|
Log-Analyse und Auswertung: Daten auf Festplatte überspielen und neu aufsetzen nach GVU-TrojanerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
31.03.2013, 14:02 | #1 |
| Daten auf Festplatte überspielen und neu aufsetzen nach GVU-Trojaner Hallo Community, was ich hier schildere ist mein erstes Virenproblem und somit auch meine erste Erfahrung im "Beseitigen" dieser. Ich bitte daher um Nachsicht, falls ich mich etwas ungeschickt anstellen sollte. Hier mein Fall: Auch mich erwischte der GVU-Trojaner vor einiger Zeit, mir wurde geraten, einfach das System wiederherzustellen und ich könnte wieder auf den Desktop zugreifen. Dies funktionierte auch prima und alles ist wie eh und je. Jetzt hab ich gelesen, dass der Trojaner immer noch "im verborgenen" im Pc festsitzt und möglicherweise sogar meine Daten ausspioniert. Deswegen möchte ich jetzt gerne meinen PC "neu aufsetzen", vorher jedoch wichtige Bilder und Daten auf eine (neue, nicht befallene) externe Festplatte überspielen, ohne dass mir dabei die Festplatte verseucht wird. Ich habe bereits etwas von einer "Live-Disc" gehört, weiß aber nicht so recht damit etwas anzufangen. Über eine Schritt für Schritt-Anleitung wäre ich dankbar. Liebe Grüße |
01.04.2013, 14:42 | #2 |
/// Helfer-Team | Daten auf Festplatte überspielen und neu aufsetzen nach GVU-Trojanerlass uns erst schauen, ob aktive Malware vorhanden ist: Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers dann: Systemscan mit OTL (bebilderte Anleitung) Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe
__________________ |
10.04.2013, 17:23 | #3 |
| Daten auf Festplatte überspielen und neu aufsetzen nach GVU-Trojaner sorry für die späte Antwort, kam in der letzten Zeit einfach nicht zu...
__________________habe das mbar durchlaufen lassen und er hat zu meinem erstaunen "Scan Finished: No malware found" angezeigt. Kann ich jetzt sicher sein, oder erstmal noch OTL durchlaufen lassen? |
10.04.2013, 18:17 | #4 |
/// Helfer-Team | Daten auf Festplatte überspielen und neu aufsetzen nach GVU-Trojaner ja, los gehts. |
16.04.2013, 20:34 | #5 |
| Daten auf Festplatte überspielen und neu aufsetzen nach GVU-Trojaner [2012.12.29 18:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.12.29 18:18:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.12.29 18:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.12.29 18:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2012.12.27 02:54:24 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Projekte [2012.12.22 13:21:35 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012.12.22 13:21:35 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012.12.22 13:21:35 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012.12.22 13:21:33 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012.12.12 15:28:51 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2012.12.12 15:28:51 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2012.12.03 18:36:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 [2012.12.03 18:26:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF24 [2012.12.03 18:22:51 | 016,813,616 | ---- | C] (Geek Software GmbH ) -- C:\Users\***\Desktop\pdf24-creator.exe [2012.11.28 00:11:25 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\***fe [2012.11.21 21:58:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2012.11.21 21:58:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2012.11.19 00:04:49 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.11.19 00:04:49 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.11.19 00:04:49 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012.11.18 16:33:55 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012.11.18 16:24:24 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Google [2012.11.18 16:09:33 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2012.11.18 16:09:33 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2012.11.18 14:49:02 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2012.11.18 14:49:02 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2012.11.18 14:49:02 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2012.11.18 14:49:02 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2012.11.18 03:31:29 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2012.11.18 03:31:29 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2012.11.18 03:31:29 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2012.11.18 03:31:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2012.11.18 03:31:27 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2012.11.18 03:31:27 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2012.11.18 03:31:26 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2012.11.18 03:31:26 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2012.11.18 03:31:24 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2012.11.18 03:31:24 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2012.11.18 03:31:24 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2012.11.18 03:31:24 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2012.11.18 03:31:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2012.11.18 03:31:24 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2012.11.18 03:31:23 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2012.11.18 03:31:23 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2012.11.18 03:31:22 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2012.11.18 03:31:22 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2012.11.18 03:31:22 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2012.11.18 03:31:22 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2012.11.18 03:31:22 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2012.11.18 03:31:22 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2012.11.18 03:31:21 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2012.11.18 03:31:21 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2012.11.18 03:31:21 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2012.11.18 03:31:21 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2012.11.18 03:31:20 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2012.11.18 03:31:20 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2012.11.18 03:31:20 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2012.11.18 03:31:20 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2012.11.18 03:31:20 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2012.11.18 03:31:20 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2012.11.18 03:31:18 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2012.11.18 03:31:18 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2012.11.18 03:31:18 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2012.11.18 03:31:18 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2012.11.18 03:31:18 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2012.11.18 03:31:18 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2012.11.18 03:31:18 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2012.11.18 03:31:18 