\Engel\AppData\Local\Google\Chrome\Application\11.0.696.57\ppGoogleNaClPluginChrome.dll
MOD - [2011/04/26 04:38:48 | 004,125,752 | ---- | M] () -- C:\Users\Engel\AppData\Local\Google\Chrome\Application\11.0.696.57\pdf.dll
MOD - [2011/04/26 04:37:20 | 000,102,472 | ---- | M] () -- C:\Users\Engel\AppData\Local\Google\Chrome\Application\11.0.696.57\avutil-50.dll
MOD - [2011/04/26 04:37:19 | 000,194,632 | ---- | M] () -- C:\Users\Engel\AppData\Local\Google\Chrome\Application\11.0.696.57\avformat-52.dll
MOD - [2011/04/26 04:37:18 | 001,823,304 | ---- | M] () -- C:\Users\Engel\AppData\Local\Google\Chrome\Application\11.0.696.57\avcodec-52.dll
MOD - [2011/04/26 01:33:23 | 006,111,904 | ---- | M] () -- C:\Users\Engel\AppData\Local\Google\Chrome\Application\11.0.696.57\gcswf32.dll
MOD - [2011/04/26 01:33:23 | 006,111,904 | ---- | M] () -- C:\Users\Engel\AppData\Local\Google\Chrome\APPLIC~1\110696~1.57\gcswf32.dll
MOD - [2010/05/26 08:44:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
MOD - [2009/11/02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009/06/10 23:23:18 | 000,258,048 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
MOD - [2009/06/10 23:22:50 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2009/06/10 23:14:47 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll

========== Win32 Services (SafeList) ==========

SRV - [2012/07/03 12:08:13 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 11:17:53 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/07/03 11:17:52 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/06/06 09:14:32 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/10/01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/07/28 23:35:24 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2012/07/03 11:17:53 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/07/03 11:17:53 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/10/01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011/10/01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011/10/01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011/10/01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2011/09/16 17:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/07/29 00:22:04 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/07/28 22:53:46 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/03/09 12:21:26 | 000,107,024 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/02/18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009/10/08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/09/22 15:34:44 | 000,579,072 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/07 23:48:14 | 000,011,832 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2009/06/05 12:53:42 | 000,027,320 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2009/05/05 11:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.medion.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredibar.com/mb139?a=6OyGO3nsVz&i=26
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{C655DFE5-7EC2-41C9-A4F1-00918046C4C0}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6OyGO3nsVz&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/07/03 11:50:59 | 000,000,000 | ---D | M]

[2012/07/03 11:51:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google

riginalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Engel\AppData\Local\Google\Chrome\Application\11.0.696.57\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Engel\AppData\Local\Google\Chrome\Application\11.0.696.57\pdf.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Users\Engel\AppData\Local\Google\Chrome\Application\11.0.696.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\Engel\AppData\Local\Google\Chrome\Application\11.0.696.57\gears.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Web Assistant = C:\Users\Engel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.455_0\
CHR - Extension: New tab for Chrome\u2122 = C:\Users\Engel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\

