| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: e621ca05- externe Festplatte nicht erreichbarWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.10.2012, 15:01
| #1 |
| |  e621ca05- externe Festplatte nicht erreichbar HAllo Guten Tag kurzes und seriöses Problem über Skype hat sich ein Trojaner eingenistet-wie ich rausfand der Trojaner e621ca05 Norton AntiVirus hatte es auch als solches erkannt und beseitigt- ich hatte auch das system eine woche vorher wiederhergestellt- das Problem ist jetzt natürlich - das die EXTERNE Festplatte nur noch Verknüpfungen auf den trojaner anzeigt Frage 1: ist das problem erledigt indem ich die Festplatte (externe) komplett lösche bzw gibt es ein einfach zu bedienendes tool dafür UND ich ausserdem den PC neu mit w 7 bespiele ?? Frage 2: ich habe schon einen otl test den ich nicht entschlüsseln kann mangels fachwissen, hab den mal im anhang - da gibt es dann noch einen Ich bitte Euch mir Schritt für Schritt zu helfen, und mal die texte und logs mit durchzulesen um Hilfe stellung zu geben - diese Kreuz und Quer vernetzen überfordert mich doch etwas - vielen dank |
|
03.10.2012, 15:38
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | e621ca05- externe Festplatte nicht erreichbarZitat:
 Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
03.10.2012, 16:09
| #3 |
| | e621ca05- externe Festplatte nicht erreichbar Danke für die flotte Antwort- für mich ist alles Neuland-sorry für mein Halbwissen- wo kann ich bei meinem Norton 2012 die logs finden ? Die sind ja sicher noch gespeichert ...
__________________cccleaner hab ich schon durchlaufen lassen otl scan ergab otl text OTL EXTRAS Logfile: Code:
ATTFilter OTL logfile created on: 10/3/2012 5:00:16 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hauptklapperkiste\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7.96 Gb Total Physical Memory | 5.82 Gb Available Physical Memory | 73.11% Memory free
15.92 Gb Paging File | 13.68 Gb Available in Paging File | 85.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1848.98 Gb Total Space | 1656.03 Gb Free Space | 89.56% Space Free | Partition Type: NTFS
Drive D: | 13.94 Gb Total Space | 1.72 Gb Free Space | 12.34% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 465.65 Gb Total Space | 48.15 Gb Free Space | 10.34% Space Free | Partition Type: FAT32
Computer Name: HAUPTKLAPPERKIS | User Name: Hauptklapperkiste | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/10/03 15:24:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hauptklapperkiste\Downloads\OTL (2).exe
PRC - [2012/10/02 08:02:54 | 002,201,112 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
PRC - [2012/09/24 13:56:20 | 000,379,392 | ---- | M] (Babylon Ltd.) -- C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.0.7\BabylonToolbarsrv.exe
PRC - [2012/09/21 13:01:01 | 000,690,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.exe
PRC - [2012/09/09 13:04:48 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/08/04 10:45:07 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2012/06/16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe
PRC - [2012/05/04 15:43:20 | 001,561,768 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/12/21 16:40:56 | 000,578,264 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
PRC - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/09/28 21:59:06 | 001,040,952 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
PRC - [2010/09/28 18:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2010/04/23 22:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 22:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 22:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/03/04 06:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/04 06:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/10/01 06:02:50 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 06:02:48 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2008/11/20 20:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/04/18 17:39:18 | 000,161,160 | R--- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\Program Files (x86)\Panasonic\VideoCamSuite\VideoCamSuiteAutoStart.exe
PRC - [2007/06/15 12:57:42 | 000,145,504 | R--- | M] (B.H.A Corporation) -- C:\Windows\SysWOW64\bgsvcgen.exe
========== Modules (No Company Name) ==========
MOD - [2012/10/02 08:02:54 | 002,201,112 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
MOD - [2012/10/02 08:02:30 | 002,105,368 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2012/09/24 13:55:12 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.0.7\escortShld.dll
MOD - [2012/09/09 13:04:47 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/09/09 13:04:46 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/09/09 13:04:46 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2012/09/09 13:04:46 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/09/09 13:04:46 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/06/14 14:12:31 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012/06/14 14:12:25 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012/05/10 12:17:00 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\73baa23d28d21c7c01e334211330a84e\IAStorUtil.ni.dll
MOD - [2012/05/10 11:04:28 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll
MOD - [2012/05/10 11:03:55 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll
MOD - [2012/05/10 11:03:51 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012/05/10 11:03:49 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012/05/10 11:03:48 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012/05/10 11:03:40 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2011/02/04 11:55:53 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011/02/04 11:55:50 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010/09/28 22:09:00 | 001,700,920 | ---- | M] () -- C:\Users\Hauptklapperkiste\AppData\Roaming\PictureMover\DE-DE\Presentation.dll
MOD - [2010/09/28 21:59:20 | 012,286,008 | ---- | M] () -- C:\Users\Hauptklapperkiste\AppData\Roaming\PictureMover\Bin\Core.dll