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2012.11.18 03:31:17 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2012.11.18 03:31:17 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2012.11.18 03:31:16 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2012.11.18 03:31:16 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2012.11.18 03:31:16 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2012.11.18 03:31:16 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2012.11.18 03:31:16 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2012.11.18 03:31:16 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2012.11.18 03:31:16 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2012.11.18 03:31:16 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2012.11.18 03:31:15 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2012.11.18 03:31:15 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2012.11.18 03:31:15 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2012.11.18 03:31:15 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2012.11.18 03:31:14 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2012.11.18 03:31:14 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2012.11.18 03:31:12 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2012.11.18 03:31:12 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2012.11.18 03:31:12 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2012.11.18 03:31:12 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2012.11.18 03:31:12 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2012.11.18 03:31:12 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2012.11.18 03:31:10 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2012.11.18 03:31:10 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2012.11.18 03:31:10 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2012.11.18 03:31:10 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2012.11.18 03:31:08 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2012.11.18 03:31:08 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2012.11.18 03:31:08 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2012.11.18 03:31:08 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2012.11.18 03:31:07 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2012.11.18 03:31:07 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2012.11.18 03:31:07 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2012.11.18 03:31:07 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2012.11.18 03:31:05 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2012.11.18 03:31:05 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2012.11.18 03:31:04 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2012.11.18 03:31:04 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2012.11.18 03:31:03 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2012.11.18 03:31:03 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2012.11.18 03:31:02 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2012.11.18 03:31:02 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2012.11.18 03:31:01 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2012.11.18 03:31:01 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2012.11.18 03:31:01 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2012.11.18 03:31:01 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2012.11.18 03:31:00 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2012.11.18 03:31:00 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2012.11.18 03:30:58 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2012.11.18 03:30:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2012.11.18 03:30:56 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2012.11.18 03:30:56 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2012.11.18 03:30:56 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2012.11.18 03:30:56 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2012.11.18 03:30:55 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2012.11.18 03:30:55 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2012.11.18 03:30:54 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2012.11.18 03:30:54 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2012.11.18 03:30:54 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2012.11.18 03:30:54 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2012.11.18 03:30:54 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2012.11.18 03:30:54 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2012.11.18 03:30:53 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2012.11.18 03:30:53 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2012.11.18 03:30:52 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2012.11.18 03:30:52 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2012.11.18 03:30:52 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2012.11.18 03:30:52 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2012.11.18 03:30:52 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2012.11.18 03:30:52 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2012.11.18 03:30:52 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2012.11.18 03:30:52 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2012.11.18 03:30:51 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2012.11.18 03:30:51 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2012.11.18 03:30:50 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2012.11.18 03:30:50 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2012.11.18 03:30:49 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2012.11.18 03:30:49 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2012.11.18 03:30:49 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2012.11.18 03:30:49 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2012.11.18 03:30:49 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2012.11.18 03:30:49 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2012.11.18 03:30:48 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2012.11.18 03:30:48 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2012.11.18 03:30:47 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2012.11.18 03:30:47 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2012.11.18 03:30:46 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2012.11.18 03:30:46 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2012.11.18 03:30:45 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2012.11.18 03:30:45 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2012.11.18 03:30:40 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2012.11.18 03:30:40 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2012.11.18 03:30:39 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2012.11.18 03:30:39 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2012.11.18 03:30:39 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2012.11.18 03:30:39 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2012.11.18 03:30:39 