03.01.2013, 12:55
|
#1 |
| |  GvU der zweite Streich
 Hier der 2. streich der Pc meiner frau Malwarebyte bereits erldigt.
Malware wurde durchgeführt gleich nachdem der gvu Bildschirm kam. noch vor dem ersten booten.
OTL extras Zitat:
OTL Extras logfile created on: 03.01.2013 00:08:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XXXXX\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,96 Gb Total Physical Memory | 6,15 Gb Available Physical Memory | 77,26% Memory free
15,91 Gb Paging File | 13,85 Gb Available in Paging File | 87,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,18 Gb Total Space | 870,22 Gb Free Space | 94,47% Space Free | Partition Type: NTFS
Drive F: | 2,98 Mb Total Space | 2,98 Mb Free Space | 100,00% Space Free | Partition Type: FAT
Computer Name: OOO-DELL | User Name: XXXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2093221596-2903614234-1127370746-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A1877E2-3058-4125-B75E-8E6AC9BCACFC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0C008F3A-8F43-46A7-9E51-C0F4A4AA9E82}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0D0B6C9B-BEF3-43A3-8F4D-770E628B3FEF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0D9F535D-48D4-489A-845F-C7E3BE5DC5DA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{11386393-529E-4E86-A567-281CF32C9723}" = lport=139 | protocol=6 | dir=in | app=system |
"{313E106B-C396-4B58-95DE-78C25E94E2A2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3D0E8277-55AE-41B7-AEEF-4B3BE7B21495}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4DBD29F7-E68A-456F-AD7C-CC4B6C917D6D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6C1FA1E2-268E-4F28-8D12-FDC15ED198F6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{82A6FDAB-4105-4D18-AD92-61C97AF96380}" = rport=137 | protocol=17 | dir=out | app=system |
"{95996B62-3E9C-4D2B-B1F0-1D30804BC9FF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9C04BBD8-B8D0-4D57-AA69-E7210AD65E51}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A1A84A01-A666-4659-A8DD-37480687F315}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AEAD77CE-BBAB-41A0-B9AD-44082277592B}" = rport=138 | protocol=17 | dir=out | app=system |
"{B6C76B30-9CBA-4D93-9463-BA04B06C58DA}" = rport=445 | protocol=6 | dir=out | app=system |
"{B8EA66F5-6B41-4167-9FBD-EF3B51D5463F}" = lport=445 | protocol=6 | dir=in | app=system |
"{BFDD2283-1BFD-4F72-BC14-EA6076E302B8}" = lport=137 | protocol=17 | dir=in | app=system |
"{D3B90446-A85B-486A-8110-B279C3E362C0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E6CE785D-D776-4DEB-BB3E-B4FA88842290}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E93FC70C-AC0B-42D3-9F1E-CDE0C281CE1B}" = lport=138 | protocol=17 | dir=in | app=system |
"{F56CCEAF-9390-4D4E-BE53-62C35D40661F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F973A039-A8E1-4841-91D3-840D34E453F0}" = rport=139 | protocol=6 | dir=out | app=system |
"{FFDBE6F2-85A5-4E1A-86BC-C7E521BC767C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028FCDAD-B370-45D4-AAC2-3737462D311F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{0EA8F705-66E8-4BA4-A465-9DE853611FCE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{1A6BB589-E48E-4640-9C6F-C4FFDB2E6DAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1EF080A4-931F-4C27-B129-98CF74E9A464}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2A32B403-656A-4746-A37C-B85D6125A951}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{2BE6CDE0-129A-45E8-A380-CBB7EFD1787C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3A42C32F-8A5D-43B0-84D5-CA0454F87ACC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3C2C30F3-BB51-4B6A-A9F1-782B3FEEB26B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{510EDFB3-0748-4D1F-AC35-09B5FA1CF856}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{55F01DA8-5D17-487A-942C-9E0BFB80F5C2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{6137A8C4-0AA9-48A8-A3F5-60C2C2CF791C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{62047110-0003-4FF1-B13D-C296E5B82F30}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{660DD3A2-3932-486A-ABC3-DEE85EFBD726}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7003E433-5AED-437B-AAC8-4C9EB92BA227}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7A643BB3-C358-4D91-9D81-B9B59C866FFE}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7B698536-4323-4F9C-B1D4-57C4943CCDE3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{83552D5D-C1FD-4808-9D65-DFDA7C540957}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8A3BB442-CC50-452B-A2B1-8C317FD593F2}" = protocol=6 | dir=out | app=system |