O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [EPSON BX305 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIGJE.EXE (SEIKO EPSON CORPORATION)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4F9B2D6-67D9-4DA0-9FC0-7347FF03046B}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8da6989c-a565-11e0-953e-40618699fab4}\Shell - "" = AutoRun
O33 - MountPoints2\{8da6989c-a565-11e0-953e-40618699fab4}\Shell\AutoRun\command - "" = I:\WIN\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/05 20:57:32 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Engel\Desktop\OTL.exe
[2012/07/05 12:42:00 | 000,000,000 | ---D | C] -- C:\Users\Engel\AppData\Roaming\Malwarebytes
[2012/07/05 12:41:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/05 12:41:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/05 12:41:51 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/07/05 12:41:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/07/05 12:41:18 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Engel\Desktop\mbam-setup-1.61.0.1400.exe
[2012/07/03 12:00:38 | 000,000,000 | ---D | C] -- C:\Users\Engel\AppData\Roaming\Downloaded Installations
[2012/07/03 11:51:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012/07/03 11:51:19 | 000,000,000 | ---D | C] -- C:\Users\Engel\AppData\Roaming\pdfforge
[2012/07/03 11:51:16 | 000,081,408 | ---- | C] (pdfforge GbR) -- C:\Windows\System32\pdfcmon.dll
[2012/07/03 11:51:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
[2012/07/03 11:51:14 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2012/07/03 11:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\Perion
[2012/07/03 11:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/07/03 11:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\Incredibar.com
[2012/07/03 11:50:59 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant
[2012/07/03 11:50:35 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[9 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/05 21:10:53 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/05 21:10:53 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/05 21:08:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/05 20:57:35 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Engel\Desktop\OTL.exe
[2012/07/05 20:54:56 | 000,000,000 | ---- | M] () -- C:\Users\Engel\defogger_reenable
[2012/07/05 20:30:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/05 20:07:41 | 000,050,477 | ---- | M] () -- C:\Users\Engel\Desktop\Defogger.exe
[2012/07/05 13:43:18 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/05 13:42:21 | 000,266,352 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/05 13:42:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/05 13:41:23 | 2615,910,400 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/05 12:41:54 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/07/05 12:41:33 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Engel\Desktop\mbam-setup-1.61.0.1400.exe
[2012/07/04 13:29:19 | 000,654,372 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/07/04 13:29:19 | 000,616,254 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/04 13:29:19 | 000,129,986 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/07/04 13:29:19 | 000,106,376 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/03 11:51:20 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\PDFArchitect.lnk
[2012/07/03 11:51:20 | 000,000,993 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2012/07/03 11:51:05 | 000,000,454 | ---- | M] () -- C:\user.js
[2012/07/03 11:17:53 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012/07/03 11:17:53 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012/06/15 06:51:42 | 000,081,408 | ---- | M] (pdfforge GbR) -- C:\Windows\System32\pdfcmon.dll
[9 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/05 20:54:56 | 000,000,000 | ---- | C] () -- C:\Users\Engel\defogger_reenable
[2012/07/05 20:07:40 | 000,050,477 | ---- | C] () -- C:\Users\Engel\Desktop\Defogger.exe
[2012/07/05 12:41:54 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/07/03 11:51:20 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\PDFArchitect.lnk
[2012/07/03 11:51:20 | 000,000,993 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2012/07/03 11:51:04 | 000,000,454 | ---- | C] () -- C:\user.js
[2011/12/05 21:24:22 | 000,000,000 | ---- | C] () -- C:\Users\Engel\AppData\Local\{49B64BE5-C5EA-4629-8297-1C2E5063B92A}
[2011/10/02 23:14:35 | 000,003,584 | ---- | C] () -- C:\Users\Engel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/03 17:54:40 | 000,133,798 | ---- | C] () -- C:\Users\Engel\boardingpass[1].pdf
[2011/07/28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011/06/27 20:53:02 | 000,234,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/06/13 11:35:37 | 000,173,697 | ---- | C] () -- C:\Users\Engel\LH_WEBCKI.DE.PORTAL.JgJL9jI466PfMjBxOMRlR5.pdf
[2011/03/17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/01/02 19:09:56 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2011/01/02 19:09:56 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2010/12/27 10:34:38 | 000,000,695 | ---- | C] () -- C:\Windows\wiso.ini
[2010/09/23 09:22:47 | 000,000,017 | ---- | C] () -- C:\Windows\System32\shortcut_ex.dat

========== LOP Check ==========

[2010/12/27 10:33:43 | 000,000,000 | ---D | M] -- C:\Users\Engel\AppData\Roaming\Buhl Data Service
[2011/10/09 01:09:07 | 000,000,000 | ---D | M] -- C:\Users\Engel\AppData\Roaming\Canon
[2012/07/03 12:00:38 | 000,000,000 | ---D | M] -- C:\Users\Engel\AppData\Roaming\Downloaded Installations
[2010/12/29 19:48:32 | 000,000,000 | ---D | M] -- C:\Users\Engel\AppData\Roaming\EleFun Games
[2011/11/27 21:57:28 | 000,000,000 | ---D | M] -- C:\Users\Engel\AppData\Roaming\Epson
[2010/12/25 21:02:19 | 000,000,000 | ---D | M] -- C:\Users\Engel\AppData\Roaming\FunkyPython
[2011/01/02 16:46:10 | 000,000,000 | ---D | M] -- C:\Users\Engel\AppData\Roaming\Lexware
[2012/07/03 11:51:19 | 000,000,000 | ---D | M] -- C:\Users\Engel\AppData\Roaming\pdfforge
[2012/07/03 12:33:35 | 000,000,000 | ---D | M] -- C:\Users\Engel\AppData\Roaming\SoftGrid Client
[2010/07/29 16:46:31 | 000,000,000 | ---D | M] -- C:\Users\Engel\AppData\Roaming\TP
[2012/04/14 19:08:31 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:423BBE9A