MOD - [2009/07/14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2008/08/05 14:57:08 | 000,163,840 | R--- | M] () -- C:\Program Files (x86)\Panasonic\VideoCamSuite\MSResource\MSTextResource.dll
========== Services (SafeList) ==========
SRV:64bit: - [2010/08/06 05:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012/10/02 08:02:54 | 002,201,112 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2012/09/21 14:01:14 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/09 13:04:48 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/07/18 15:40:09 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe -- (NIS)
SRV - [2011/12/21 16:40:56 | 000,578,264 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/09/28 18:09:28 | 001,119,768 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/06/19 03:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/06/02 01:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 06:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/10/01 06:02:50 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/10/01 06:02:48 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/06/15 12:57:42 | 000,145,504 | R--- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/07/06 04:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/06 04:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/07 06:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012/06/01 23:18:34 | 000,041,224 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2012/05/22 03:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/05/16 03:10:14 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2012/04/18 04:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/18 03:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/03/27 12:08:45 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/03/01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/25 20:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symds64.sys -- (SymDS)
DRV:64bit: - [2011/03/11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/09/03 08:59:26 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/07/22 05:57:22 | 001,002,848 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2010/06/22 03:07:38 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/04/08 21:13:30 | 001,757,952 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVer7231_x64.sys -- (AVer7231_x64)
DRV:64bit: - [2010/03/04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/11/14 01:20:14 | 000,039,936 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVer888RCIR_64.sys -- (CXCIR)
DRV:64bit: - [2009/09/17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/08/25 14:36:00 | 000,039,208 | R--- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2012/10/03 15:11:24 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121002.025_aab\ex64.sys -- (NAVEX15)
DRV - [2012/10/03 15:11:24 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121002.025_aab\eng64.sys -- (NAVENG)
DRV - [2012/10/02 16:29:00 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121002.001_abc\IDSviA64.sys -- (IDSVia64)
DRV - [2012/09/28 01:02:52 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120928.001_aa5\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/08/21 01:12:19 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/21 01:12:19 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No CLSID value found
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=114435&tt=031012_ccp_4012_4&babsrc=SP_ss&mntrId=20847b580000000000001c659deba881
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\SearchScopes\{950FA98F-C256-4B89-A174-4A070CBA91DD}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=342&systemid=406&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = hxxp://int.search-results.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=NIS&chn=retail&geo=DE&ver=19
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb174/?search={searchTerms}&loc=IB_DS&a=6PQLvQWT44&i=26
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Desktops
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..CT2269050.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.startup.homepage: "hxxp://mystart.incredibar.com/mb174?a=6PQLvQWT44&i=26"
FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.6.0.3
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10
FF - prefs.js..extensions.enabledAddons: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}:10.13.1.99
FF - prefs.js..extensions.enabledAddons: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:10.10.28.11
FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb174/?loc=IB_DS&a=6PQLvQWT44&&i=26&search="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..CT2269050.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.startup.homepage: "hxxp://mystart.incredibar.com/mb174?a=6PQLvQWT44&i=26"
FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.6.0.3
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10
FF - prefs.js..extensions.enabledAddons: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}:10.13.1.99
FF - prefs.js..extensions.enabledAddons: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:10.10.28.11
FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb174/?loc=IB_DS&a=6PQLvQWT44&&i=26&search="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..CT2269050.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.startup.homepage: "hxxp://mystart.incredibar.com/mb174?a=6PQLvQWT44&i=26"
FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.6.0.3
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10
FF - prefs.js..extensions.enabledAddons: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}:10.13.1.99
FF - prefs.js..extensions.enabledAddons: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:10.10.28.11
FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb174/?loc=IB_DS&a=6PQLvQWT44&&i=26&search="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..CT2269050.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.startup.homepage: "hxxp://mystart.incredibar.com/mb174?a=6PQLvQWT44&i=26"