"{8A71CD46-5AB6-43FD-BCD8-ACAE7FE4278B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8BBC92FC-44F6-4A33-AA00-5804042851A5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AAACE612-590A-41BC-AA3F-A37D0B0D08AC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BB9B86DB-F795-4EBE-A0C5-7C920E049504}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C915A699-CC34-402E-9036-244722CAE9D3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C9BB5E0C-6BB1-4256-884A-E14A6FF1EF70}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D6442C5A-6C81-48CF-875A-713A88DBB7BB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D878B432-8FB2-4EE7-B6DA-536DE0D590EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F42B92CC-790E-47B3-B2BC-D1D3E79A9942}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F6A90F62-0F4A-4269-89F2-204F659F39F8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{4EA3E609-CA21-4856-A4BE-E84D2A61F0DB}C:\program files (x86)\fritz!\frifax32.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!\frifax32.exe |
"TCP Query User{A7993D48-55AA-40FB-A1EA-92A9C31E2E77}C:\users\XXXXX\appdata\local\temp\_istmp1.dir\_ins5576._mp" = protocol=6 | dir=in | app=c:\users\XXXXX\appdata\local\temp\_istmp1.dir\_ins5576._mp |
"UDP Query User{6FF948E8-8516-4885-AEDF-0309936316A4}C:\users\XXXXX\appdata\local\temp\_istmp1.dir\_ins5576._mp" = protocol=17 | dir=in | app=c:\users\XXXXX\appdata\local\temp\_istmp1.dir\_ins5576._mp |
"UDP Query User{8B166642-4737-472C-B4E1-2FA506286CEB}C:\program files (x86)\fritz!\frifax32.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!\frifax32.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software Installer
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{100E94A6-F85A-E828-9EE3-C1DD14706B6A}" = AMD Catalyst Install Manager
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{2EECD5EF-5095-467C-B80C-4AB3096EFD60}" = SPBA 5.9
"{30C2392C-C7D6-4FE2-9617-05D2C6E9D3EE}" = Wave Infrastructure Installer
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3DCDFCDB-4D96-4CF0-9BB3-C91DAE9073F3}" = PC-CCID
"{4E60E212-3177-4B16-BCB3-616CCC52357D}" = Upek Touchchip Fingerprint Reader
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50B4B603-A4C6-4739-AE96-6C76A0F8A388}" = Dell Backup and Recovery Manager
"{5F5CBF39-BD29-43C8-B63A-B9758F0FD090}" = EMBASSY Client Core
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6438A99C-A37E-4758-A0AE-95F8A63AAFF5}" = Intel(R) Network Connections 16.8.45.00
"{6AC87FB3-ACFC-4416-890C-8976D5A9B371}" = Trusted Drive Manager
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7206B668-FEE0-455B-BB1F-9B5A2E0EC94A}" = Custom
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{91CE5F03-3A2A-4268-935A-04944F058AE9}" = Gemalto
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DAED4FC-2B0E-4F3F-8141-F2ABF02CCFCB}" = BioAPI Framework
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Data Protection | Access
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{D021AEE9-18D2-1F56-46DA-CD72CA3E97F0}" = ccc-utility64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E9A97832-83B6-42B6-BAC6-492E344C2561}" = NTRU TCG Software Stack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F839C6BD-E92E-48FA-9CE6-7BFAF94F7096}" = DellAccess
"9512AA21B791B05A54E27065C45BBC417AB282DF" = Windows-Treiberpaket - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
"doPDF 7 printer_is1" = doPDF 7.3 printer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PROSetDX" = Intel(R) Network Connections 16.8.45.00
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{041EDAC5-853E-4A10-A0C8-ED0CF7769306}" = PE-DESIGN NEXT
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{123DE6D6-9566-4777-AC81-E6D86FFA95DA}" = HL-4140CN
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{210DD1FC-AAF8-4357-25FE-89E699BDB62E}" = CCC Help Greek
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{27B201A5-A73B-1E7E-0C62-978A1B4A6696}" = CCC Help Danish
"{29725F9E-027A-22DC-7B17-9413A5C5E51C}" = CCC Help Polish
"{2B2B45B1-3CA0-4F8D-BBB3-AC77ED46A0FE}" = Dell Client System Update
"{2E1BA46C-A45B-F2C8-1197-0CEB4EB77F70}" = CCC Help Hungarian
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3528D412-5EEA-AAEA-AF64-9ADEE903D7D5}" = CCC Help English
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{383FCD28-9484-48AC-9397-C8FCD9D8F76E}" = Catalyst Control Center - Branding
"{39D555D6-3DB9-B304-042B-185E5FEBEF97}" = Catalyst Control Center InstallProxy
"{3D8BC028-6977-2124-8314-A480AFD53C20}" = CCC Help Korean
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F5AF1A5-68C6-63B6-9550-B0BBDEFCA76F}" = CCC Help Chinese Standard
"{40B415DD-63CB-7269-F7F8-BD2A06792785}" = CCC Help French
"{4587AD12-30F6-F902-299B-BD8428E7F090}" = Catalyst Control Center
"{48614A34-564D-1F2B-7D2E-8814113BDEA8}" = CCC Help Dutch
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B055C77-BC0F-623F-5A73-F7D5012987DB}" = CCC Help Finnish