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2012.11.18 03:30:39 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2012.11.18 03:30:39 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2012.11.18 03:30:39 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2012.11.18 03:30:38 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2012.11.18 03:30:38 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2012.11.18 03:30:36 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2012.11.18 03:30:36 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2012.11.18 03:30:36 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2012.11.18 03:30:36 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2012.11.18 03:30:34 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2012.11.18 03:30:34 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2012.11.18 03:30:24 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2012.11.18 03:30:24 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2012.11.18 03:30:22 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2012.11.18 03:30:22 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2012.11.18 03:30:22 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2012.11.18 03:30:22 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2012.11.18 03:30:21 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2012.11.18 03:30:21 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2012.11.18 03:30:20 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2012.11.18 03:30:20 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2012.11.18 03:30:19 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2012.11.18 03:30:19 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2012.11.18 03:30:19 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2012.11.18 03:30:19 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2012.11.18 03:30:17 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2012.11.18 03:30:17 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2012.11.18 03:30:17 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2012.11.18 03:30:17 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2012.11.18 03:29:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bitComposer Games [2012.11.15 17:29:16 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012.11.15 17:29:16 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2012.11.15 17:29:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2012.11.15 17:29:10 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2012.11.15 17:29:10 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2012.11.15 17:29:10 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll [2012.11.15 17:29:10 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll [2012.11.15 17:29:09 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2012.11.15 17:29:09 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2012.11.15 17:28:44 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2012.11.15 17:28:44 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2012.10.25 04:12:26 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx [2012.10.25 04:12:26 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts [2012.10.21 22:49:10 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Outlook-Dateien [2012.06.05 19:31:42 | 017,246,080 | ---- | C] (SugarSync, Inc.) -- C:\Users\***\SugarSyncSetup.exe [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 180 Days ========== [2013.04.16 18:25:16 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3935521269-363780689-3948607049-1001UA.job [2013.04.16 18:25:09 | 000,002,376 | ---- | M] () -- C:\Users\***\Desktop\Google Chrome.lnk [2013.04.16 18:24:03 | 000,000,043 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini [2013.04.16 18:24:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.04.16 18:24:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3935521269-363780689-3948607049-1001Core.job [2013.04.16 18:23:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.10 18:07:17 | 012,894,739 | ---- | M] () -- C:\Users\***\Desktop\mbar-1.01.0.1022.zip [2013.04.10 17:36:27 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.10 17:36:27 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.10 17:34:59 | 001,614,964 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.10 17:34:59 | 000,697,550 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.10 17:34:59 | 000,652,828 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.10 17:34:59 | 000,148,556 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.10 17:34:59 | 000,121,502 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.10 17:27:48 | 3111,514,112 | -HS- | M] () -- C:\hiberfil.sys [2013.04.10 17:22:20 | 000,423,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.03.31 15:03:09 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.03.31 15:03:09 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.03.22 00:18:42 | 000,071,240 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Users\***\Desktop\qicod4.dll [2013.03.22 00:18:42 | 000,032,328 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Users\***\Desktop\qico4.dll [2013.03.22 00:18:33 | 006,292,552 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Users\***\Desktop\QtGui4.dll [2013.03.22 00:18:32 | 002,169,416 | ---- | M] (Malwarebytes Corporation) -- C:\Users\***\Desktop\mbamnet.dll [2013.03.22 00:18:32 | 002,030,664 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Users\Kevin\Desktop\QtCore4.dll [2013.03.22 00:18:32 | 001,093,192 | ---- | M] (Malwarebytes Corporation) -- C:\Users\***\Desktop\mbamcore.dll [2013.03.22 00:18:32 | 000,774,728 | ---- | M] (Microsoft Corporation) -- C:\Users\***\Desktop\msvcr100.dll [2013.03.22 00:18:32 | 000,500,296 | ---- | M] (Malwarebytes Corporation) -- C:\Users\***\Desktop\mbam.dll [2013.03.22 00:18:32 | 000,421,960 | ---- | M] (Microsoft Corporation) -- C:\Users\***\Desktop\msvcp100.dll [2013.03.22 00:18:29 | 001,363,016 | ---- | M] (Malwarebytes Corporation) -- C:\Users\***\Desktop\mbar.exe [2013.03.22 00:18:29 | 000,748,616 | ---- | M] (Malwarebytes Corporation) -- C:\Users\***\Desktop\fixdamage.exe [2013.03.22 00:17:51 | 000,000,136 | ---- | M] () -- C:\Users\***\Desktop\build.conf [2013.03.21 19:51:50 | 006,162,115 | ---- | M] () -- C:\Users\***\Desktop\rules.ref [2013.03.21 19:51:50 | 000,000,765 | ---- | M] () -- C:\Users\***\Desktop\database.conf [2013.03.21 19:51:46 | 000,000,538 | ---- | M] () -- C:\Users\***\Desktop\local.conf [2013.02.12 06:12:05 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2013.02.09 15:53:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.02.02 08:57:02 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.02.02 08:47:24 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.02.02 08:46:15 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.02.02 08:42:18 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.02.02 08:42:08 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.02.02 08:41:51 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.02.02 08:40:19 