FF - prefs.js..extensions.enabledAddons: {EEE6C361-6118-11DC-9C72-001320C79847}:1.6.0.3
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10
FF - prefs.js..extensions.enabledAddons: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}:10.13.1.99
FF - prefs.js..extensions.enabledAddons: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:10.10.28.11
FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb174/?loc=IB_DS&a=6PQLvQWT44&&i=26&search="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/10/03 14:57:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012/10/03 16:47:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/18 15:40:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012/10/03 15:19:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/18 15:40:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012/09/15 16:18:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hauptklapperkiste\AppData\Roaming\mozilla\Extensions
[2012/10/03 15:19:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hauptklapperkiste\AppData\Roaming\mozilla\Firefox\Profiles\vx1jvltn.default\extensions
[2012/09/15 14:34:51 | 000,000,000 | ---D | M] (DVDVideoSoftTB DE) -- C:\Users\Hauptklapperkiste\AppData\Roaming\mozilla\Firefox\Profiles\vx1jvltn.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}
[2012/09/16 16:46:27 | 000,000,000 | ---D | M] (DVDVideoSoftTB) -- C:\Users\Hauptklapperkiste\AppData\Roaming\mozilla\Firefox\Profiles\vx1jvltn.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012/10/03 14:58:25 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Hauptklapperkiste\AppData\Roaming\mozilla\Firefox\Profiles\vx1jvltn.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/10/03 14:57:15 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Hauptklapperkiste\AppData\Roaming\mozilla\Firefox\Profiles\vx1jvltn.default\extensions\ich@maltegoetz.de
[2012/06/05 13:33:00 | 000,000,000 | ---D | M] (KMPlayer Toolbar) -- C:\Users\Hauptklapperkiste\AppData\Roaming\mozilla\Firefox\Profiles\vx1jvltn.default\extensions\toolbar@ask.com
[2012/09/10 13:39:32 | 000,169,792 | ---- | M] () (No name found) -- C:\Users\Hauptklapperkiste\AppData\Roaming\mozilla\firefox\profiles\vx1jvltn.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012/10/03 15:19:50 | 000,002,547 | ---- | M] () -- C:\Users\Hauptklapperkiste\AppData\Roaming\mozilla\firefox\profiles\vx1jvltn.default\searchplugins\browsemngr.xml
[2012/10/03 15:20:36 | 000,000,949 | ---- | M] () -- C:\Users\Hauptklapperkiste\AppData\Roaming\mozilla\firefox\profiles\vx1jvltn.default\searchplugins\conduit.xml
[2012/10/03 15:20:05 | 000,002,203 | ---- | M] () -- C:\Users\Hauptklapperkiste\AppData\Roaming\mozilla\firefox\profiles\vx1jvltn.default\searchplugins\MyStart Search.xml
[2012/06/08 16:56:27 | 000,002,519 | ---- | M] () -- C:\Users\Hauptklapperkiste\AppData\Roaming\mozilla\firefox\profiles\vx1jvltn.default\searchplugins\Search_Results.xml
[2012/09/10 13:39:23 | 000,003,915 | ---- | M] () -- C:\Users\Hauptklapperkiste\AppData\Roaming\mozilla\firefox\profiles\vx1jvltn.default\searchplugins\sweetim.xml
[2012/09/15 16:18:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/10/03 15:19:50 | 000,000,000 | ---D | M] (Browser Manager) -- C:\PROGRAMDATA\BROWSER MANAGER\2.3.762.17\{16CDFF19-861D-48E3-A751-D99A27784753}\FIREFOXEXTENSION
[2012/07/18 15:40:10 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/10/03 15:19:14 | 000,002,360 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/06/21 13:16:17 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/06/08 16:56:27 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
========== Chrome ==========
CHR - homepage: hxxp://www.searchnu.com/406
CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = hxxp://dts.search-results.com/sr?src=crb&appid=342&systemid=406&sr=0&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://www.searchnu.com/406
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.3.7_0\npcoplgn.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: KMPlayer Toolbar = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaoggiphohkihibdkcnhnokmkfmhnj\7.15.2.0_0\
CHR - Extension: YouTube = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Norton Identity Protection = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.5.11_0\
CHR - Extension: DvdVideoSoft Free Youtube Download = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: Google Mail = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: KMPlayer Toolbar = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaoggiphohkihibdkcnhnokmkfmhnj\7.15.2.0_0\
CHR - Extension: YouTube = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Norton Identity Protection = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.5.11_0\
CHR - Extension: DvdVideoSoft Free Youtube Download = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: Google Mail = C:\Users\Hauptklapperkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.0.7\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (KMPlayer Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.5.24.3\bh\Softonic.dll (Softonic.com)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (PricePeep) - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll (PricePeep)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.5.24.3\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (KMPlayer Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-765109005-3389052130-1424812353-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-765109005-3389052130-1424812353-1000..\Run: [GoogleChromeAutoLaunch_ACFA7A769AFC973F18883669C5ACF3C3] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-765109005-3389052130-1424812353-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Hauptklapperkiste\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Hauptklapperkiste\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Hauptklapperkiste\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Hauptklapperkiste\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFEA4716-018D-4CEF-B8E2-D603F84986A3}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/10/03 16:40:44 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/10/03 16:35:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/10/03 16:35:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/10/03 15:37:33 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\Desktop\Neuer Ordner