< End of report >

OTL Extras logfile created on: 7/5/2012 9:11:59 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Engel\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.25 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 58.54% Memory free
6.50 Gb Paging File | 5.00 Gb Available in Paging File | 76.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 1366.16 Gb Total Space | 1249.57 Gb Free Space | 91.47% Space Free | Partition Type: NTFS
Drive D: | 30.00 Gb Total Space | 12.91 Gb Free Space | 43.02% Space Free | Partition Type: NTFS
Drive E: | 702.83 Mb Total Space | 511.38 Mb Free Space | 72.76% Space Free | Partition Type: UDF

Computer Name: ENGEL-PC | User Name: Engel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07C09150-43B4-4F27-81AD-FE71CE8EE069}" = lport=445 | protocol=6 | dir=in | app=system |
"{0C4AE7B8-9872-4755-B429-D5A52D191606}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0F1C4D87-4F82-4631-8186-F4D6B5DE2743}" = lport=139 | protocol=6 | dir=in | app=system |
"{14F1D92C-4281-4917-A7CC-D5D090D11A25}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1BA2A5E9-0CCA-4F8B-A5AA-4EBA2C0AB218}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{24EA0695-E350-463C-88E6-2EF4309F5DCC}" = rport=138 | protocol=17 | dir=out | app=system |
"{2925FA0B-6096-4364-9FD7-EC7A823550CA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2F589F8F-32F5-4596-A836-805137CFF05D}" = rport=139 | protocol=6 | dir=out | app=system |
"{3E2F5FDF-87F9-45E2-B3F3-DA238273C445}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{473AC6ED-F0A1-43FA-A2AF-096605CBE8CC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{48E4A7CB-FB48-4B35-9B06-B429EC631D90}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4E6A0035-0974-4002-A275-FDC4DE0B5C35}" = rport=137 | protocol=17 | dir=out | app=system |
"{5E5666D1-ECAE-47F4-8B2C-1848FB7E3270}" = lport=10243 | protocol=6 | dir=in | app=system |
"{63D7799D-4FCC-4410-9B7E-783FA8367499}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7AF48104-DD72-435C-A88A-80508C7481BA}" = lport=138 | protocol=17 | dir=in | app=system |
"{7B476BFD-1F47-4BC5-A5CE-0A6F8102A2DD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{85DD85EB-6FF1-41DF-98B9-DEFFD0F8A49A}" = lport=137 | protocol=17 | dir=in | app=system |
"{A589226C-77ED-4B1A-B297-C4FFB4213CF1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C388F52C-DB1F-4FB0-B22D-49087CB076E8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C8B23E9F-DB3B-4721-93F5-F2B6E514EE2F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D027E2F4-610B-4FD9-8F53-F22119F90B70}" = rport=445 | protocol=6 | dir=out | app=system |
"{D10D3690-4CA5-47B8-A45B-C5DFC3ED283F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EA889459-595E-4A56-A023-C2E4C168D927}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F771F68-E755-476E-8540-5CE2F0112729}" = protocol=6 | dir=out | app=system |
"{129B2251-5515-4BEF-8BEE-8427F89E2CF6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1BB8BE9D-CB09-4D06-90E2-0672A8E53782}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{25257A0D-4106-416E-8466-254902F4DAF0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3E94C86E-3A74-47EC-A94F-82BEF3E6ED05}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5517EA0D-333C-46FE-A6AF-5A69F72FB8A8}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{56CD1F71-5797-478E-BC97-9242C0130695}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{57235E70-CD10-4F73-B11C-610B243C85CA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{59F8A820-0D69-49A6-B63A-3D6DFD38CC93}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5EA059E9-8500-4358-A7F2-02AA19140D13}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{7DD38922-899D-47B3-82F4-A3E5836C96B8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A125141D-E5E1-4748-A099-02BB19DB5D21}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B7DDFCDC-54EE-401B-994B-551C275512A3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BA1806A2-9D25-454E-A447-3B616783A741}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BEA6EA0A-442C-44E9-A6AC-A7F260A4960D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BF24996A-6F95-4786-AFDF-80D3EC5D2ED2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CA6CF4FB-71ED-428F-83BF-6F41A5602942}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D9D295E1-E184-4F6E-816E-EBFDF78F1575}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DFA2D161-9FFB-427D-985C-A8E98B9B28EE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{1209E3DA-1C33-4095-B072-DC8ED1438692}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{93D435DF-D6FC-4F04-8CF2-C5B40E469DE1}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{13B400D8-9976-4D77-A4C8-2C07023CF2FB}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{8F80F1CE-EC6C-4620-8EE7-07889B2E1850}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{106EA11E-D041-127E-8B43-6CD8C4F2F314}" = Catalyst Control Center Graphics Previews Common