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.02.02 08:38:20 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.02.02 08:34:01 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.02.02 05:30:32 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.02.02 05:29:22 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.02.02 05:26:47 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.02.02 05:26:45 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.02.02 05:23:44 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.02.02 05:20:00 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.01.25 22:06:26 | 000,006,461 | ---- | M] () -- C:\Users\***\Desktop\swissarmy.ref [2013.01.15 00:46:45 | 000,322,237 | ---- | M] () -- C:\Users\***\Desktop\Begriffsdefinitionen ***.pdf [2013.01.10 18:12:56 | 001,592,858 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.01.05 07:53:43 | 005,553,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.01.05 07:00:15 | 003,967,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.01.05 07:00:11 | 003,913,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.01.04 07:46:09 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013.01.04 06:51:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013.01.04 04:47:35 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013.01.04 04:47:34 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013.01.04 04:47:34 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013.01.04 04:47:33 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013.01.03 18:54:34 | 512,385,986 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.01.03 08:00:42 | 000,288,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2012.12.29 18:18:59 | 000,001,755 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.12.22 22:34:02 | 000,171,232 | ---- | M] () -- C:\Users\***\Desktop\6591267507_7dc2ffc1ff_b.jpg [2012.12.16 19:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012.12.16 16:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012.12.16 16:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012.12.16 16:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012.12.07 15:20:16 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2012.12.07 15:15:31 | 002,746,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2012.12.07 14:26:17 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2012.12.07 14:20:43 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2012.12.07 13:20:04 | 000,030,720 | ---- | M] (Microsoft) -- C:\Windows\SysNative\usk.rs [2012.12.07 13:20:03 | 000,043,520 | ---- | M] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2012.12.07 13:20:03 | 000,023,552 | ---- | M] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2012.12.07 13:20:01 | 000,045,568 | ---- | M] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2012.12.07 13:20:01 | 000,044,544 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2012.12.07 13:20:01 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2012.12.07 13:20:00 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2012.12.07 13:19:59 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2012.12.07 13:19:58 | 000,046,592 | ---- | M] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2012.12.07 13:19:57 | 000,040,960 | ---- | M] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2012.12.07 13:19:57 | 000,021,504 | ---- | M] (Microsoft) -- C:\Windows\SysNative\grb.rs [2012.12.07 13:19:57 | 000,015,360 | ---- | M] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2012.12.07 13:19:56 | 000,055,296 | ---- | M] (Microsoft) -- C:\Windows\SysNative\cero.rs [2012.12.07 13:19:55 | 000,051,712 | ---- | M] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2012.12.07 12:46:42 | 000,043,520 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2012.12.07 12:46:42 | 000,030,720 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2012.12.07 12:46:41 | 000,045,568 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2012.12.07 12:46:41 | 000,044,544 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2012.12.07 12:46:41 | 000,023,552 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2012.12.07 12:46:41 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2012.12.07 12:46:40 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2012.12.07 12:46:39 | 000,046,592 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2012.12.07 12:46:39 | 000,020,480 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2012.12.07 12:46:38 | 000,021,504 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2012.12.07 12:46:37 | 000,040,960 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2012.12.07 12:46:37 | 000,015,360 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2012.12.07 12:46:36 | 000,055,296 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2012.12.07 12:46:36 | 000,051,712 | ---- | M] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2012.12.03 18:36:42 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\PDF24 Editor.lnk [2012.12.03 18:36:42 | 000,001,825 | ---- | M] () -- C:\Users\Public\Desktop\PDF24 Fax.lnk [2012.12.03 18:23:15 | 016,813,616 | ---- | M] (Geek Software GmbH ) -- C:\Users\***\Desktop\pdf24-creator.exe [2012.12.01 16:14:46 | 000,003,584 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.11.30 07:45:35 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012.11.30 07:45:35 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012.11.30 07:45:35 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012.11.30 07:43:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012.11.30 07:41:07 | 001,161,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012.11.30 07:41:07 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012.11.30 07:38:45 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012.11.30 07:38:45 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012.11.30 07:38:45 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012.11.30 07:38:45 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012.11.30 07:38:45 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012.11.30 07:38:45 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.11.30 07:38:45 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012.11.30 07:38:45 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012.11.30 07:38:45 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012.11.30 07:38:45 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012.11.30 07:38:45 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012.11.30 07:38:45 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012.11.30 07:38:45 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012.11.30 07:38:44 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012.11.30 07:38:44 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012.11.30 07:38:44 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012.11.30 07:38:44 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012.11.30 07:38:44 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012.11.30 07:38:44 