[2012/10/03 15:19:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PricePeep
[2012/10/03 15:19:51 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
[2012/10/03 15:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012/10/03 15:19:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabylonToolbar
[2012/10/03 15:18:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/10/03 15:18:57 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\AppData\Roaming\Babylon
[2012/09/30 16:32:49 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\AppData\Roaming\Malwarebytes
[2012/09/30 16:32:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/30 16:32:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/30 16:32:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/09/26 16:07:10 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\Desktop\Schulanfang Luisa fotos
[2012/09/16 16:46:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoftTB
[2012/09/15 16:06:11 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\AppData\Roaming\TuneUp Software
[2012/09/15 16:06:05 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012/09/15 16:06:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/09/15 16:06:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/09/15 16:03:07 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/09/15 16:02:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012/09/15 16:02:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012/09/15 16:02:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2012/09/15 14:34:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/09/15 14:34:13 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\AppData\Local\Conduit
[2012/09/15 14:33:44 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\AppData\Roaming\OpenCandy
[2012/09/10 15:55:15 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\AppData\Roaming\Apple Computer
[2012/09/10 15:55:15 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\AppData\Local\Apple Computer
[2012/09/10 15:54:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012/09/10 15:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/09/10 15:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/09/10 15:52:04 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\AppData\Local\Apple
[2012/09/10 15:52:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/09/10 15:51:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/09/10 15:51:24 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/09/10 15:51:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/09/10 15:51:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/09/10 15:51:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/09/10 14:13:54 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\AppData\Roaming\Panasonic
[2012/09/10 14:13:46 | 000,000,000 | ---D | C] -- C:\MC_TMP
[2012/09/10 14:04:03 | 000,039,208 | R--- | C] (B.H.A Corporation) -- C:\Windows\SysNative\drivers\cdrbsdrv.sys
[2012/09/10 14:04:02 | 000,145,504 | R--- | C] (B.H.A Corporation) -- C:\Windows\SysWow64\bgsvcgen.exe
[2012/09/10 14:04:02 | 000,059,488 | R--- | C] (B.H.A Corporation) -- C:\Windows\SysWow64\GenSvcInst.exe
[2012/09/10 14:03:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic
[2012/09/10 14:03:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panasonic
[2012/09/10 14:02:23 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\AppData\Roaming\InstallShield
[2012/09/10 13:39:29 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\Tracing
[2012/09/10 13:39:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2012/09/09 13:47:03 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\Documents\Klardenker-CD
[2012/09/07 20:13:10 | 000,000,000 | ---D | C] -- C:\Users\Hauptklapperkiste\Desktop\FOTOS2012
========== Files - Modified Within 30 Days ==========
[2012/10/03 17:00:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/03 16:54:49 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/03 16:54:49 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/03 16:53:15 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/03 16:53:15 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/10/03 16:53:15 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/03 16:53:15 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/10/03 16:53:15 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/03 16:47:16 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/03 16:47:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/03 16:46:53 | 2115,301,375 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/03 16:44:57 | 000,005,822 | ---- | M] () -- C:\Users\Hauptklapperkiste\Documents\cc_20121003_164451.reg
[2012/10/03 16:35:45 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/10/03 16:34:00 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/30 18:18:56 | 000,382,868 | ---- | M] () -- C:\Users\Hauptklapperkiste\Documents\island[1].pdf
[2012/09/30 18:17:28 | 002,717,278 | ---- | M] () -- C:\Users\Hauptklapperkiste\Documents\compact-zinsen-rico-albrecht[1].pdf
[2012/09/27 21:47:58 | 001,511,892 | ---- | M] () -- C:\Users\Hauptklapperkiste\Documents\Outlook-2012-Sampler[1].pdf
[2012/09/27 13:00:56 | 000,449,656 | ---- | M] () -- C:\Users\Hauptklapperkiste\Documents\Das-Euro-Desaster[1].pdf
[2012/09/26 12:34:14 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1309000.009\isolate.ini
[2012/09/24 12:16:56 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHauptklapperkiste.job
[2012/09/22 21:22:18 | 002,071,677 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\Cat.DB
[2012/09/20 14:19:02 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHAUPTKLAPPERKIS$.job
[2012/09/20 13:59:32 | 006,168,775 | ---- | M] () -- C:\Users\Hauptklapperkiste\Documents\Widerstand[1].pdf
[2012/09/16 16:46:29 | 000,000,009 | ---- | M] () -- C:\END
[2012/09/15 17:08:02 | 000,476,023 | ---- | M] () -- C:\Users\Hauptklapperkiste\Documents\Erwache2.pdf
[2012/09/15 17:04:57 | 005,598,369 | ---- | M] () -- C:\Users\Hauptklapperkiste\Documents\Erwache1.pdf
[2012/09/15 16:03:02 | 000,001,241 | ---- | M] () -- C:\Users\Hauptklapperkiste\Desktop\DVDVideoSoft Free Studio.lnk
[2012/09/10 14:04:13 | 000,001,207 | ---- | M] () -- C:\Users\Public\Desktop\VideoCam Suite.lnk
[2012/09/10 14:03:53 | 000,001,040 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Auto Run von VideoCam Suite 1.0.lnk
[2012/09/04 22:30:05 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2012/10/03 16:44:55 | 000,005,822 | ---- | C] () -- C:\Users\Hauptklapperkiste\Documents\cc_20121003_164451.reg
[2012/10/03 16:35:45 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/09/30 18:19:48 | 002,717,278 | ---- | C] () -- C:\Users\Hauptklapperkiste\Documents\compact-zinsen-rico-albrecht[1].pdf
[2012/09/30 18:19:02 | 000,382,868 | ---- | C] () -- C:\Users\Hauptklapperkiste\Documents\island[1].pdf
[2012/09/27 21:53:36 | 001,511,892 | ---- | C] () -- C:\Users\Hauptklapperkiste\Documents\Outlook-2012-Sampler[1].pdf
[2012/09/27 13:01:35 | 000,449,656 | ---- | C] () -- C:\Users\Hauptklapperkiste\Documents\Das-Euro-Desaster[1].pdf
[2012/09/20 14:17:28 | 006,168,775 | ---- | C] () -- C:\Users\Hauptklapperkiste\Documents\Widerstand[1].pdf
[2012/09/15 17:08:56 | 000,476,023 | ---- | C] () -- C:\Users\Hauptklapperkiste\Documents\Erwache2.pdf
[2012/09/15 17:07:50 | 005,598,369 | ---- | C] () -- C:\Users\Hauptklapperkiste\Documents\Erwache1.pdf
[2012/09/15 16:03:02 | 000,001,241 | ---- | C] () -- C:\Users\Hauptklapperkiste\Desktop\DVDVideoSoft Free Studio.lnk
[2012/09/15 14:35:00 | 000,000,009 | ---- | C] () -- C:\END
[2012/09/10 14:04:12 | 000,001,207 | ---- | C] () -- C:\Users\Public\Desktop\VideoCam Suite.lnk
[2012/09/10 14:03:53 | 000,001,040 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Auto Run von VideoCam Suite 1.0.lnk
[2012/06/22 15:20:48 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012/06/22 15:15:43 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2012/02/27 18:24:02 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/02/17 02:47:37 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2012/02/16 21:39:36 | 000,007,605 | ---- | C] () -- C:\Users\Hauptklapperkiste\AppData\Local\Resmon.ResmonCfg
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_89001461_aa.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_49001461_aa.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_33011461_aa.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A0F1461_ca.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A071461_aa.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_14001461_61.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_13011461_aa.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_110F1461_ca.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_110F1461_8a.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_11071461_aa.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_11071461_8a.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A0F1461_ca.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_ca.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_aa.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_8a.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A031461_ca.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A031461_aa.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A011461_ca.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A011461_aa.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_09001461_aa.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_08071461_aa.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_060F1461_ca.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_06071461_aa.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_06071461_8a.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_03011461_aa.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_03011461_8a.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_02011461_aa.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_02011461_8a.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_010F1461_ca.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_010F1461_8a.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_01071461_aa.bin
[2011/02/04 12:12:08 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_01071461_8a.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_ca.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_aa.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_8a.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_ca.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_aa.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_8a.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_07031461_aa.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_ca.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_aa.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_8a.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03131461_8a.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03031461_aa.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_ca.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_aa.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_8a.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_00000000_aa.bin
[2011/02/04 12:12:08 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_00000000_8a.bin
[2011/02/04 12:12:08 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_890F1461_ca.bin
[2011/02/04 12:12:08 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_29001461_ca.bin
[2011/02/04 12:12:08 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_090F1461_ca.bin
[2011/02/04 12:12:08 | 000,000,412 | ---- | C] () -- C:\Windows\11317231_180F1461_ca.bin
