| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: VISTA,weißer Bildschirm, kein abgesicherter Modus :-(Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
21.01.2013, 20:49
| #1 |
| |  VISTA,weißer Bildschirm, kein abgesicherter Modus :-( Hallo, meinen Sohn hat es nun auch erwischt, habe mich ein bischen eingelesen und poste mal meine logfiles. ich hoffe es kann mir jemand helfen OTL.txt Code:
ATTFilter OTL logfile created on: 1/21/2013 8:26:12 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.90 Gb Total Space | 170.70 Gb Free Space | 59.29% Space Free | Partition Type: NTFS
Drive D: | 1.89 Gb Total Space | 1.88 Gb Free Space | 99.50% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (yksvc) -- C:\Windows\System32\ykx32mpcoinst.dll (Marvell)
SRV - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe (Realtek Semiconductor)
SRV - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (VBFilt) -- File not found
DRV - (VBEngNT) -- File not found
DRV - (SandBox) -- File not found
DRV - (NwlnkFwd) -- File not found
DRV - (NwlnkFlt) -- File not found
DRV - (MpKsla0a94a57) -- File not found
DRV - (IpInIp) -- File not found
DRV - (IntcHdmiAddService) Intel(R) -- File not found
DRV - (igfx) -- File not found
DRV - (ASWFilt) -- File not found
DRV - (ApfiltrService) -- File not found
DRV - (afwcore) -- File not found
DRV - (afw) -- File not found
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MpKsl92e8952c) -- C:\Windows\System32\MpEngineStore\MpKsl92e8952c.sys (Microsoft Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (risdptsk) -- C:\Windows\System32\drivers\risdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (PVUSB) -- C:\Windows\System32\drivers\CESG502.sys (Hitachi Semiconductor and Devices Sales Co.,Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Ma77i_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
IE - HKU\Ma77i_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\Ma77i_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Ma77i_ON_C\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKU\Ma77i_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\System32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ [2012/12/25 08:57:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/11 10:59:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/21 14:48:57 | 000,000,000 | ---D | M]
[2012/12/06 13:43:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/12/06 13:43:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/01/11 10:59:42 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/09 12:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012/10/24 17:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/05/02 10:31:57 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/10/24 17:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/24 17:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/01/05 08:42:47 | 000,002,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2012/10/24 17:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/06/16 03:16:29 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012/10/24 17:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/10/24 17:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\Ma77i\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\Ma77i_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Ma77i_ON_C..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\Ma77i_ON_C..\Run: [Clownfish] C:\Program Files\Clownfish\Clownfish.exe (Bogdan Sharkov)
O4 - HKU\Ma77i_ON_C..\Run: [Facebook Update] C:\Users\Ma77i\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\Ma77i_ON_C..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\Ma77i_ON_C..\Run: [Media Finder] File not found
O4 - HKU\Ma77i_ON_C..\Run: [MobileDocuments] File not found
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe (Microsoft Corporation)
O4 - Startup: Error locating startup folders.
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.10.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\Ma77i_ON_C Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\Ma77i_ON_C Winlogon: Shell - (C:\Users\Ma77i\AppData\Roaming\skype.dat) - C:\Users\Ma77i\AppData\Roaming\skype.dat ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/01/21 20:24:02 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2013/01/21 20:06:40 | 000,000,000 | -HSD | C] -- C:\Users\All Users
[2013/01/21 20:03:59 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/01/21 13:42:09 | 000,000,000 | ---D | C] -- C:\Users
[2013/01/10 13:05:04 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/01/10 13:04:03 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013/01/03 09:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clownfish
[2012/12/29 19:00:41 | 000,000,000 | ---D | C] -- C:\Users\Ma77i\AppData\Roaming\gtk-2.0
[2012/12/25 08:57:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2012/12/25 08:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2012/12/25 07:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/01/21 19:29:12 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/01/21 19:29:12 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013/01/21 13:51:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/21 13:51:30 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/01/21 13:48:44 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/21 13:48:44 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/21 13:47:36 | 3186,651,136 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/21 13:41:27 | 313,125,249 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/01/21 10:30:19 | 000,000,004 | ---- | M] () -- C:\Users\Ma77i\AppData\Roaming\skype.ini