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012.11.30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012.11.30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012.11.30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012.11.30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012.11.30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012.11.30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012.11.30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012.11.30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012.11.30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012.11.30 06:45:15 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012.11.30 06:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012.11.30 06:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012.11.30 06:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012.11.30 06:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012.11.30 06:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012.11.30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012.11.30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012.11.30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012.11.30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012.11.30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012.11.30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012.11.30 06:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012.11.30 06:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.11.30 06:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012.11.30 06:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012.11.30 06:45:14 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012.11.30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012.11.30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012.11.30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012.11.30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012.11.30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012.11.30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012.11.30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012.11.30 05:23:48 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012.11.30 04:38:59 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012.11.30 04:38:59 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012.11.30 04:38:59 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012.11.30 04:38:59 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012.11.29 21:13:59 | 000,017,408 | ---- | M] () -- C:\Users\***\AppData\Local\WebpageIcons.db [2012.11.28 19:29:39 | 000,091,541 | ---- | M] () -- C:\Users\***\Desktop\***Logo.jpg [2012.11.23 05:13:57 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2012.11.22 07:44:23 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2012.11.21 21:58:59 | 000,001,817 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2012.11.20 07:48:49 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.11.19 19:29:00 | 000,036,034 | ---- | M] () -- C:\Users\***\Desktop\IMG00**.jpg [2012.11.09 07:45:32 | 000,750,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2012.11.09 06:43:04 | 000,492,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2012.11.08 01:17:18 | 000,540,917 | ---- | M] () -- C:\Users\**\Desktop\ReadMe.rtf [2012.11.02 07:59:11 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2012.11.02 07:11:31 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2012.10.25 04:12:26 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx [2012.10.25 04:12:26 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts [2012.10.22 23:46:49 | 000,188,832 | ---- | M] () -- C:\Users\**\Desktop\Buchung *** ***.JPG [2012.10.22 23:38:06 | 000,202,901 | ---- | M] () -- C:\Users\**\Desktop\Buchung ***.JPG [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.04.10 18:07:06 | 012,894,739 | ---- | C] () -- C:\Users\***\Desktop\mbar-1.01.0.1022.zip [2013.03.22 00:17:43 | 000,540,917 | ---- | C] () -- C:\Users\***\Desktop\ReadMe.rtf [2013.03.22 00:17:43 | 000,067,432 | ---- | C] () -- C:\Users\***\Desktop\License.rtf [2013.03.22 00:17:43 | 000,023,390 | ---- | C] () -- C:\Users\***\Desktop\English.lng [2013.03.22 00:17:43 | 000,006,461 | ---- | C] () -- C:\Users\***\Desktop\swissarmy.ref [2013.03.22 00:17:43 | 000,000,136 | ---- | C] () -- C:\Users\***\Desktop\build.conf [2013.03.22 00:17:42 | 006,162,115 | ---- | C] () -- C:\Users\***\Desktop\rules.ref [2013.03.22 00:17:42 | 000,003,653 | ---- | C] () -- C:\Users\***\Desktop\config.conf [2013.03.22 00:17:42 | 000,000,765 | ---- | C] () -- C:\Users\***\Desktop\database.conf [2013.03.22 00:17:42 | 000,000,538 | ---- | C] () -- C:\Users\***\Desktop\local.conf [2013.03.22 00:17:42 | 000,000,202 | ---- | C] () -- C:\Users\***\Desktop\manifest.conf [2013.01.15 00:46:44 | 000,322,237 | ---- | C] () -- C:\Users\***\Desktop\Begriffsdefinitionen ***.pdf [2012.12.29 18:18:59 | 000,001,755 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.12.22 22:34:02 | 000,171,232 | ---- | C] () -- C:\Users\***\Desktop\659***f_b.jpg [2012.12.03 18:36:42 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\PDF24 Editor.lnk [2012.12.03 18:36:42 | 000,001,825 | ---- | C] () -- C:\Users\Public\Desktop\PDF24 Fax.lnk [2012.11.28 19:29:39 | 000,091,541 | ---- | C] () -- C:\Users\***\Desktop\***Logo.jpg [2012.11.21 21:58:59 | 000,001,817 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2012.11.19 19:29:45 | 000,036,034 | ---- | C] () -- C:\Users\***\Desktop\IM***4.jpg [2012.11.18 16:34:01 | 000,002,376 | ---- | C] () -- C:\Users\***\Desktop\Google Chrome.lnk [2012.11.18 16:24:38 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3935521269-363780689-3948607049-1001UA.job [2012.11.18 16:24:26 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3935521269-363780689-3948607049-1001Core.job [2012.11.18 16:09:34 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012.11.18 14:49:01 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012.10.22 23:46:49 | 000,188,832 | ---- | C] () -- C:\Users\***\Desktop\***.JPG [2012.10.22 23:38:06 | 000,202,901 | ---- | C] () -- C:\Users\***\Desktop\***.JPG [2012.09.12 18:54:43 | 000,017,408 | ---- | C] () -- C:\Users\***\AppData\Local\WebpageIcons.db [2011.10.13 15:00:28 | 000,000,043 | ---- | C] () -- C:\Windows\gswin32.ini [2011.01.13 01:59:19 | 000,003,584 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.09.24 19:48:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Canon [2011.01.13 00:12:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Packard Bell [2013.04.10 17:30:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Peoz [2013.03.07 18:53:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Qeri [2012.03.02 16:20:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SampleDecks [2012.07.15 11:51:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SNS [2011.01.23 21:40:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client [2011.01.13 00:45:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird [2011.01.23 21:36:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TP [2013.02.25 