"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{310C1558-F6B5-4889-98B0-7471966BA7F2}" = Epson Easy Photo Print 2
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.455
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{46B70DEB-97B3-4E38-B746-EC16905E6A8F}" = WISO Steuer 2010
"{4B526075-AF27-47A2-860D-3DA92928A051}" = Steuer 2010
"{4F5B18A3-E921-4FFE-BEF4-ACBB98964FC2}" = AMD USB Filter Driver
"{4FBA8A80-0BB2-4A53-0EBD-F01763803252}" = AMD VISION Engine Control Center
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{6B36CDF8-8374-974C-2344-14AB0BEC46AD}" = CCC Help English
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7730D510-6DE2-4CD4-8F58-0B04680AEFE6}" = Mysteryville 2
"{7B19844A-AE1B-314B-1660-4A07730E1C75}" = AMD Media Foundation Decoders
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{852DBAD9-ECAC-48FD-99D8-775CF9BFD42C}" = Moorfrosch XXL
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B547567F-6BD1-3E76-E945-9DA067EF5AAA}" = AMD Catalyst Install Manager
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BDC5FC8C-54F6-AD16-12DC-8B02B738665C}" = Catalyst Control Center InstallProxy
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D38F781D-C6D6-3CD4-BEB8-B11D87B53A7F}" = AMD Drag and Drop Transcoding
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2C31565-901E-5BEF-0E3C-219281682254}" = AMD Fuel
"{F4939EB9-ED2E-2713-E888-F134FC7FE77C}" = ccc-utility
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"Butterfly Magic" = Butterfly Magic
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"CCleaner" = CCleaner
"DPP" = Canon Utilities Digital Photo Professional 3.8
"EOS Utility" = Canon Utilities EOS Utility
"EPSON BX305 Series" = EPSON BX305 Series Printer Uninstall
"EPSON BX305 Series Manual" = EPSON BX305 Series Handbuch
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FunkyPython" = FunkyPython
"HPR_Vermittler-Protokoll" = Vermittler-Protokoll
"HyperBalloidCE" = HyperBalloidCE
"incredibar" = Incredibar Toolbar on IE
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"Pearl Poppers" = Pearl Poppers
"PhotomatixPro3x32_is1" = Photomatix Pro version 3.2.7
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"S2TNG" = Die Siedler II - Die nächste Generation
"S3" = Die Siedler III Gold Edition
"S4Uninst" = Die Siedler IV
"The Great Mahjongg" = The Great Mahjongg
"WFTK" = Canon Utilities WFT Utility
"WinLiveSuite_Wave3" = Windows Live Essentials
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/4/2012 7:31:56 AM | Computer Name = Engel-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 7/4/2012 7:31:56 AM | Computer Name = Engel-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 7/4/2012 7:31:56 AM | Computer Name = Engel-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 7/4/2012 7:31:56 AM | Computer Name = Engel-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 7/4/2012 7:31:56 AM | Computer Name = Engel-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 7/4/2012 7:31:56 AM | Computer Name = Engel-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 7/4/2012 7:31:56 AM | Computer Name = Engel-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 7/4/2012 7:31:56 AM | Computer Name = Engel-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 7/4/2012 7:31:56 AM | Computer Name = Engel-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 7/4/2012 7:31:56 AM | Computer Name = Engel-PC | Source = .NET Runtime | ID = 1023
Description =

Error - 7/4/2012 7:31:56 AM | Computer Name = Engel-PC | Source = .NET Runtime | ID = 1023
Description =

[ Media Center Events ]
Error - 2/22/2011 4:42:43 AM | Computer Name = Engel-PC | Source = MCUpdate | ID = 0
Description = 09:42:43 - Fehler beim Herstellen der Internetverbindung. 09:42:43
- Serververbindung konnte nicht hergestellt werden..

Error - 2/22/2011 4:43:18 AM | Computer Name = Engel-PC | Source = MCUpdate | ID = 0
Description = 09:43:12 - Fehler beim Herstellen der Internetverbindung. 09:43:12
- Serververbindung konnte nicht hergestellt werden..