[2013/01/21 10:27:53 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/21 10:27:17 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/21 10:03:42 | 000,644,136 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013/01/21 10:03:42 | 000,600,690 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/21 10:03:42 | 000,131,388 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013/01/21 10:03:42 | 000,108,572 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/21 09:27:34 | 000,259,728 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/11 10:27:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/11 09:27:14 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/01/11 09:27:14 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/01/11 09:11:30 | 000,000,129 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2013/01/09 08:54:08 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-643174421-3187612993-1779399453-1000UA.job
[2013/01/09 08:54:01 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-643174421-3187612993-1779399453-1000Core.job
[2013/01/05 07:09:16 | 000,059,023 | ---- | M] () -- C:\Users\Ma77i\Desktop\27991_106086939564715_27429362_n[1].jpg
[2013/01/04 18:21:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013/01/04 18:19:50 | 000,001,960 | ---- | M] () -- C:\Users\Ma77i\Desktop\iCloud.lnk
[2013/01/04 12:29:20 | 000,014,817 | ---- | M] () -- C:\Users\Ma77i\Documents\fv4005_stage2 (1).jpg
[2013/01/04 12:03:08 | 000,083,312 | ---- | M] () -- C:\Users\Ma77i\Desktop\frisuren_fuer_maenner_2_280.jpg
[2013/01/04 12:03:05 | 000,072,291 | ---- | M] () -- C:\Users\Ma77i\Desktop\frisuren_fuer_maenner_3_280.jpg
[2013/01/03 09:16:03 | 000,001,686 | ---- | M] () -- C:\Users\Ma77i\Desktop\Clownfish.lnk
[2013/01/03 09:16:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clownfish
[2012/12/30 07:13:54 | 000,075,899 | ---- | M] () -- C:\Users\Ma77i\Desktop\DIE RÜHLE.odt
[2012/12/28 16:00:13 | 000,001,191 | ---- | M] () -- C:\Users\Ma77i\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free YouTube to MP3 Converter.lnk
[2012/12/28 13:29:14 | 000,029,184 | ---- | M] () -- C:\Users\Ma77i\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/25 08:57:53 | 000,001,191 | ---- | M] () -- C:\Users\Ma77i\Desktop\Free YouTube to MP3 Converter.lnk
[2012/12/25 08:57:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012/12/25 07:39:25 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/12/25 07:39:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/01/21 19:29:12 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013/01/21 19:29:12 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013/01/21 09:45:00 | 3186,651,136 | -HS- | C] () -- C:\hiberfil.sys
[2013/01/11 11:01:47 | 000,000,004 | ---- | C] () -- C:\Users\Ma77i\AppData\Roaming\skype.ini
[2013/01/05 07:09:38 | 000,059,023 | ---- | C] () -- C:\Users\Ma77i\Desktop\27991_106086939564715_27429362_n[1].jpg
[2013/01/04 18:19:50 | 000,001,960 | ---- | C] () -- C:\Users\Ma77i\Desktop\iCloud.lnk
[2013/01/04 12:29:10 | 000,014,817 | ---- | C] () -- C:\Users\Ma77i\Documents\fv4005_stage2 (1).jpg
[2013/01/04 12:03:08 | 000,083,312 | ---- | C] () -- C:\Users\Ma77i\Desktop\frisuren_fuer_maenner_2_280.jpg
[2013/01/04 12:03:05 | 000,072,291 | ---- | C] () -- C:\Users\Ma77i\Desktop\frisuren_fuer_maenner_3_280.jpg
[2012/12/29 19:22:41 | 000,075,899 | ---- | C] () -- C:\Users\Ma77i\Desktop\DIE RÜHLE.odt
[2012/12/28 16:00:13 | 000,001,191 | ---- | C] () -- C:\Users\Ma77i\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free YouTube to MP3 Converter.lnk
[2012/12/25 08:57:53 | 000,001,191 | ---- | C] () -- C:\Users\Ma77i\Desktop\Free YouTube to MP3 Converter.lnk
[2012/11/22 16:03:20 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012/11/18 12:31:22 | 095,023,320 | ---- | C] () -- C:\ProgramData\0tbpw.pad
[2012/02/10 09:41:01 | 000,056,320 | ---- | C] () -- C:\Users\Ma77i\AppData\Roaming\skype.dat
[2012/02/01 06:09:31 | 000,000,129 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2012/01/05 08:40:45 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2012/01/03 08:47:33 | 000,001,356 | ---- | C] () -- C:\Users\Ma77i\AppData\Local\d3d9caps.dat
[2011/12/26 04:30:09 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/12/26 04:30:09 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/12/19 11:20:05 | 000,029,184 | ---- | C] () -- C:\Users\Ma77i\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/18 11:45:51 | 000,017,408 | ---- | C] () -- C:\Users\Ma77i\AppData\Local\WebpageIcons.db
[2010/06/08 08:19:24 | 000,692,224 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2010/06/08 08:19:24 | 000,151,552 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2009/05/15 12:22:04 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2009/05/15 12:21:55 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/05/15 12:21:55 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009/05/15 12:21:55 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009/05/15 12:21:55 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2009/05/15 12:21:55 | 000,011,264 | ---- | C] () -- C:\Windows\System32\atimuixx.dll
[2009/05/15 04:05:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/05/15 03:57:27 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/05/15 03:04:32 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/01/21 02:15:58 | 000,644,136 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/01/21 02:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/01/21 02:15:58 | 000,131,388 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/01/21 02:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006/12/01 04:36:02 | 000,011,264 | ---- | C] () -- C:\Windows\System32\sssegfilter.dll
[2006/12/01 04:36:00 | 000,217,088 | ---- | C] () -- C:\Windows\System32\ssminidriver.dll
[2006/12/01 04:35:58 | 000,027,136 | ---- | C] () -- C:\Windows\System32\ssimgfilter.dll
[2006/12/01 04:35:54 | 000,010,752 | ---- | C] () -- C:\Windows\System32\sserrhandler.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,259,728 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,600,690 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,108,572 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== LOP Check ==========
[2012/05/02 10:31:49 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\Babylon
[2012/11/07 08:22:33 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\CASIO
[2012/12/25 08:57:53 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\DVDVideoSoft