18:10:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Wecoaf [2012.07.14 15:29:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WildTangent [2011.01.13 02:00:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WindSolutions ========== Purity Check ========== < End of report > [/QUOTE] Extras: OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 16.04.2013 18:43:57 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 55,36% Memory free 7,73 Gb Paging File | 5,58 Gb Available in Paging File | 72,29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 685,84 Gb Total Space | 474,96 Gb Free Space | 69,25% Space Free | Partition Type: NTFS Drive D: | 689,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ***-PC | User Name:*** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 180 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{028826FC-F163-411E-9AD8-B6B5103A6B36}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{04F889DE-A535-4A5D-813D-6320F05A0BCC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{263EC57A-D75F-4DF1-95CD-13626D0A2D48}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2B083249-288D-4B16-93BB-11AD66EA7BC4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{49780D52-39D8-4D80-A412-A7257E77F515}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{4A199B58-D37C-42A4-BCB0-4A1326077121}" = rport=10243 | protocol=6 | dir=out | app=system | "{4E1E8409-4F66-4791-9C45-BE20119921E7}" = lport=137 | protocol=17 | dir=in | app=system | "{59CE682D-7765-4C19-9540-8E76C42F18A5}" = lport=139 | protocol=6 | dir=in | app=system | "{5F132B53-9FA0-417D-82B2-F69EDB46656E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{62B47E3B-3766-4133-82B3-C38659F93C6E}" = lport=2869 | protocol=6 | dir=in | app=system | "{70A02A3D-33AE-44DE-A1AC-F7354D34D603}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{74B2A0BD-70C3-42D3-9D48-F7E05F1E76B7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7919D6CB-6486-4270-800F-0AAD55E8DC12}" = rport=138 | protocol=17 | dir=out | app=system | "{7B79E538-558B-4D41-AA4E-638E6F59AD0D}" = rport=137 | protocol=17 | dir=out | app=system | "{854B139E-4988-4F9E-A722-9154BF554197}" = rport=139 | protocol=6 | dir=out | app=system | "{8B5B0320-BD6E-4BD9-BCFC-657D50193A9F}" = lport=2869 | protocol=6 | dir=in | app=system | "{91350217-1846-48D5-856A-1479AC8D623F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A8988493-FA59-4EDC-8CC2-ACDC8D51051F}" = rport=445 | protocol=6 | dir=out | app=system | "{AF583596-459A-4F3A-BECE-4A0E0F8A14DD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{BBEFF346-3133-40DA-91EC-F95AF816080A}" = lport=445 | protocol=6 | dir=in | app=system | "{D42F0334-6733-44EB-8D35-004F8200AFF7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D45331E2-305D-4B80-9CDF-ECB1EF9D090B}" = lport=138 | protocol=17 | dir=in | app=system | "{DF71C1F4-9616-4E41-AD78-F675B9855243}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E4FE71DD-6FB8-4452-94AD-59503B6D905C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F0254A9B-F553-42EE-AF45-57A7C4143B5E}" = lport=10243 | protocol=6 | dir=in | app=system | "{FAFE8F25-6665-4556-97DD-62129DACFCA6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{084CB227-4435-4C17-9688-218884273BE4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{1062A95E-B3B4-4DB4-82DE-98B5DCFE3304}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{1A9A99A8-01E4-4D6D-919D-F253A49D5B06}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2CA10462-2644-47DD-ACAF-2A9D95CBDD71}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2E0EC93B-8C7D-436F-8B99-20D6141D15E6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{2E939F56-6624-4777-9986-FE1FEEC2C550}" = protocol=17 | dir=in | app=c:\program files (x86)\searchqu toolbar\datamngr\toolbar\dtuser.exe | "{5276D38A-9B09-4764-A389-2E6A59A4F252}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{52D24D10-8C87-4EA8-A293-E607B8E04057}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{587B1AC5-D7F0-4CA9-B3C0-C072EB1D921D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5A0BD52D-8632-40E0-9EB1-C123ABE22FFD}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{5E5109CC-508E-4B6F-9582-E373D96D617F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{6EABCF68-62FD-4B26-99BF-3E8E8539ED6F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{75425A4D-3B98-40D2-8F33-3778ABE80CCA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{7667CEAB-7DF0-4D58-A6A2-C4EDA1C8D57C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{7759640E-2531-4F03-895C-3FAEF1E2C38A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{8803D560-8DAB-4B24-8931-67EFDFB62579}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{949BAB8C-1A83-4F24-8FA6-8333C2AAD698}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{9C55CC07-B812-439E-A368-0EC7A42CBD05}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{AAE99E27-9A24-41F8-BB93-8B5C9A706B65}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{AD98123C-CD79-4580-A499-473F2B97EF6F}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{B36333A8-DE31-4F33-834F-2E9D2BB43045}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{B6941A5A-2E3A-4F02-A317-56A8F7254932}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{C20DE9B5-F7CF-4F67-B340-711A7024A67F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{C44A21F4-DBC5-47A9-B975-7C295F2BC449}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{CCECC4C7-D1CD-40EA-82AF-429440EF33C6}" = protocol=6 | dir=in | app=c:\program files (x86)\searchqu toolbar\datamngr\toolbar\dtuser.exe | "{D8AB2C45-2F3E-44B0-AF3B-1DE7DCE704EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DF45AB82-27A2-4932-A24D-873C401BDECE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{E017B855-4925-4DEF-8568-E6B1E7AFFD6D}" = protocol=6 | dir=in | app=c:\program files (x86)\*** applications\***\***.exe | "{E6368C72-68B8-4803-A8EB-6C77A072B0DF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{E7A95E7A-B47F-4C00-A5A5-61B56A591D4B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{E7EC16E7-2A3C-40ED-8527-F0E595480FF1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{F0B2528D-1E8A-4580-8C0F-00B128BCCF4C}" = protocol=6 | dir=out | app=system | "{F9278AFC-2366-4E41-A511-451698101637}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe | "{FFCD2547-B4C6-424C-84FD-A80CAED8D7FA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "TCP Query User{2807F990-692D-4749-9D7D-9A1707443E35}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe | "TCP Query User{C3AA4260-E5EB-4DFD-A087-3CADE72E4645}C:\program files (x86)*** applications***\***.exe" = protocol=6 | dir=in | app=c:\program files (x86)\*** applications\bearshare\bearshare.exe | "TCP Query User{EC37881B-FD8C-4EDD-A79D-D3ADF33A9434}C:\users\***\appdata\roaming\peoz\usxy.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\peoz\usxy.exe | "UDP Query User{A7A7A3CC-D3EE-4CAC-8795-B4448CDADA75}C:\users\***\appdata\roaming\peoz\usxy.