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{54ED5964-9FEF-C9F8-F5D7-2663AFFD0C13}" = CCC Help Czech
"{63218538-4A69-497F-8455-904261B0E9E4}" = CorelDRAW Graphics Suite X3
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{703BB500-F54C-4F33-9D3C-D7A28CEAFBCF}" = toolkit32for64bit
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{751F6C35-7A18-EAB6-AD50-ADAA4C5DD103}" = Catalyst Control Center Profiles Desktop
"{768012C6-AB93-3FDE-C3F6-6C0606948568}" = CCC Help Italian
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78C07322-CA1D-98B6-14CE-476F125081B2}" = CCC Help Swedish
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{850C7BC5-8CBC-4635-552E-C0AD6A0EA01E}" = Catalyst Control Center Graphics Previews Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B8EE744-5D73-3AAC-52FB-43517C1CFA0B}" = CCC Help Spanish
"{8C0600A3-E772-4FC8-A67D-ED110E69665C}" = Wave Crypto Runtime 2.0.7.0 x86
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA6A274-9C75-40B4-991F-01482D89D1A7}" = Linkury Smartbar
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3A232F-57E6-595E-1F77-637AFF16580C}" = CCC Help Thai
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A282AFAB-F862-FF2E-44FB-22AA15E54AAA}" = CCC Help Chinese Traditional
"{A69EAF80-2710-6AD2-8515-2C27CE1B5802}" = CCC Help Turkish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AE72A9DF-CF98-6D61-841E-32EBD9A2A74E}" = CCC Help Portuguese
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B15E6BBB-6AB4-3B2B-54AE-A1B874FA5469}" = CCC Help German
"{B202B201-5D15-4CA7-A978-047AB4A28960}" = PE-DESIGN Ver.6
"{BA02FAF3-7AEE-4B07-A7F8-5AF7F81EB940}" = DRAWings X3
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6A344E9-6D72-560C-4A5E-93E6CA0EDDF7}" = CCC Help Russian
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{C9FB6FFC-B3D2-4AA0-AC05-73DB7796B638}" = DE
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D10D4895-3630-B0A7-B575-7D1735E588A7}" = CCC Help Norwegian
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3C7FDC9-0B49-A5EC-7987-3C17D7045462}" = CCC Help Japanese
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FBFD7411-739D-B207-5B40-59EF15873810}" = Catalyst Control Center Localization All
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CDex" = CDex - Open Source Digital Audio CD Extractor
"DAEMON Tools Lite" = DAEMON Tools Lite
"FRITZ! 2.0" = AVM FRITZ!fax für FRITZ!Box
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2093221596-2903614234-1127370746-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"{EE20E438-B675-4421-AB07-928F0EC9FB22}_is1" = Albelli Fotobücher
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 07.12.2012 09:31:25 | Computer Name = OOO-Dell | Source = WinMgmt | ID = 10
Description =
Error - 07.12.2012 13:23:15 | Computer Name = OOO-Dell | Source = WinMgmt | ID = 10
Description =
Error - 07.12.2012 13:31:34 | Computer Name = OOO-Dell | Source = WinMgmt | ID = 10
Description =
[ DRAWings Events ]
Error - 08.12.2012 08:02:10 | Computer Name = OOO-Dell | Source = DRAWingsApp | ID = 4001
Description = CBU key not attached
Error - 08.12.2012 08:02:45 | Computer Name = OOO-Dell | Source = DRAWingsApp | ID = 4001
Description = CBU key not attached
Error - 08.12.2012 08:03:04 | Computer Name = OOO-Dell | Source = DRAWingsApp | ID = 4001
Description = CBU key not attached
Error - 08.12.2012 08:03:36 | Computer Name = OOO-Dell | Source = DRAWingsApp | ID = 4001
Description = CBU key not attached
Error - 09.12.2012 05:25:16 | Computer Name = OOO-Dell | Source = DRAWingsApp | ID = 4003
Description = Last exception was unhandled.
[ System Events ]
Error - 11.12.2012 19:52:29 | Computer Name = OOO-Dell | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk2\DR10.
Error - 11.12.2012 19:52:29 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR10
gefunden.
Error - 15.12.2012 11:54:02 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR11
gefunden.
Error - 15.12.2012 11:54:03 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR11
gefunden.
Error - 15.12.2012 11:54:03 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR11
gefunden.
Error - 16.12.2012 18:04:45 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19
gefunden.
Error - 16.12.2012 18:04:45 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19
gefunden.
Error - 16.12.2012 18:04:45 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19
gefunden.
Error - 16.12.2012 18:04:45 | Computer Name = OOO-Dell | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR19
gefunden.
Error - 26.12.2012 17:08:19 | Computer Name = OOO-Dell | Source = Service Control Manager | ID = 7001
Description = Der Dienst "NTRU TSS v1.2.1.37 TCS" ist vom Dienst "TPM-Basisdienste"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%0
< End of report >
|
|
Baum-Darstellung