Error - 7/29/2011 10:11:22 AM | Computer Name = Engel-PC | Source = MCUpdate | ID = 0
Description = 16:11:22 - Fehler beim Herstellen der Internetverbindung. 16:11:22
- Serververbindung konnte nicht hergestellt werden..

Error - 7/29/2011 10:11:39 AM | Computer Name = Engel-PC | Source = MCUpdate | ID = 0
Description = 16:11:29 - Fehler beim Herstellen der Internetverbindung. 16:11:29
- Serververbindung konnte nicht hergestellt werden..

Error - 10/26/2011 6:15:06 AM | Computer Name = Engel-PC | Source = MCUpdate | ID = 0
Description = 12:15:06 - Fehler beim Herstellen der Internetverbindung. 12:15:06
- Serververbindung konnte nicht hergestellt werden..

Error - 11/18/2011 4:52:06 AM | Computer Name = Engel-PC | Source = MCUpdate | ID = 0
Description = 09:52:06 - Fehler beim Herstellen der Internetverbindung. 09:52:06
- Serververbindung konnte nicht hergestellt werden..

Error - 11/18/2011 5:52:23 AM | Computer Name = Engel-PC | Source = MCUpdate | ID = 0
Description = 10:52:23 - Fehler beim Herstellen der Internetverbindung. 10:52:23
- Serververbindung konnte nicht hergestellt werden..

Error - 11/18/2011 6:52:33 AM | Computer Name = Engel-PC | Source = MCUpdate | ID = 0
Description = 11:52:33 - Fehler beim Herstellen der Internetverbindung. 11:52:33
- Serververbindung konnte nicht hergestellt werden..

Error - 11/18/2011 7:52:43 AM | Computer Name = Engel-PC | Source = MCUpdate | ID = 0
Description = 12:52:43 - Fehler beim Herstellen der Internetverbindung. 12:52:43
- Serververbindung konnte nicht hergestellt werden..

Error - 3/16/2012 10:15:20 PM | Computer Name = Engel-PC | Source = MCUpdate | ID = 0
Description = 03:15:15 - Fehler beim Herstellen der Internetverbindung. 03:15:15
- Serververbindung konnte nicht hergestellt werden..

[ System Events ]
Error - 7/5/2012 6:43:54 AM | Computer Name = Engel-PC | Source = amdsata | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error - 7/5/2012 7:38:53 AM | Computer Name = Engel-PC | Source = DCOM | ID = 10010
Description =

Error - 7/5/2012 7:41:35 AM | Computer Name = Engel-PC | Source = amdsata | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error - 7/5/2012 7:41:38 AM | Computer Name = Engel-PC | Source = amdsata | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error - 7/5/2012 7:44:01 AM | Computer Name = Engel-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-1073473535.

Error - 7/5/2012 7:44:01 AM | Computer Name = Engel-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
Neustart des Diensts.

Error - 7/5/2012 3:10:05 PM | Computer Name = Engel-PC | Source = amdsata | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error - 7/5/2012 3:10:08 PM | Computer Name = Engel-PC | Source = amdsata | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error - 7/5/2012 3:10:12 PM | Computer Name = Engel-PC | Source = amdsata | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

Error - 7/5/2012 3:10:14 PM | Computer Name = Engel-PC | Source = amdsata | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\RaidPort0 gefunden.

< End of report >

so, das sind meine bisherigen Aktivitäten.
Ich hoffe, hier kann jemand weiterhelfen. Ein dickes Danke und ein Lob für dieses Forum gibt es von mir hiermit im Voraus.

cosinus · 11.07.2012, 15:22

Code:

ATTFilter

Alien Skin Eye Candy 6.1.0 (6.5.8) for Photoshop\Core\CORE10k.EXE (Dont.Steal.Our.Software)

CORE ist ein bekannte (berüchtigte?) Crackergruppe. Die bringen nur Keygens und Cracks raus!

Siehe auch => http://www.trojaner-board.de/95393-c...-software.html

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!

In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials

Wie werde ich MyStart by Incredibar los?

Plagegeister aller Art und deren Bekämpfung: Wie werde ich MyStart by Incredibar los?

Wie werde ich MyStart by Incredibar los?

Wie werde ich MyStart by Incredibar los?

Ähnliche Themen: Wie werde ich MyStart by Incredibar los?