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\peoz\usxy.exe | "UDP Query User{ACCC3D6D-11FF-402F-B0AC-6A8656E4651F}C:\program files (x86)\*** applications\***.exe" = protocol=17 | dir=in | app=c:\program files (x86)\***applications\***.exe | "UDP Query User{FE0A12BF-CA3C-4A1B-A6AD-86637A1CA940}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon *** series MP Drivers "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon *** series MP Drivers "{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64) "{2BF35D84-6377-4F70-9F39-97CF67E67FFF}" = Microsoft IntelliPoint 8.0 "{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud "{8B79B3A9-6E49-5FFB-2017-A822BBDC4992}" = ATI Catalyst Install Manager "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010 "{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{98C8DF59-BE5F-4EC2-9B12-FD2A54928EDB}" = Microsoft IntelliType Pro 8.0 "{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller "{B0B97CF2-5032-A645-7FFC-BD1E39FC4E3F}" = ccc-utility64 "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium "{02A414EA-0E5F-CD08-61EF-E155F31DFF76}" = Catalyst Control Center Graphics Previews Vista "{08938019-97FA-1C7A-19E0-0C8D56ED7CB2}" = CCC Help Hungarian "{0A4D717B-E6E8-11FA-E7D2-385EBB1A4A85}" = CCC Help Japanese "{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{13BA5548-1065-4DBE-B115-681AFB77263B}" = CCC Help Swedish "{16337ff7-9fb9-4476-837b-acc962fc4bc5}" = Nero 9 Essentials "{16890D7F-1C77-733B-D8E4-F5D4315A5F93}" = Catalyst Control Center Localization All "{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0 "{1CBDB473-E303-EFAE-88D1-6F741ACD5B31}" = CCC Help Czech "{1D8912B0-343C-EB1F-28EE-B672D444C192}" = Catalyst Control Center InstallProxy "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{2222706F-666A-4037-7777-202328764D10}" = JavaFX 2.0.2 SDK "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2C59BF0E-66A5-681E-60FE-8D18CE6319A1}" = CCC Help German "{2C9D4FCA-3E7F-9368-6955-EA6D65F7DC78}" = CCC Help English "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{32A3A4F4-B792-11D6-A78A-00B0D0170020}" = Java(TM) SE Development Kit 7 Update 2 "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{3788B9B7-C15F-4C64-D52B-3DD1BA494B7A}" = CCC Help Korean "{3D200EB9-44FC-432F-1E35-C20AB5FDCD77}" = CCC Help Thai "{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{44D52071-5077-2839-1AE6-863563AEA269}" = CCC Help Russian "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4BCBC4D0-1D88-462D-809E-506F34EA11C0}" = Catalyst Control Center - Branding "{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync "{5928359F-BF46-4646-BF19-B64E55171EB5}" = FILSHtray "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{5F624839-947D-46EA-BD63-FD847C1AC6F1}" = *** "{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell" = WildTangent Games App (Packard Bell Games) "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management "{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.1.0 "{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help "{83299633-1261-47A3-84F3-6F02B4B8CDB1}" = Video Web Camera "{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{87976D85-DBF6-F263-39B6-500ACB658CE0}" = Catalyst Control Center Graphics Full Existing "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BBB29A1-C71D-DD1D-66B1-352AAAB13FC6}" = CCC Help Danish "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center "{9F4D1D9E-5542-B572-81A7-9DCB0AEED1BE}" = CCC Help French "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A2D6ECD0-7E52-42B7-9236-DB2951436616}_is1" = Foto-Mosaik-Edda Standard V6.6.11333.1 "{A3EF3FAD-6ABA-1551-AD3B-D09361C5EEC9}" = CCC Help Polish "{A73FBC00-44F8-0ECF-76FB-14CF62120B55}" = ccc-core-static "{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{AACEAAE9-9CC3-5715-4539-EB13CA3C67BA}" = CCC Help Spanish "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.7 MUI "{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime "{B2463AD3-1334-A30E-A523-D38E8E7B09A2}" = CCC Help Dutch "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{BA2AD7F2-55AE-87B5-00DD-9B0C6F087FD0}" = Catalyst Control Center Graphics Light "{BC940CD7-FC71-83C5-2001-CF6FD07BA3D1}" = CCC Help Chinese Traditional "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{BF847A60-119D-6888-B2DA-EC62F1B66BBB}" = CCC Help Chinese Standard "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update "{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade "{C97396A9-44BC-C856-0B92-93A6A417D6A8}" = Catalyst Control Center Graphics Full New "{CA10114E-3941-E8ED-70A3-17CAA2226AFC}" = CCC Help Turkish "{CAB89605-7C12-8082-32DF-B419C696BD12}" = Catalyst Control Center Core Implementation "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials "{cb8abcef-9183-4de7-9b90-3443479441f2}_is1" = SampleDecks 2.0.0 "{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support "{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}" = WinZip 15.0 "{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver "{D98C2191-0AE0-4087-9153-018A4810DF45}" = CCC Help Norwegian "{DD89CE29-BC88-40C6-A845-E2548682C5D6}" = Alcor Micro USB Card Reader "{DF7D3C5E-87FC-6AE6-D986-35E0F05FEFD9}" = CCC Help Italian "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide "{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{EBA8538C-F0B1-A089-D555-44DBF3A47C9F}" = CCC Help Finnish "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F22E305E-BD02-5CC1-92D0-BD7170CDFE45}" = CCC Help Portuguese "{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool "{FD4B3108-0915-31E1-5A7C-AC5B3C33846C}" = CCC Help Greek "12389d0863a0588ade0a083ab5270573" = Plants vs. Zombies(TM) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0 "AFPL Ghostscript 8.54" = AFPL Ghostscript 8.54 "AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts "Avira AntiVir Desktop" = Avira Free Antivirus *** "Canon *** series Benutzerregistrierung" = *** series Benutzerregistrierung "Canon *** series Benutzerregistrierung" =*** series Benutzerregistrierung "CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program "CanonMyPrinter" = Canon My Printer "CanonSolutionMenuEX" = Canon Solution Menu EX "Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX "Easy-WebPrint EX" = Canon Easy-WebPrint EX "Identity Card" = Identity Card "InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Packard Bell MyBackup "InstallShield_{DD89CE29-BC88-40C6-A845-E2548682C5D6}" = Alcor Micro USB Card Reader "jZip" = jZip "LManager" = Launch Manager "MediaNavigation.CDLabelPrint" = CD-LabelPrint "Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de) "Mozilla Thunderbird 9.0.1 (x86 de)" = Mozilla Thunderbird 9.