[2012/12/25 08:57:55 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/12/29 19:02:44 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\gtk-2.0
[2011/12/25 06:11:14 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\Leadertech
[2012/03/22 10:06:29 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\Media Finder
[2011/12/21 08:45:37 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\OpenOffice.org
[2012/11/24 05:09:03 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\TS3Client
[2012/11/23 11:34:21 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\ts3overlay
[2012/11/16 12:46:28 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\TuneUp Software
[2012/11/22 11:21:08 | 000,000,000 | ---D | M] -- C:\Users\Ma77i\AppData\Roaming\wargaming.net
[2012/12/25 07:39:24 | 000,000,000 | ---D | M] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/11/01 04:30:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Age of Empires 3
[2012/11/16 13:37:19 | 000,000,000 | ---D | M] -- C:\ProgramData\Agnitum
[2011/12/17 14:32:46 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/05/02 10:31:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2012/06/17 04:20:16 | 000,000,000 | ---D | M] -- C:\ProgramData\boost_interprocess
[2012/11/07 08:21:40 | 000,000,000 | ---D | M] -- C:\ProgramData\CASIO
[2012/11/16 12:45:37 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2011/12/17 14:32:46 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2012/01/06 14:34:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2011/12/17 14:32:46 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/03/22 09:54:30 | 000,000,000 | ---D | M] -- C:\ProgramData\InstallMate
[2012/10/30 12:29:16 | 000,000,000 | ---D | M] -- C:\ProgramData\mquadr.at
[2012/03/22 09:54:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Premium
[2012/01/01 12:39:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Roaming
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/12/17 14:32:46 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2012/02/05 13:45:28 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2012/11/16 12:46:29 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
[2011/12/17 14:32:46 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2012/03/06 09:57:47 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2012/03/22 10:03:19 | 000,000,000 | ---D | M] -- C:\ProgramData\wxDfast
[2012/11/16 12:57:20 | 000,000,000 | -H-D | M] -- C:\ProgramData\{3192C226-BD81-479F-822D-6CF72EE1AB45}
[2012/02/01 06:17:45 | 000,000,000 | -HSD | M] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/03/24 04:04:41 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/11/16 12:45:37 | 000,000,000 | -HSD | M] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/01/09 08:54:01 | 000,001,116 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-643174421-3187612993-1779399453-1000Core.job
[2013/01/09 08:54:08 | 000,001,138 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-643174421-3187612993-1779399453-1000UA.job
[2013/01/21 13:51:30 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Users\Ma77i\Desktop\unleashed.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Ma77i\Desktop\unknown.identity.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Ma77i\Desktop\Ohne Limit.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Ma77i\Desktop\Leg dich nicht mit Zohan an.avi:TOC.WMV
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
Code:
ATTFilter OTL Extras logfile created on: 1/21/2013 8:26:12 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.90 Gb Total Space | 170.70 Gb Free Space | 59.29% Space Free | Partition Type: NTFS
Drive D: | 1.89 Gb Total Space | 1.88 Gb Free Space | 99.50% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Users\Ma77i\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Users\Ma77i\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C8CT1}_is1" = World of Tanks - Common Test
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi Software
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{5DDB3393-E08B-447E-925F-6C00B95D0FE7}" = iCloud
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Energie Verwaltung
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A049681D-5E6C-4F9B-9860-4289E7AEB426}" = fx-9860GII Manager PLUS (90 Day Trial)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}" = Microsoft Xbox 360 Accessories 1.2
"{AC76BA86-7AD7-1031-7B44-A90100000001}" = Adobe Reader 9.0.1 - Deutsch
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EAC2DDAB-5035-44EE-AA13-65D40CF46FF1}" = Kabel Deutschland Installations-Software
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FB47E710-6249-4EFA-BE36-E922B0612AF4}" = CASIO FA-124
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Clownfish" = Clownfish for Skype
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"dt icon module" =
"Free YouTube Download_is1" = Free YouTube Download version 3.0.20.1228
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"Google Chrome" = Google Chrome
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"IpodConverter_is1" = IpodConverter 1.1
"Kabel Deutschland Installations-Software" = Kabel Deutschland Installations-Software
"MFU Module" =
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"ProInst" = Intel PROSet Wireless
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The KMPlayer" = The KMPlayer (remove only)
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"VAIO Help and Support" =
"VLC media player" = VLC media player 2.0.0
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.11
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\Ma77i_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FLV Player" = FLV Player
"Winamp Detect" = Winamp Erkennungs-Plug-in
< End of report >
|
| Themen zu VISTA,weißer Bildschirm, kein abgesicherter Modus :-( |
| .dll, adobe flash player, autorun, bho, bildschirm, bonjour, defender, desktop, error, explorer, firefox, flash player, format, helper, home, install.exe, launch, mp3, object, plug-in, realtek, registry, rundll, scan, security, software, teamspeak, vista |
Baum-Darstellung