[2011/02/04 12:12:08 | 000,000,412 | ---- | C] () -- C:\Windows\11317231_18071461_aa.bin
[2011/02/04 12:12:08 | 000,000,376 | ---- | C] () -- C:\Windows\11317231_03131461_aa.bin
[2011/02/04 11:34:42 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011/02/04 11:22:39 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
========== ZeroAccess Check ==========
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/10/03 15:18:57 | 000,000,000 | ---D | M] -- C:\Users\Hauptklapperkiste\AppData\Roaming\Babylon
[2012/02/24 17:07:30 | 000,000,000 | ---D | M] -- C:\Users\Hauptklapperkiste\AppData\Roaming\Canneverbe Limited
[2012/10/02 16:15:33 | 000,000,000 | ---D | M] -- C:\Users\Hauptklapperkiste\AppData\Roaming\DVDVideoSoft
[2012/09/15 16:03:07 | 000,000,000 | ---D | M] -- C:\Users\Hauptklapperkiste\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/03/07 14:41:40 | 000,000,000 | ---D | M] -- C:\Users\Hauptklapperkiste\AppData\Roaming\HD Tune Pro
[2012/09/15 16:03:27 | 000,000,000 | ---D | M] -- C:\Users\Hauptklapperkiste\AppData\Roaming\OpenCandy
[2012/09/10 14:13:54 | 000,000,000 | ---D | M] -- C:\Users\Hauptklapperkiste\AppData\Roaming\Panasonic
[2012/02/16 18:03:49 | 000,000,000 | ---D | M] -- C:\Users\Hauptklapperkiste\AppData\Roaming\PictureMover
[2012/09/15 16:06:11 | 000,000,000 | ---D | M] -- C:\Users\Hauptklapperkiste\AppData\Roaming\TuneUp Software
[2012/02/18 15:57:22 | 000,000,000 | ---D | M] -- C:\Users\Hauptklapperkiste\AppData\Roaming\WinBatch
========== Purity Check ==========
< End of report >
[code] und OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 10/3/2012 3:32:23 PM - Run 1
OTL by OldTimer - Version 3.2.70.1 Folder = C:\Users\Hauptklapperkiste\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7.96 Gb Total Physical Memory | 5.28 Gb Available Physical Memory | 66.35% Memory free
15.92 Gb Paging File | 12.78 Gb Available in Paging File | 80.26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1848.98 Gb Total Space | 1599.76 Gb Free Space | 86.52% Space Free | Partition Type: NTFS
Drive D: | 13.94 Gb Total Space | 1.72 Gb Free Space | 12.34% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 465.65 Gb Total Space | 21.43 Gb Free Space | 4.60% Space Free | Partition Type: FAT32
Computer Name: HAUPTKLAPPERKIS | User Name: Hauptklapperkiste | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{50B6F59A-CC0F-4BB9-AD83-53A780A948A3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8DD935D7-D6A9-4B11-BD70-1F3184BE71A5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02AF241D-0179-4327-99F3-FDDD508F8CDD}" = dir=in | app=c:\program files (x86)\tmbot\tm.exe |
"{05D6AC8A-530E-4455-9791-8667F6294A7D}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{06F14512-6B93-4A4F-AC62-EE3B3DA85739}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0D00679A-BFF9-4A8A-B996-E3BC70CB8003}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{0D9E4D4D-0B39-42DE-B82B-CF8F57D24E4F}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\company of heroes\reliccoh.exe |
"{1CDA2382-2B4C-40A7-8AD2-AE2170A0F8C9}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{292C0AD7-F830-4D30-A5A9-D87D487FA49B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{349C6F1A-EFCF-4063-B0F5-C1C0E78B32EC}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{3BBE74FF-D46A-4106-AD98-A237655E6D22}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3F3FD5C6-17CD-4EE2-91AE-96490679ECD7}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{40A1180A-2DCD-459F-AE33-0D39ED422ED8}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{42B5F65A-D659-42D1-88B3-A8EA7FC82F4D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{45E8B3DC-3D5B-469D-BCFA-A79760FEC1C2}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{49439DFC-2555-40BD-A6BD-4999D3B9DC32}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\video\hpmediasmartvideo.exe |
"{5A9D9E2B-2BD7-41A7-873A-F114678033AF}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{5E169857-5E3C-4BE2-BB00-D62E2CDCD4CD}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{5F7E1606-5AC8-409A-BCBB-E841D5075D9F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{60133666-0A7A-4905-B7AF-B28999B41020}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{746ED2EA-2497-49C3-8BBE-D5346256D909}" = dir=out | app=c:\program files (x86)\tmbot\tm.exe |
"{7BBE6AB9-799B-423D-881D-A0DF9B39A966}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{857A1E50-AAEE-4ACA-B6F6-5F48CA8A6B3C}" = protocol=17 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe |
"{867DDCBE-3E25-4801-BB0F-4A8FE4CDA81D}" = dir=in | app=c:\program files (x86)\tmbot\dj-browser.exe |
"{9C688191-FD3A-4F78-B7D4-76F98EAB8687}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\r.u.s.e\ruse.exe |
"{B1BC59A0-89C3-4A1A-8846-6D5974203816}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B6D13876-510F-4336-9B0A-0659B95E58AF}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{B71A1370-C4E1-4D5C-AFB5-A45ED6564807}" = dir=in | app=c:\program files (x86)\tmbot\tm-update.exe |
"{B7B557B9-9947-4FDB-8D90-225FE2F09C2C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{B9439471-AB28-441F-986B-07B5E0B202C4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C035AE26-867F-413F-9747-B4FB2089B29F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C793B4C2-5A3B-4DF5-BB73-6B92859F9D96}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{C8BCD584-8088-4822-8FA1-B7D8BC559435}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\r.u.s.e\ruse.exe |
"{CAD1EF0E-43D9-42ED-AD12-9641A1B23BB1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{CD314CEC-4ADF-49BE-9EFE-311A008522A0}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\photo\hpmediasmartphoto.exe |
"{CFCFEDCF-FD0A-46DC-A929-016BB2B7B494}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{D66892FE-8F22-458A-B156-6E4D3C1C3F7C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{D95BFF1E-C02A-45A5-BD6D-179525D1FD3F}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{E363E1DF-044B-4CAE-9DBF-50A8FCF90003}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{E9A867AF-B371-4922-88CE-19CA2FCC74A0}" = protocol=6 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe |
"{E9AF6F2C-6FDA-4025-B6CB-EE7280BD5D7A}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{EDF0FD53-E866-4A13-80E5-B6DD56991478}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\company of heroes\reliccoh.exe |
"{F9AAE966-D8C7-4A4F-9493-9C9F6567BCB9}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{FDD6F865-0E7C-40E6-AB27-164A67C9501A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series" = Canon iP4500 series
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}" = HP MediaSmart SmartMenu
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00030407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Small Business
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{465210C4-595A-BD80-44E8-E0457D9D8432}" = Zinio Reader 4
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{53469506-A37E-4314-A9D9-38724EC23A75}" = HP Setup
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}" = HP Support Information
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{8113EBFB-1524-4202-AECF-5F2C037FEF8C}" = VideoCam Suite
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{9EDF1A5D-D8E0-413E-9782-75DD4A8C831B}" = VideoCam Suite 1.0
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2012.build.51 (April 7, 2012) Version v2012.build.51
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}" = LightScribe System Software
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BabylonToolbar" = Babylon toolbar
"Canon iP4500 series Benutzerregistrierung" = Canon iP4500 series Benutzerregistrierung
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CDex" = CDex - Open Source Digital Audio CD Extractor
"Company of Heroes" = Company of Heroes
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EasyBits Magic Desktop" = Magic Desktop
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Free Studio_is1" = Free Studio version 5.7.3.915
"Google Chrome" = Google Chrome
"HP Remote Solution" = HP Remote Solution
"iLivid" = iLivid
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MusicStationNetstaller" = MusicStation
"My HP Game Console" = HP Game Console
"NIS" = Norton Internet Security
"PDF Complete" = PDF Complete Special Edition
"PricePeep" = PricePeep for Internet Explorer
"Softonic" = Softonic toolbar on IE
"Steam App 21970" = R.U.S.E
"Steam App 8930" = Sid Meier's Civilization V
"The KMPlayer" = The KMPlayer (remove only)
"TMbot_0" = TMbot 4.9.0
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT087330" = Bounce Symphony
"WT087361" = FATE
"WT087380" = John Deere Drive Green
"WT087394" = Penguins!
"WT087396" = Polar Bowler
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087480" = Insaniquarium Deluxe
"WT087485" = Jewel Quest II
"WT087490" = Jewel Quest Solitaire
"WT087501" = Plants vs. Zombies
"WT087510" = Slingo Deluxe
"WT087513" = Virtual Villagers - The Secret City
"WT087519" = Wedding Dash
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089303" = Build-a-Lot - The Elizabethan Era
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1" = Zinio Reader 4
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = KMPlayer Toolbar Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 9/20/2012 7:09:20 AM | Computer Name = Hauptklapperkis | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16448,
Zeitstempel: 0x4fecf1b7 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00033242 ID des fehlerhaften
Prozesses: 0x1710 Startzeit der fehlerhaften Anwendung: 0x01cd971f6492e895 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: a00562df-0313-11e2-9e51-6c626dba2250
Error - 9/20/2012 8:26:51 AM | Computer Name = Hauptklapperkis | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16448,
Zeitstempel: 0x4fecf1b7 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00033242 ID des fehlerhaften
Prozesses: 0x142c Startzeit der fehlerhaften Anwendung: 0x01cd9720d0fe1276 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 73be8a26-031e-11e2-9e51-6c626dba2250
Error - 9/20/2012 8:26:52 AM | Computer Name = Hauptklapperkis | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16448,
Zeitstempel: 0x4fecf1b7 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce903 ID des fehlerhaften
Prozesses: 0x142c Startzeit der fehlerhaften Anwendung: 0x01cd9720d0fe1276 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 74dd44c9-031e-11e2-9e51-6c626dba2250
Error - 9/20/2012 8:29:00 AM | Computer Name = Hauptklapperkis | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16448,
Zeitstempel: 0x4fecf1b7 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00033242 ID des fehlerhaften
Prozesses: 0x304 Startzeit der fehlerhaften Anwendung: 0x01cd972b3b74093b Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: c124c0b7-031e-11e2-9e51-6c626dba2250
Error - 9/22/2012 9:52:47 AM | Computer Name = Hauptklapperkis | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16448,
Zeitstempel: 0x4fecf1b7 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00032f02 ID des fehlerhaften
Prozesses: 0x504 Startzeit der fehlerhaften Anwendung: 0x01cd98c3b545a81e Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: c9fc20e9-04bc-11e2-bdf0-6c626dba2250
Error - 9/22/2012 1:06:37 PM | Computer Name = Hauptklapperkis | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 9/23/2012 9:14:39 AM | Computer Name = Hauptklapperkis | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 9/23/2012 9:49:06 AM | Computer Name = Hauptklapperkis | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16450,
Zeitstempel: 0x503723f6 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00033242 ID des fehlerhaften
Prozesses: 0x580 Startzeit der fehlerhaften Anwendung: 0x01cd997c9d06e0ca Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 70fc3a0c-0585-11e2-9380-6c626dba2250
Error - 9/24/2012 8:18:51 AM | Computer Name = Hauptklapperkis | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16450,
Zeitstempel: 0x503723f6 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00032f02 ID des fehlerhaften