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MP Navigator EX 4.0" = Canon MP Navigator EX 4.0 "nbi-nb-base-7.1.0.0.0" = NetBeans IDE 7.1 "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "Office14.SingleImage" = Microsoft Office Home and Student 2010 "Packard Bell InfoCentre" = Packard Bell InfoCentre "Packard Bell Registration" = Packard Bell Registration "Packard Bell Screensaver" = Packard Bell ScreenSaver "Packard Bell Welcome Center" = Welcome Center "RealPlayer 15.0" = RealPlayer "Searchqu Toolbar" = Searchqu Toolbar "VLC media player" = VLC media player 1.1.6 "WildTangent packardbell Master Uninstall" = Packard Bell Games "WinLiveSuite_Wave3" = Windows Live Essentials "WT088216" = Agatha Christie - Death on the Nile "WT088226" = Bejeweled 2 Deluxe "WT088228" = Build-a-lot 2 "WT088235" = Chuzzle Deluxe "WT088238" = Diner Dash 2 Restaurant Rescue "WT088260" = Farm Frenzy "WT088268" = Insaniquarium Deluxe "WT088269" = Jewel Quest Solitaire 2 "WT088283" = Plants vs. Zombies "WT088292" = Zuma Deluxe "WT088416" = FATE "WT088420" = Final Drive Nitro "WT088448" = John Deere Drive Green "WT088452" = Penguins! "WT088456" = Polar Bowler "WT088460" = Polar Golfer "WT088508" = Virtual Villagers 4 - The Tree of Life "WT088531" = Zuma's Revenge "Zattoo4" = Zattoo4 4.0.5 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3935521269-363780689-3948607049-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 18.12.2011 23:28:22 | Computer Name = ***-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 18.12.2011 23:28:22 | Computer Name = ***-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 12215 Error - 18.12.2011 23:28:22 | Computer Name = ***-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 12215 Error - 18.12.2011 23:28:23 | Computer Name = ***-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 18.12.2011 23:28:23 | Computer Name = ***-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 13229 Error - 18.12.2011 23:28:23 | Computer Name = ***-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 13229 Error - 18.12.2011 23:28:24 | Computer Name = ***-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 18.12.2011 23:28:24 | Computer Name = ***-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 14228 Error - 18.12.2011 23:28:24 | Computer Name =***-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 14228 Error - 19.12.2011 15:16:25 | Computer Name = ***-PC | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. [ Media Center Events ] Error - 14.05.2011 04:26:31 | Computer Name = ***-PC | Source = MCUpdate | ID = 0 Description = 10:26:31 - Fehler beim Herstellen der Internetverbindung. 10:26:31 - Serververbindung konnte nicht hergestellt werden.. Error - 14.05.2011 04:26:36 | Computer Name = ***-PC | Source = MCUpdate | ID = 0 Description = 10:26:36 - Fehler beim Herstellen der Internetverbindung. 10:26:36 - Serververbindung konnte nicht hergestellt werden.. Error - 15.07.2011 13:05:16 | Computer Name =***-PC | Source = MCUpdate | ID = 0 Description = 19:05:16 - Fehler beim Herstellen der Internetverbindung. 19:05:16 - Serververbindung konnte nicht hergestellt werden.. Error - 15.07.2011 13:05:29 | Computer Name = ***-PC | Source = MCUpdate | ID = 0 Description = 19:05:21 - Fehler beim Herstellen der Internetverbindung. 19:05:21 - Serververbindung konnte nicht hergestellt werden.. Error - 13.09.2011 09:11:53 | Computer Name = ***-PC | Source = MCUpdate | ID = 0 Description = 15:11:53 - Fehler beim Herstellen der Internetverbindung. 15:11:53 - Serververbindung konnte nicht hergestellt werden.. Error - 13.09.2011 09:12:05 | Computer Name = ***-PC | Source = MCUpdate | ID = 0 Description = 15:11:58 - Fehler beim Herstellen der Internetverbindung. 15:11:58 - Serververbindung konnte nicht hergestellt werden.. Error - 20.09.2011 02:18:32 | Computer Name = ***-PC | Source = MCUpdate | ID = 0 Description = 08:18:32 - Fehler beim Herstellen der Internetverbindung. 08:18:32 - Serververbindung konnte nicht hergestellt werden.. Error - 20.09.2011 02:18:44 | Computer Name = ***-PC | Source = MCUpdate | ID = 0 Description = 08:18:37 - Fehler beim Herstellen der Internetverbindung. 08:18:37 - Serververbindung konnte nicht hergestellt werden.. Error - 20.09.2011 03:18:48 | Computer Name = ***-PC | Source = MCUpdate | ID = 0 Description = 09:18:48 - Fehler beim Herstellen der Internetverbindung. 09:18:48 - Serververbindung konnte nicht hergestellt werden.. Error - 20.09.2011 03:18:54 | Computer Name = ***-PC | Source = MCUpdate | ID = 0 Description = 09:18:53 - Fehler beim Herstellen der Internetverbindung. 09:18:53 - Serververbindung konnte nicht hergestellt werden.. [ System Events ] Error - 10.04.2013 11:22:31 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Aufgabenplanung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error - 10.04.2013 11:22:31 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Benachrichtigungsdienst für Systemereignisse" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error - 10.04.2013 11:22:31 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Shellhardwareerkennung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error - 10.04.2013 11:22:31 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Designs" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error - 10.04.2013 11:22:31 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error - 10.04.2013 11:23:12 | Computer Name = ***-PC | Source = DCOM | ID = 10016 Description = Error - 10.04.2013 11:23:31 | Computer Name = **-PC | Source = Service Control Manager | ID = 7032 Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Shellhardwareerkennung" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error - 10.04.2013 11:23:31 | Computer Name = **-PC | Source = Service Control Manager | ID = 7032 Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Server" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error - 10.04.2013 11:24:31 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7032 Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error - 10.04.2013 11:29:58 | Computer Name = ***-PC | Source = DCOM | ID = 10016 Description = < End of report > soooo da isses ... mittlerweile hatte ich auch schon wichtige dateien über ne live-cd auf ne festplatte gespielt ich habs 2-geteilt da es leider nicht komplett passte - hier Teil 2 mfg Aus i. Einem grund hat er jetzt nur den 2. teil gepostet. Kann ich dir auch die gesamten logfiles per PN schicken? Das *** der Namen ist doch ziemlich aufwändig |
19.04.2013, 17:50 | #6 |
/// Helfer-Team | Daten auf Festplatte überspielen und neu aufsetzen nach GVU-Trojaner OTL.txt feht. nur die posten.
__________________ --> Daten auf Festplatte überspielen und neu aufsetzen nach GVU-Trojaner |
03.06.2013, 12:28 | #7 |
/// Helfer-Team | Daten auf Festplatte überspielen und neu aufsetzen nach GVU-Trojaner Fehlende Rückmeldung Gibt es Probleme beim Abarbeiten obiger Anleitung? Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen. Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema. http://www.trojaner-board.de/69886-a...-beachten.html Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist. |
Themen zu Daten auf Festplatte überspielen und neu aufsetzen nach GVU-Trojaner |
aufsetzen, bereits, beseitigen, bilder, community, daten, daten retten, desktop, einfach, einiger, erfahrung, externe, externe festplatte, festplatte, gvu bka trojaner, möglicherweise, neu, neu aufgesetzt, neu aufsetzen, neue, platte, prima, problem, recht, schritt, stelle, system, verseucht, virenproblem, virus entfernt, wichtige, überspielen |