Prozesses: 0xf60 Startzeit der fehlerhaften Anwendung: 0x01cd9a3dcbf98402 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: ffb60dcd-0641-11e2-9e52-6c626dba2250
Error - 9/24/2012 9:58:10 AM | Computer Name = Hauptklapperkis | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
[ Hewlett-Packard Events ]
Error - 5/10/2012 7:33:28 AM | Computer Name = Hauptklapperkis | Source = HPSF.exe | ID = 4000
Description =
Error - 5/12/2012 3:02:15 PM | Computer Name = Hauptklapperkis | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262 bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Das Objekt des Typs "System.DBNull"
kann nicht in Typ "System.String" umgewandelt werden. StackTrace: bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 8151 Ram Utilization: 20 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)
Error - 5/12/2012 3:02:15 PM | Computer Name = Hauptklapperkis | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Das Objekt des Typs "System.DBNull"
kann nicht in Typ "System.String" umgewandelt werden. StackTrace: bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 8151 Ram Utilization: 20 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)
Error - 5/14/2012 6:51:23 AM | Computer Name = Hauptklapperkis | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262 bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Das Objekt des Typs "System.DBNull"
kann nicht in Typ "System.String" umgewandelt werden. StackTrace: bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 8151 Ram Utilization: 20 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)
Error - 5/19/2012 3:03:31 PM | Computer Name = Hauptklapperkis | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262 bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Das Objekt des Typs "System.DBNull"
kann nicht in Typ "System.String" umgewandelt werden. StackTrace: bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 8151 Ram Utilization: 20 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)
Error - 5/19/2012 3:03:31 PM | Computer Name = Hauptklapperkis | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Das Objekt des Typs "System.DBNull"
kann nicht in Typ "System.String" umgewandelt werden. StackTrace: bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 8151 Ram Utilization: 20 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)
Error - 5/26/2012 3:19:41 PM | Computer Name = Hauptklapperkis | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262 bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Das Objekt des Typs "System.DBNull"
kann nicht in Typ "System.String" umgewandelt werden. StackTrace: bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 8151 Ram Utilization: 20 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)
Error - 5/26/2012 3:19:41 PM | Computer Name = Hauptklapperkis | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Das Objekt des Typs "System.DBNull"
kann nicht in Typ "System.String" umgewandelt werden. StackTrace: bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 8151 Ram Utilization: 20 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)
Error - 6/2/2012 3:56:59 PM | Computer Name = Hauptklapperkis | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262 bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Das Objekt des Typs "System.DBNull"
kann nicht in Typ "System.String" umgewandelt werden. StackTrace: bei HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: de-DE RAM: 8151 Ram Utilization: TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)
[ System Events ]
Error - 9/7/2012 10:59:15 AM | Computer Name = Hauptklapperkis | Source = BugCheck | ID = 1001
Description =
Error - 9/7/2012 10:59:44 AM | Computer Name = Hauptklapperkis | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 9/7/2012 10:59:44 AM | Computer Name = Hauptklapperkis | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 9/9/2012 7:05:04 AM | Computer Name = Hauptklapperkis | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 9/9/2012 7:05:04 AM | Computer Name = Hauptklapperkis | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 9/9/2012 8:22:03 AM | Computer Name = Hauptklapperkis | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 9/11/2012 8:12:46 AM | Computer Name = Hauptklapperkis | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?11.?09.?2012 um 13:59:41 unerwartet heruntergefahren.
Error - 9/11/2012 8:15:40 AM | Computer Name = Hauptklapperkis | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?11.?09.?2012 um 14:13:39 unerwartet heruntergefahren.
Error - 9/13/2012 2:50:34 AM | Computer Name = HAUPTKLAPPERKIS | Source = BugCheck | ID = 1001
Description =
Error - 9/13/2012 12:11:35 PM | Computer Name = Hauptklapperkis | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
< End of report >
[code] Habe im Norton Verlauf gefunden das der Trojaner kaum benutz wurde , seit einer Woche erts bei norton bekannt ist und manuell in Quarantäne isoliert ist. Ich aknn den jetzt wiederherstellen, löschen oder an Symntec schicke, wie ich den log bekomm steht da leider nicht So gibt ledier noch ein probelm-deswegen schreib ich vom 2. pc - der 1. betroffene hat jetzt ein shut down windows 7 - das heisst es läuft eine re-installation nach werkseinstellung-lies sich nicht vermeiden-was kann ich jetzt noch tun mit der externen festplatte ? |
|
03.10.2012, 19:38
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | e621ca05- externe Festplatte nicht erreichbar Hast du kein Handbuch zu deinem Kommerz-Scanner von Norton?  Wie können hier nun wirklich nicht zu jedem der Dutzenden Virenscanner in jeder Version die es gibt eine bebilderte Anleitung aus dem Ärmel schütteln
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu e621ca05- externe Festplatte nicht erreichbar |
| anhang, antivirus, einfach, entschlüsseln, erkannt, erledigt, erreichbar, externe festplatte, festplatte, guten, komplett, natürlich, neu, platte, problem, schlüsseln, skype, system, test, texte, tool, trojaner, vernetzen, woche |
Linear-Darstellung
